Attack - Smart Contract Audit Report
Summary
Attack ($ATK) is a new ERC20 token on the Polygon Network.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is set to 1 billion $ATK [1,000,000,000].
- Upon deployment, a Gnosis Multi-sig address was set by the team. This address has access to certain functionality in the contract.
- Any user can burn their own tokens to reduce the total supply.
- If tokens have been burned, the Multi-sig address can mint any amount of tokens up to the total supply cap of 1 billion $ATK.
- At the time of writing this report, 47.2% of the total supply belongs to an unverified contract.
- The top holder owns 39.75% of the total supply.
- 9.62% of the total supply belongs to a Gnosis multi-signature Proxy contract.
- 0.51% of the total supply is in Uniswap liquidity.
- 91.7% of the LP tokens belong to an unverified contract.
- The next five holders own a cumulative 1.2% of the total supply.
- The contract implements the EIP-2612 standard in order to support permits which allows for approvals to be made via signatures.
- There are no fees associated with transferring tokens.
- The Multi-sig address can pause/unpause trading at any time.
- The Multi-sig address can enable/disable all burning functionality at any time.
- As the contract is deployed with Solidity v0.8.6 it is protected from overflows/underflows.
- Some functions could have been declared external instead of public to save some gas, but as this contract is already deployed this is merely informational.
- No external threats were identified.
- Please be aware of the amount of liquidity available in proportion to the largest wallets.
- Date: December 17th, 2021.
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Centralization of Control | Please be aware of the amount of liquidity available in proportion to the largest wallets. | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Int] IERC20Metadata (IERC20)
- [Ext] name
- [Ext] symbol
- [Ext] decimals
+ Context
- [Int] _msgSender
- [Int] _msgData
+ ERC20 (Context, IERC20, IERC20Metadata)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _beforeTokenTransfer #
- [Int] _afterTokenTransfer #
+ ERC20Burnable (Context, ERC20)
- [Pub] burn #
- [Pub] burnFrom #
+ [Int] IERC20Permit
- [Ext] permit #
- [Ext] nonces
- [Ext] DOMAIN_SEPARATOR
+ [Lib] Strings
- [Int] toString
- [Int] toHexString
- [Int] toHexString
+ [Lib] ECDSA
- [Prv] _throwError
- [Int] tryRecover
- [Int] recover
- [Int] tryRecover
- [Int] recover
- [Int] tryRecover
- [Int] recover
- [Int] toEthSignedMessageHash
- [Int] toEthSignedMessageHash
- [Int] toTypedDataHash
+ EIP712
- [Pub] #
- [Int] _domainSeparatorV4
- [Prv] _buildDomainSeparator
- [Int] _hashTypedDataV4
+ [Lib] Counters
- [Int] current
- [Int] increment #
- [Int] decrement #
- [Int] reset #
+ ERC20Permit (ERC20, IERC20Permit, EIP712)
- [Pub] #
- modifiers: EIP712
- [Pub] permit #
- [Pub] nonces
- [Ext] DOMAIN_SEPARATOR
- [Int] _useNonce #
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Prv] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Int] _transferOwnership #
+ Pausable (Context)
- [Pub] #
- [Pub] paused
- [Int] _pause #
- modifiers: whenNotPaused
- [Int] _unpause #
- modifiers: whenPaused
+ Attack (ERC20, ERC20Burnable, ERC20Permit, Ownable, Pausable)
- [Pub] #
- modifiers: ERC20,ERC20Permit
- [Pub] mint #
- modifiers: multiSigReq
- [Pub] burn #
- [Pub] pause #
- modifiers: multiSigReq
- [Pub] unpause #
- modifiers: multiSigReq
- [Pub] toggleBurn #
- modifiers: multiSigReq