FLOKI - Smart Contract Audit Report
FLOKI ($FLOKI) is a new community-driven Defi token on the Binance Smart Chain that pays out static rewards to holders.
Notes on the Contract:
Audit Findings Summary
- The total supply of the token is set to 10 trillion $FLOKI [10,000,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x...dead address, if desired.
- At the time of writing this report, 49.33% of the total $FLOKI token supply is held in a Moontography Atomic Swap Contract, which is the bridge service provider for the team's ETH-BSC Bridge. This was not reviewed as part of this audit.
- 35.04% of the total supply has been sent to the 0x...dead Address.
- 1.05% of the total token supply is held in a GnosisSafe Multi-signature Contract, which is controlled by the team.
- 0.72% of the total token supply is held in PancakeSwap Liquidity. Out of that liquidity, 99.83% of the LP token are stored in a Unicrypt Liquidity Locker which is locked for 265 Years.
- There is a 'Tax Fee' and a 'Liquidity Fee' on all transactions for any "non-excluded" address that participates in a transfer. The owner has the ability to modify the these fees to any percentage at any time.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the "tax fee" are removed from the circulating supply.
- The liquidity fee that is charged on transactions is stored in the contract address and then subsequently used to buy BNB via the "swaptokens" function which will be sent to the marketing address. The owner has the ability to update and change the marketing wallet address at any time.
- The owner has the ability to set the minimum threshold for the 'swaptokens' mechanism. At the time of deployment, this is set to 2% of the balance of the tokens in the Liquidity Pool. Depending on the volume of tokens being sold for BNB, this functionality could cause a negative price impact on the token.
- Although the swap and liquify verbiage exists in the code, there are no "automatic liquidity adds" supported by the protocol.
- The contract features a blacklist mechanism where the owner of the contract can exclude addresses from being able to participate in transfers. The owner can prevent transactions from being possible for as many holders as they would like, at any time.
- The owner of the contract can exclude and include accounts from fees and reward distribution.
- The protocol does not implement any maximum transaction amount.
- Ownership has not been renounced, but is maintained in a multi-signature team wallet.
- The contract utilizes SafeMath libraries along with following the BEP20 standard.
- As the project is deployed with Solidity v0.8.4, it is protected from overflows.
- No external threats were identified.
- We recommend that the team renounces ownership.
- Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
- Further, ensure trust in the team as they have control of the BNB that is accumulated from fees.
- Date: July 22nd, 2021
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function + Context - [Int] _msgSender - [Int] _msgData + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Pub]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner + [Int] IUniswapV2Factory - [Ext] feeTo - [Ext] feeToSetter - [Ext] getPair - [Ext] allPairs - [Ext] allPairsLength - [Ext] createPair # - [Ext] setFeeTo # - [Ext] setFeeToSetter # + [Int] IUniswapV2Pair - [Ext] name - [Ext] symbol - [Ext] decimals - [Ext] totalSupply - [Ext] balanceOf - [Ext] allowance - [Ext] approve # - [Ext] transfer # - [Ext] transferFrom # - [Ext] DOMAIN_SEPARATOR - [Ext] PERMIT_TYPEHASH - [Ext] nonces - [Ext] permit # - [Ext] MINIMUM_LIQUIDITY - [Ext] factory - [Ext] token0 - [Ext] token1 - [Ext] getReserves - [Ext] price0CumulativeLast - [Ext] price1CumulativeLast - [Ext] kLast - [Ext] burn # - [Ext] swap # - [Ext] skim # - [Ext] sync # - [Ext] initialize # + [Int] IUniswapV2Router01 - [Ext] factory - [Ext] WETH - [Ext] addLiquidity # - [Ext] addLiquidityETH ($) - [Ext] removeLiquidity # - [Ext] removeLiquidityETH # - [Ext] removeLiquidityWithPermit # - [Ext] removeLiquidityETHWithPermit # - [Ext] swapExactTokensForTokens # - [Ext] swapTokensForExactTokens # - [Ext] swapExactETHForTokens ($) - [Ext] swapTokensForExactETH # - [Ext] swapExactTokensForETH # - [Ext] swapETHForExactTokens ($) - [Ext] quote - [Ext] getAmountOut - [Ext] getAmountIn - [Ext] getAmountsOut - [Ext] getAmountsIn + [Int] IUniswapV2Router02 (IUniswapV2Router01) - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens # - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens # - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens # - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($) - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens # + FLOKI (Context, IERC20, Ownable) - [Pub] # - [Ext] initContract # - modifiers: onlyOwner - [Ext] openTrading # - modifiers: onlyOwner - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcludedFromReward - [Pub] totalFees - [Pub] deliver # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Pub] excludeFromReward # - modifiers: onlyOwner - [Ext] includeInReward # - modifiers: onlyOwner - [Prv] _approve # - [Prv] _transfer # - [Prv] swapTokens # - modifiers: lockTheSwap - [Prv] sendETHToFee # - [Prv] swapTokensForEth # - [Prv] addLiquidity # - [Prv] _tokenTransfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded # - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply - [Prv] _takeLiquidity # - [Prv] calculateTaxFee - [Prv] calculateLiquidityFee - [Prv] removeAllFee # - [Prv] restoreAllFee # - [Pub] isExcludedFromFee - [Pub] excludeFromFee # - modifiers: onlyOwner - [Pub] includeInFee # - modifiers: onlyOwner - [Ext] setTaxFeePercent # - modifiers: onlyOwner - [Ext] setLiquidityFeePercent # - modifiers: onlyOwner - [Ext] setMarketingAddress # - modifiers: onlyOwner - [Prv] transferToAddressETH # - [Pub] isRemovedSniper - [Ext] _removeSniper # - modifiers: onlyOwner - [Ext] _amnestySniper # - modifiers: onlyOwner - [Ext] setFeeRate # - modifiers: onlyOwner - [Ext] ($)