Mini Sports Token - Smart Contract Audit Report
Summary
Mini Sports ($MSB) is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol that pays out static rewards to holders.
Notes on the Contract:Audit Findings Summary
- The total supply of the token is initially set to 100 quadrillion $MSB [100,000,000,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 38.30% of the total $MSB token supply has been sent to the 0x...dead address.
- 13.36% of the total supply is stored in the $MSB contract address.
- 4.92% belongs to Pancakeswap liquidity.
- Of that liquidity, 95.7% of the LP tokens are stored in an unverified contract.
- Although Ownership has been renounced, the contract utilizes an 'OnlyDev' feature which restricts access of certain functions to only the assigned Dev address.
- There is a 2% 'tax fee' and a 9% 'liquidity fee' on all transactions for any "non-excluded" address that participates in a transfer.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
- On each transfer that occurs while the minimum threshold of tokens (determined by the 'Dev' role) is met, the protocol will spend 1% of its BNB balance toward buying $MSB tokens that will subsequently be burned. The Dev has the ability to enable and disable the Buyback functionality at any time as well update the minimum threshold of tokens.
- The liquidity fee that is charged on transactions is used to buy BNB via the "swaptokens" function which will be stored in the contract address. Upon each BNB purchase made by the contract address 33.33% will be sent to the 'marketing address'.
- Although the swap and liquify verbiage exists in the code, there are no "automatic liquidity adds" supported by the protocol. Instead, the portion of BNB that was not sent to the marketing address is used to support the buyback mechanism.
- The Dev of the contract can exclude and include accounts from transfer fees and reward distribution.
- There is maximum transaction amount set to 300 trillion $MSB, which does not apply to the owner during transactions where the owner is either the sender or the recipient.
- The Dev has the ability to update the address associated with the Pancakeswap router to a new address at any time. The Dev can also update the marketing wallet at any time.
- There exists logic in the code for a bot protection and a blacklist feature, however since ownership has been renounced these features can no longer be utilized.
- The contract implements the BEP20 token standard.
- As the project is deployed with Solidity version ^0.8.x, it is protected from overflows.
- No external threats were identified.
- We recommend that the team monitors the trading activity regarding the contract's buyback mechanism, as the transactions could be susceptible to front-running as the contract's BNB balance increases. As a protective measure, the team could lower the threshold for swapping to make the buyback more frequent and less predictable.
- Please ensure trust in the team prior to investing as they have notable control in the ecosystem.
- Date: September 2nd, 2021
Audit Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | N/A | PASS |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Flash Loans | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Oracles | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
Function Graph
Inheritence Chart
Functions Overview
($) = payable function
# = non-constant function
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Int] IERC20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Pub] getUnlockTime
- [Pub] getTime
- [Pub] lock #
- modifiers: onlyOwner
- [Pub] unlock #
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ MiniSportsBSC (Context, IERC20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] isExcludedFromReward
- [Pub] totalFees
- [Pub] minimumTokensBeforeSwapAmount
- [Pub] buyBackUpperLimitAmount
- [Pub] updateRouter #
- modifiers: onlyDev
- [Pub] deliver #
- [Pub] blackList #
- modifiers: onlyOwner
- [Pub] removeFromBlacklist #
- modifiers: onlyOwner
- [Pub] reflectionFromToken
- [Pub] tokenFromReflection
- [Pub] excludeFromReward #
- modifiers: onlyDev
- [Ext] includeInReward #
- modifiers: onlyDev
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] swapTokens #
- modifiers: lockTheSwap
- [Prv] buyBackTokens #
- modifiers: lockTheSwap
- [Prv] swapTokensForEth #
- [Prv] swapETHForTokens #
- [Prv] addLiquidity #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
- [Prv] _transferBothExcluded #
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] _takeLiquidity #
- [Prv] calculateTaxFee
- [Prv] calculateLiquidityFee
- [Prv] removeAllFee #
- [Prv] restoreAllFee #
- [Pub] isExcludedFromFee
- [Pub] excludeFromFee #
- modifiers: onlyDev
- [Pub] includeInFee #
- modifiers: onlyDev
- [Ext] setTaxFeePercent #
- modifiers: onlyOwner
- [Ext] setLiquidityFeePercent #
- modifiers: onlyOwner
- [Ext] setMaxTxAmount #
- modifiers: onlyOwner
- [Ext] setMarketingDivisor #
- modifiers: onlyOwner
- [Ext] setNumTokensSellToAddToLiquidity #
- modifiers: onlyDev
- [Ext] setBuybackUpperLimit #
- modifiers: onlyDev
- [Ext] setMarketingAddress #
- modifiers: onlyDev
- [Pub] setSwapAndLiquifyEnabled #
- modifiers: onlyOwner
- [Pub] setBuyBackEnabled #
- modifiers: onlyDev
- [Ext] botProtector #
- modifiers: onlyOwner
- [Ext] stopBotProtector #
- modifiers: onlyOwner
- [Prv] transferToAddressETH #
- [Pub] addDev #
- modifiers: onlyOwner
- [Pub] removeDev #
- modifiers: onlyOwner
- [Ext] ($)