xYSL Token - Smart Contract Audit Report
Summary
YSL.IO Protocol is launching a new deflationary BEP20 token with locking functionality.
Notes on the contract:Audit Findings Summary
- No tokens are minted upon deployment, however any address with the Minter role has the ability to mint any amount of tokens to any address at any time as long as it does not cause the token's total supply to exceed a cap of 80,000 $xYSL. This cap cannot be changed.
- There is a 12.5% fee when transferring $xYSL. 7.5% is sent to an admin defined fee address, and 5% is sent to the 0x0 address as a burn fee. This fee is taken from the recipient of the transfer.
- These fees are constant and cannot be changed.
- Tokens taken as burn fees do not decrease the total supply. This means that after the total supply reaches 80,000, Minters will not be able to mint any further tokens. This will cause the circulating supply to decrease over time as tokens are burned from transfers.
- Users can also decrease the ciruclating supply by transferring tokens to the 0x..dead address, if desired.
- A Minter has the ability to airdrop tokens to a user from their own address. These tokens are locked, and vest linearly throughout the lock period specified by the Minter. For example: if 10% of the lock period has passed, 10% of the tokens will be available to the user.
- If a user already has locked funds, the new airdrop funds will be added to the existing lock without increasing lock time. This can result in the user gaining immediate access to a portion of these funds.
- Admins can change the fee address at any time.
- Admins can add or remove any address from a "whitelist" at any time.
- Fees will not be applied to transfers involving a whitelisted address.
- Admins can grant or revoke the Minter role to any address at any time.
- The admin role is given to the deployer of the contract.
- No external threats were identified.
- Please ensure trust in the team prior to investing as they have substantial control over the ecosystem.
- Date: October 5th, 2021.
External Threat Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
($) = payable function
# = non-constant function
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Int] IERC20Metadata (IERC20)
- [Ext] name
- [Ext] symbol
- [Ext] decimals
+ [Int] IAccessControl
- [Ext] hasRole
- [Ext] getRoleAdmin
- [Ext] grantRole #
- [Ext] revokeRole #
- [Ext] renounceRole #
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] Strings
- [Int] toString
- [Int] toHexString
- [Int] toHexString
+ [Int] IERC165
- [Ext] supportsInterface
+ ERC165 (IERC165)
- [Pub] supportsInterface
+ AccessControl (Context, IAccessControl, ERC165)
- [Pub] supportsInterface
- [Pub] hasRole
- [Int] _checkRole
- [Pub] getRoleAdmin
- [Pub] grantRole #
- modifiers: onlyRole
- [Pub] revokeRole #
- modifiers: onlyRole
- [Pub] renounceRole #
- [Int] _setupRole #
- [Int] _setRoleAdmin #
- [Prv] _grantRole #
- [Prv] _revokeRole #
+ [Int] IxYSLAdapter
- [Ext] collectxYSLFee #
- [Ext] transferSurcharge #
+ xYSLToken (IERC20, IERC20Metadata, AccessControl)
- [Pub] #
- [Ext] addToWhitelist #
- modifiers: onlyRole
- [Ext] removeFromWhitelist #
- modifiers: onlyRole
- [Ext] setMinter #
- modifiers: onlyRole
- [Ext] removeMinter #
- modifiers: onlyRole
- [Ext] setAdapter #
- modifiers: onlyRole
- [Pub] mint #
- modifiers: minterOnly
- [Pub] mintFor #
- modifiers: minterOnly
- [Ext] getAirdropped #
- modifiers: minterOnly
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- modifiers: checkHardcap
- [Int] _approve #
- [Int] _beforeTokenTransfer #
- [Int] _afterTokenTransfer #
- [Pub] lockedTokens
- [Ext] unlockedTokens
- [Pub] unlockable
- [Ext] availableTokens
- [Pub] unlock #
- [Int] _vested