FLOKI - Smart Contract Audit Report

Summary

FLOKI Audit Report FLOKI ($FLOKI) is a new community-driven Defi token on the Ethereum Blockchain that pays out static rewards to holders.

FLOKI's Token contract is deployed at 0x43f11c02439e2736800433b4594994Bd43Cd066D on the Ethereum Blockchain mainnet.

Notes on the Contract:
  • The total supply of the token is set to 10 trillion $FLOKI [10,000,000,000,000].
  • No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
  • At the time of writing this report, 14.39% of the total supply has been sent to the 0x...dead Address.
  • 8.01% of the total $FLOKI token supply is held in a Moontography Atomic Swap Contract, which is the bridge service provider for the team's ETH-BSC Bridge. This was not reviewed as part of this audit.
  • 0.75% of the total token supply is held in a Proxy Contract, which is a multi-signature team wallet.
  • 0.72% of the total token supply is held in UniSwap Liquidity. Out of that liquidity, 99.33% of the LP token are stored in a Unicrypt Liquidity Locker which is locked for 265 Years.

  • There is a 'Tax Fee' and a 'Liquidity Fee' on all transactions for any "non-excluded" address that participates in a transfer. The owner has the ability to modify the these fees to any percentage at any time.
  • Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the "tax fee" are removed from the circulating supply.
  • The liquidity fee that is charged on transactions is stored in the contract address and then subsequently used to buy BNB via the "swaptokens" function which will be sent to the marketing address. The owner has the ability to update and change the marketing wallet address at any time.
  • The owner has the ability to set the minimum threshold for the 'swaptokens' mechanism. At the time of deployment, this is set to 4% of the balance of the tokens in the Liquidity Pool. Depending on the volume of tokens being sold for BNB, this functionality could cause a negative price impact on the token.
  • Although the swap and liquify verbiage exists in the code, there are no "automatic liquidity adds" supported by the protocol.
  • The contract features a blacklist mechanism where the owner of the contract can exclude addresses from being able to participate in transfers. The owner can prevent transactions from being possible for as many holders as they would like, at any time.
  • The owner of the contract can exclude and include accounts from fees and reward distribution.
  • The protocol does not implement any maximum transaction amount.
  • The owner has the ability to withdraw all the ETH from the contract at any time.
  • Ownership has not been renounced, but is maintained in a multi-signature team wallet.
  • The contract utilizes SafeMath libraries along with following the ERC20 standard.
  • As the project is deployed with Solidity v0.8.4, it is protected from overflows.
Audit Findings Summary
  • No external threats were identified.
  • We recommend that the team renounces ownership.
  • Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
  • Further, ensure trust in the team as they have control of the BNB that is accumulated from fees.
  • Date: August 8th, 2021

Audit Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
ExceptionsN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
OraclesN/APASS
SuicideN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Function Graph

ERC20 Token Graph


Inheritence Chart

Multi-file Token


Functions Overview


 ($) = payable function
 # = non-constant function
 
 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] tryAdd
    - [Int] trySub
    - [Int] tryMul
    - [Int] tryDiv
    - [Int] tryMod
    - [Int] add
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] mod
    - [Int] sub
    - [Int] div
    - [Int] mod

 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner
    - [Prv] _setOwner #

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Int] functionStaticCall
    - [Int] functionStaticCall
    - [Int] functionDelegateCall #
    - [Int] functionDelegateCall #
    - [Prv] _verifyCallResult

 + [Int] IUniswapV2Factory 
    - [Ext] feeTo
    - [Ext] feeToSetter
    - [Ext] getPair
    - [Ext] allPairs
    - [Ext] allPairsLength
    - [Ext] createPair #
    - [Ext] setFeeTo #
    - [Ext] setFeeToSetter #

 + [Int] IUniswapV2Pair 
    - [Ext] name
    - [Ext] symbol
    - [Ext] decimals
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transfer #
    - [Ext] transferFrom #
    - [Ext] DOMAIN_SEPARATOR
    - [Ext] PERMIT_TYPEHASH
    - [Ext] nonces
    - [Ext] permit #
    - [Ext] MINIMUM_LIQUIDITY
    - [Ext] factory
    - [Ext] token0
    - [Ext] token1
    - [Ext] getReserves
    - [Ext] price0CumulativeLast
    - [Ext] price1CumulativeLast
    - [Ext] kLast
    - [Ext] mint #
    - [Ext] burn #
    - [Ext] swap #
    - [Ext] skim #
    - [Ext] sync #
    - [Ext] initialize #

 + [Int] IUniswapV2Router01 
    - [Ext] factory
    - [Ext] WETH
    - [Ext] addLiquidity #
    - [Ext] addLiquidityETH ($)
    - [Ext] removeLiquidity #
    - [Ext] removeLiquidityETH #
    - [Ext] removeLiquidityWithPermit #
    - [Ext] removeLiquidityETHWithPermit #
    - [Ext] swapExactTokensForTokens #
    - [Ext] swapTokensForExactTokens #
    - [Ext] swapExactETHForTokens ($)
    - [Ext] swapTokensForExactETH #
    - [Ext] swapExactTokensForETH #
    - [Ext] swapETHForExactTokens ($)
    - [Ext] quote
    - [Ext] getAmountOut
    - [Ext] getAmountIn
    - [Ext] getAmountsOut
    - [Ext] getAmountsIn

 + [Int] IUniswapV2Router02 (IUniswapV2Router01)
    - [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
    - [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
    - [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
    - [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
    - [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #

 +  FLOKI (Context, IERC20, Ownable)
    - [Pub]  #
    - [Ext] initContract #
       - modifiers: onlyOwner
    - [Ext] openTrading #
       - modifiers: onlyOwner
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcludedFromReward
    - [Pub] totalFees
    - [Pub] deliver #
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Pub] excludeFromReward #
       - modifiers: onlyOwner
    - [Ext] includeInReward #
       - modifiers: onlyOwner
    - [Prv] _approve #
    - [Prv] _transfer #
    - [Prv] swapTokens #
       - modifiers: lockTheSwap
    - [Prv] sendETHToMarketing #
    - [Prv] swapTokensForEth #
    - [Prv] addLiquidity #
    - [Prv] _tokenTransfer #
    - [Prv] _transferStandard #
    - [Prv] _transferToExcluded #
    - [Prv] _transferFromExcluded #
    - [Prv] _transferBothExcluded #
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply
    - [Prv] _takeLiquidity #
    - [Prv] calculateTaxFee
    - [Prv] calculateLiquidityFee
    - [Prv] removeAllFee #
    - [Prv] restoreAllFee #
    - [Pub] isExcludedFromFee
    - [Pub] excludeFromFee #
       - modifiers: onlyOwner
    - [Pub] includeInFee #
       - modifiers: onlyOwner
    - [Ext] setTaxFeePercent #
       - modifiers: onlyOwner
    - [Ext] setLiquidityFeePercent #
       - modifiers: onlyOwner
    - [Ext] setMarketingAddress #
       - modifiers: onlyOwner
    - [Prv] transferToAddressETH #
    - [Pub] isRemovedSniper
    - [Ext] _removeSniper #
       - modifiers: onlyOwner
    - [Ext] _amnestySniper #
       - modifiers: onlyOwner
    - [Ext] setFeeRate #
       - modifiers: onlyOwner
    - [Ext]  ($)
    - [Ext] emergencyWithdraw #
       - modifiers: onlyOwner