CryptoCart V2 - Smart Contract Audit Report
Summary
CryptoCart V2 ($CCv2) is a new community-driven DeFi token on the Ethereum Blockchain.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is set to 1 million $CCv2 [1,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 100% of the total supply belongs to the owner as the project was recently deployed.
- There is a 2% vault fee charged on transfers when the user is selling tokens via Uniswap.
- The tokens collected through the vault fee are sent to the vault address controlled by the team.
- The calculation of the vault fee performs a multiplication on the result of a division, leading to less accurate results. It is advisable to always perform all multiplications prior to division. This line can be viewed here.
- The contract could potentially lock ETH as it contains a payable function, but lacks a withdrawal function. We would recommend removing this payable function altogether, however as this contract is already deployed, this is merely informational.
- The contract utilizes an Editor role.
- The owner or Editor of the contract can exclude accounts from the vault fee.
- The contract complies with the ERC20 token standard.
- Some gas optimizations can be achieved through declaring functions external instead of public and some variables constant. As this contract is already deployed, this is merely informational.
- As the contract is deployed with Solidity v0.8.x, it is protected from overflows.
- No external threats were identified.
- Please ensure trust in the team as they are in control of 100% of the total supply and collect tokens from fees.
- Date: November 8th, 2021
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
+ Editor (Context)
- [Pub] #
- [Pub] editors
- [Pub] transferEditorRole #
- modifiers: onlyEditor
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ ERC20 (Context, IERC20)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Int] _transfer #
- [Int] _mint #
- [Int] _approve #
- [Int] _setupDecimals #
- [Int] _beforeTokenTransfer #
+ [Int] IUniswapV2Factory
- [Ext] createPair #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidityETH ($)
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] mul
- [Int] div
- [Int] mod
- [Int] sub
- [Int] div
- [Int] mod
+ CryptoCartV2 (ERC20, Ownable, Editor)
- [Pub] #
- modifiers: ERC20
- [Ext] ($)
- [Prv] _setAutomatedMarketMakerPair #
- [Pub] excludeFromFees #
- modifiers: OwnerOrEditor
- [Int] _transfer #