| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
1k Finance - Smart Contract Audit Report
Summary
1k Finance is a new DeFi platform launching on the Binance Smart Chain.
We reviewed 1k Finance's contracts in their private GitHub repository. When the contracts are deployed to mainnet, we will verify the code and add the respective links below.
Notes on the Contracts:
- There is a tax on transfers in the amount of 1% by default. 10% of this fee is sent to the developers and the remaining is sent to the LiquidityLock contract.
- The token contract will be deployed behind upgradable proxies; meaning the team can change this contract at any time without notice.
- The team can update the transfer fee to any amount at any time; as well as the portion of the fee that goes to the development team.
- The team can also freeze the tokens in any account; preventing them from being transferred.
- The team can recover tokens and BNB erroneously sent to the token contracts.
- Users can lock with LP tokens in this contract to earn rewards in ONEK token.
- This contract receives 90% of the fees from transfers of the token and uses those tokens to provide rewards.
- Users can lock their tokens/BNB for a chosen amount of time in these contracts to earn rewards.
- There is a minimum and maximum lockup time; determined by the project team.
- The only key difference between these two contracts is that the Vault locks up tokens, while BNBVault locks up BNB.
- The team can update the token used for rewards at any time
General Notes:- On our recommendation, the project team has removed some functions that allowed for excess owner control.
- The team has also implemented recommended minor gas optimizations to slightly reduce gas costs for users.
- Utilization of SafeMath throughout the platform to prevent overflow issues.
Audit Findings Summary
- No security issues from external attackers were identified.
- Ensure trust in the project team as they have retained notable power in the ecosystem.
- Date: February 27th, 2021
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Initializable
- [Prv] isConstructor
+ ContextUpgradeSafe (Initializable)
- [Int] __Context_init #
- modifiers: initializer
- [Int] __Context_init_unchained #
- modifiers: initializer
- [Int] _msgSender
- [Int] _msgData
+ OwnableUpgradeSafe (Initializable, ContextUpgradeSafe)
- [Int] __Ownable_init #
- modifiers: initializer
- [Int] __Ownable_init_unchained #
- modifiers: initializer
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ BNBVault (Initializable, OwnableUpgradeSafe)
- [Ext] ($)
- [Pub] initialize #
- modifiers: initializer
- [Ext] setRewardPerBlock #
- modifiers: onlyOwner
- [Ext] setDevTreasury #
- modifiers: onlyOwner
- [Ext] setRewardToken #
- modifiers: onlyOwner
- [Ext] setTimeLocks #
- modifiers: onlyOwner
- [Ext] setDevPercentages #
- modifiers: onlyOwner
- [Int] addFeeAndUpdatePrice #
- [Int] updateFeeIn #
- [Pub] lockLiquidity ($)
- [Pub] extractEarnings #
- [Pub] extractLiquidity #
- [Pub] calcDevTreasuryPercentage
- [Ext] getAmountLocked
- [Ext] extractTokensIfStuck #
- modifiers: onlyOwner
- [Ext] extractETHIfStruck #
- modifiers: onlyOwner
Source Code
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Initializable
- [Prv] isConstructor
+ ContextUpgradeSafe (Initializable)
- [Int] __Context_init #
- modifiers: initializer
- [Int] __Context_init_unchained #
- modifiers: initializer
- [Int] _msgSender
- [Int] _msgData
+ OwnableUpgradeSafe (Initializable, ContextUpgradeSafe)
- [Int] __Ownable_init #
- modifiers: initializer
- [Int] __Ownable_init_unchained #
- modifiers: initializer
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ LockLiquidity (Initializable, OwnableUpgradeSafe)
- [Pub] initialize #
- modifiers: initializer
- [Pub] setONEK #
- modifiers: onlyOwner
- [Pub] setLiquidityProviderToken #
- modifiers: onlyOwner
- [Pub] addFeeAndUpdatePrice #
- [Pub] lockLiquidity #
- [Pub] extractEarnings #
- [Pub] getAmountLocked
- [Pub] extractTokensIfStuck #
- modifiers: onlyOwner
- [Pub] extractETHIfStruck #
- modifiers: onlyOwner
Source Code
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Initializable
- [Prv] isConstructor
+ ContextUpgradeSafe (Initializable)
- [Int] __Context_init #
- modifiers: initializer
- [Int] __Context_init_unchained #
- modifiers: initializer
- [Int] _msgSender
- [Int] _msgData
+ OwnableUpgradeSafe (Initializable, ContextUpgradeSafe)
- [Int] __Ownable_init #
- modifiers: initializer
- [Int] __Ownable_init_unchained #
- modifiers: initializer
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
+ ERC20UpgradeSafe (Initializable, ContextUpgradeSafe, IERC20)
- [Int] __ERC20_init #
- modifiers: initializer
- [Int] __ERC20_init_unchained #
- modifiers: initializer
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _setupDecimals #
- [Int] _beforeTokenTransfer #
+ [Int] ILockLiquidity
- [Ext] addFeeAndUpdatePrice #
+ ONEK (Initializable, OwnableUpgradeSafe, ERC20UpgradeSafe)
- [Pub] initialize #
- modifiers: initializer
- [Pub] setDevTreasury #
- modifiers: onlyOwner
- [Pub] setDevTreasuryPercentage #
- modifiers: onlyOwner
- [Pub] setLockLiquidityContract #
- modifiers: onlyOwner
- [Int] _transfer #
- [Pub] burn #
- modifiers: onlyOwner
- [Pub] extractETHIfStuck #
- modifiers: onlyOwner
- [Pub] extractTokenIfStuck #
- modifiers: onlyOwner
- [Pub] freezeTokens #
- modifiers: onlyOwner
- [Pub] unFreezeTokens #
- modifiers: onlyOwner
- [Pub] changeFee #
- modifiers: onlyOwner
- [Int] calculateFee
Source Code
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Initializable
- [Prv] isConstructor
+ ContextUpgradeSafe (Initializable)
- [Int] __Context_init #
- modifiers: initializer
- [Int] __Context_init_unchained #
- modifiers: initializer
- [Int] _msgSender
- [Int] _msgData
+ OwnableUpgradeSafe (Initializable, ContextUpgradeSafe)
- [Int] __Ownable_init #
- modifiers: initializer
- [Int] __Ownable_init_unchained #
- modifiers: initializer
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ Vault (Initializable, OwnableUpgradeSafe)
- [Ext] ($)
- [Pub] initialize #
- modifiers: initializer
- [Ext] setLockToken #
- modifiers: onlyOwner
- [Ext] setRewardPerBlock #
- modifiers: onlyOwner
- [Ext] setDevTreasury #
- modifiers: onlyOwner
- [Ext] setRewardToken #
- modifiers: onlyOwner
- [Ext] setTimeLocks #
- modifiers: onlyOwner
- [Ext] setDevPercentages #
- modifiers: onlyOwner
- [Int] addFeeAndUpdatePrice #
- [Int] updateFeeIn #
- [Pub] lockLiquidity #
- [Pub] extractEarnings #
- [Pub] extractLiquidity #
- [Pub] calcDevTreasuryPercentage
- [Ext] getAmountLocked
- [Ext] extractTokensIfStuck #
- modifiers: onlyOwner
- [Ext] extractETHIfStruck #
- modifiers: onlyOwner