Vulnerability Category | Notes | Result |
---|---|---|
Arbitrary Storage Write | N/A | PASS |
Arbitrary Jump | N/A | PASS |
Delegate Call to Untrusted Contract | N/A | PASS |
Dependence on Predictable Variables | N/A | PASS |
Deprecated Opcodes | N/A | PASS |
Ether Thief | N/A | PASS |
Exceptions | N/A | PASS |
External Calls | N/A | PASS |
Flash Loans | N/A | PASS |
Integer Over/Underflow | N/A | PASS |
Multiple Sends | N/A | PASS |
Oracles | N/A | PASS |
Suicide | N/A | PASS |
State Change External Calls | N/A | PASS |
Unchecked Retval | N/A | PASS |
User Supplied Assertion | N/A | PASS |
Critical Solidity Compiler | N/A | PASS |
Overall Contract Safety | PASS |
CheersLand - Smart Contract Audit Report
Summary
CheersLand is building a platform where users can purchase lives by staking tokens or ETH.
Overview of the Contract:Audit Findings Summary
- A user can purchase any amount of lives using ETH or any token that is accepted by the platform.
- On purchasing lives, an amount in the chosen payment token proportional to the amount of lives purchased is staked in the platform.
- The user will be able to withdraw the staked amount 24 hours after the order is created.
- A user can add at most one address as a parent address, which will grant the user and the parent one extra life; the user can only set a parent one time.
- A user can only be a parent for at most 5 users.
- The owner is able to set the limit for the amount of addresses that a user can be a parent for to any value at any time.
- The owner is able to remove a life from any user at any time, as long as the user has more than -2 lives.
- The owner is able to add any token for payment as well as set the fee amount for each token at any time.
- The platform should not be used with ERC-777 tokens to prevent re-entrancy issues. This is uncommon.
- Further, the platform should not be used with deflationary tokens. If a deflationary token is added as a staking asset, then the contract must be exempt from transfer fees.
- The team worked with us to optimize this contract for gas efficiency.
- As the contract is implemented with Solidity v0.8.x, it is protected from overflows.
- No security issues from outside attackers were identified.
- Ensure trust in the team as they have substantial control in the ecosystem.
- Date: August 5th, 2021
($) = payable function
# = non-constant function
+ [Int] IERC20
- [Ext] transfer #
- [Ext] approve #
- [Ext] transferFrom #
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
+ [Lib] SafeMath
- [Int] mul
- [Int] div
- [Int] sub
- [Int] add
- [Int] mod
+ Ownable
- [Pub] #
- [Pub] owner
- [Pub] isOwner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Int] _transferOwnership #
+ Game (Ownable)
- [Pub] #
- [Prv] _createOrder #
- [Ext] addFeeCoin #
- modifiers: onlyOwner
- [Ext] setUserSubMax #
- modifiers: onlyOwner
- [Prv] _addLife #
- [Pub] decLife #
- modifiers: onlyOwner
- [Ext] decLifes #
- modifiers: onlyOwner
- [Ext] bindParent #
- [Pub] getLifeAmount
- [Ext] buyLife #
- [Ext] buyLifeMain ($)
- [Ext] unStaking #
- [Ext] getUserOrderIds
- [Ext] setUserGameIsAward #
- modifiers: onlyOwner