BillHwang Staking - Smart Contract Audit Report
Summary
BillHwang is a new token on the Binance Smart Chain.For this audit, we analyzed the project's token and MasterChef staking contract. We reviewed the token at 0xe38676028803b9f6c7ef36642d68baf6f0d4f846 and the MasterChef staking contract at 0xef7b8ffa5dc6fa76d2973909d36d28e267eb9f83 on the BSC mainnet.Notes of the Token Contract:Notes on the Staking Contract:
- The token is designed to be a governance token where 1 token = 1 vote.
- Token holders can delegate their voting rights to any address. To save gas, users can also do so using an EIP-712 signature.
- At the time of the deployment, there are no tokens.
- The owner has the ability to mint tokens at any time, up to a hard cap of 100 million.
- No minting or burning functions are accessible after deployment; though the circulating supply can be decreased by sending tokens to the 0xdead address.
- No ownership-protected functions relating to the token are present.
- The contract utilizes SafeMath to prevent overflow issues.
Audit Findings Summary:
- Users can stake tokens into the MasterChef staking contract into order to earn BillHwang tokens.
- The project team can add different types of tokens for staking, and can update the reward rates for each token at any time.
- There is a fee associated with making a deposit to the contract, set by the team at the time of adding each asset pool.
- Users will accrue rewards over the length of their stake. Upon withdrawing from the contract, user's rewards will be claimed.
- The team has the ability to remove BillHwang tokens from the contract at any time. If BillHwang can be staked, this would allow the team to move user's BillHwang tokens without permission. We advise not having BillHwang be staked in this contract, or the two relevant functions be removed.
- The team must exercise caution when adding tokens to avoid fee-on-transfer and ERC777-compliant tokens.
- Some public functions may be declared external to save a small amount of gas on each transaction.
- Utilization of SafeMath to prevent overflow issues.
- No security issues from outside attackers were identified.
- Ensure trust in the team as they have some control over the ecosystem.
- Date: May 15th, 2021
Combined External Threat Results
Vulnerability Category | Notes | Result |
---|---|---|
Arbitrary Storage Write | N/A | PASS |
Arbitrary Jump | N/A | PASS |
Delegate Call to Untrusted Contract | N/A | PASS |
Dependence on Predictable Variables | N/A | PASS |
Deprecated Opcodes | N/A | PASS |
Ether Thief | N/A | PASS |
Exceptions | N/A | PASS |
External Calls | N/A | PASS |
Integer Over/Underflow | N/A | PASS |
Multiple Sends | N/A | PASS |
Suicide | N/A | PASS |
State Change External Calls | N/A | PASS |
Unchecked Retval | N/A | PASS |
User Supplied Assertion | N/A | PASS |
Critical Solidity Compiler | N/A | PASS |
Overall Contract Safety | PASS |
Details: BillHwang Token Contract
Inheritence Chart
Function Graph
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ [Int] IBEP20
- [Ext] totalSupply
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] getOwner
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ BEP20 (Context, IBEP20, Ownable)
- [Pub] #
- [Ext] getOwner
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] mint #
- modifiers: onlyOwner
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _burnFrom #
+ BillHwangToken (BEP20)
- [Pub] mint #
- modifiers: onlyOwner
- [Ext] delegates
- [Ext] delegate #
- [Ext] delegateBySig #
- [Ext] getCurrentVotes
- [Ext] getPriorVotes
- [Int] _delegate #
- [Int] _moveDelegates #
- [Int] _writeCheckpoint #
- [Int] safe32
- [Int] getChainId
Source Code
Click here to download the source code as a .sol file.
Details: MasterChef Staking Contract
Inheritence Chart
Function Graph
Functions Overview
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ [Int] IBEP20
- [Ext] totalSupply
- [Ext] decimals
- [Ext] symbol
- [Ext] name
- [Ext] getOwner
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ [Lib] SafeBEP20
- [Int] safeTransfer #
- [Int] safeTransferFrom #
- [Int] safeApprove #
- [Int] safeIncreaseAllowance #
- [Int] safeDecreaseAllowance #
- [Prv] _callOptionalReturn #
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Int] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ BEP20 (Context, IBEP20, Ownable)
- [Pub] #
- [Ext] getOwner
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] mint #
- modifiers: onlyOwner
- [Int] _transfer #
- [Int] _mint #
- [Int] _burn #
- [Int] _approve #
- [Int] _burnFrom #
+ BillHwangToken (BEP20)
- [Pub] mint #
- modifiers: onlyOwner
- [Ext] delegates
- [Ext] delegate #
- [Ext] delegateBySig #
- [Ext] getCurrentVotes
- [Ext] getPriorVotes
- [Int] _delegate #
- [Int] _moveDelegates #
- [Int] _writeCheckpoint #
- [Int] safe32
- [Int] getChainId
+ MasterChef (Ownable)
- [Pub] #
- [Ext] poolLength
- [Pub] add #
- modifiers: onlyOwner
- [Pub] set #
- modifiers: onlyOwner
- [Pub] getMultiplier
- [Ext] pendingBILL
- [Pub] massUpdatePools #
- [Pub] updatePool #
- [Pub] deposit #
- [Pub] withdraw #
- [Pub] emergencyWithdraw #
- [Int] safeBILLTransfer #
- [Pub] dev #
- [Pub] setFeeAddress #
- [Pub] updateEmissionRate #
- modifiers: onlyOwner
Source Code
Click here to download the source code as a .sol file.