TEZILLA - Smart Contract Audit Report
Summary
TEZILLA is a new community-driven DeFi token on the Binance Smart Chain that is an automatic liquidity providing protocol, pays out static rewards, and enables holders to participate in a lottery.
We reviewed TEZILLA's Token contract at 0x5778A155fA82063C5C1E48771CAA44ea4d8a5d7a on the Binance Smart Chain mainnet.
Notes of the Contract:
- The total supply of the token is 100 quadrillion $TEZILLA [100,000,000,000,000,000].
- No minting or burn functions are present; though the circulating supply can be reduced by sending tokens to the 0x..dead address, if desired.
- At the time of writing this report, 31.45% of the total supply has been sent to the 0x..dead address.
- 17.37% of the total supply is in Pancakeswap liquidity.
- Of that liquidity, 97.74% of the LP tokens are stored in a token locking contract and will vest to the team on May 3rd, 2022.
- 1.09% of the LP tokens belong to the deployer.
- The top five holders own a cumulative 4.37% of the total supply.
- There is a tax fee, liquidity fee, lottery fee, marketing fee, and a txGold (development) fee on all transactions for any "non-excluded" address that participates in a transfer.
- Users who hold tokens will automatically benefit from the frictionless fee redistribution at the time of each transaction as the tokens collected through the tax fee are removed from the circulating supply.
- The tokens collected from the liquidity fee during transfers are stored in the contract address balance. Once the threshold value of 200 trillion tokens is met, a swap will occur for the purpose of funding Pancakeswap liquidity.
- Liquidity-adds are funded by selling a portion of the tokens collected as fees (after the threshold as is met), then pairing the received BNB with the token, and adding it as liquidity to the BNB pair.
- The recipient of the newly created LP tokens is a wallet controlled by the team. We recommend the team locks these newly acquired LP tokens.
- The lottery fee charged on transactions is stored in the lottery pool, and once a threshold value (determined by the owner) is met, a winner will be pseudo-randomly chosen. The chosen winner must own the required minimum number of tokens determined by the owner in order to receive the tokens stored in the lottery pool.
- The contract utilizes a swapping feature which can be enabled/disabled by the owner. When disabled, The tokens collected through the marketing fee and txGold fee are sent directly to the team's marketing wallet and development wallet respectively. When enabled, the tokens are swapped for BNB, sent to the contract address, and subsequetly sent to the team's marketing wallet and development wallet respectively.
- The contract features an anti-whale mechanism which prevents a transaction from occuring if the recipient's balance, will be greater than 1% of total supply after the transaction takes place.
- As the contract is deployed with Solidity v0.8.4, it is protected from overflows.
Ownership Controls:- The owner can modify the tax fee, liquidity fee, lottery fee, marketing fee, and txGold fee to any percentages at any time.
- The owner can exclude and include accounts from transfer fees and rewards redistribution.
- The owner can set and update a maximum transaction amount at any time, which will impose a limit to the number of tokens that can be transferred during any given transaction.
- This maximum transaction amount does not apply to the owner during transactions where the owner is either the sender or the recipient.
- The owner can enable/disable automatic liquidity adds.
- The owner can exclude accounts from the anti-whale mechanism.
- The owner can modify the number of tokens a user must hold in order to trigger the anti-whale functionality.
- The owner can disable the anti-whale functionality altogether.
- The owner can update the minimum amount of tokens a user must hold in order to be eligible for the lottery.
- The owner can update the minimum threshold of tokens that dictates when a lottery winner is chosen.
- The owner can enable/disable the lottery mechanism altogether.
- The owner can update the Pancakeswap Pair and Pancakeswap Router address at any time.
- The owner can update the Marketing wallet, txGold (Development) wallet, and Owner wallet to any addresses at any time.
- The assigned Owner wallet can withdraw any WBNB, BSC-USD, BUSD, or BNB from the contract address at any time.
- The owner can use the "lock" function in order to temporarily set ownership to address(0). Ownership is restored after the duration of time determined by the owner has passed and they use the 'unlock' function.
- The unlock function has the potential to be used after ownership is renounced, which will restore ownership to the original owner that initially created the ownership lock. This can be used in a nefarious way by the project team to restore ownership and change fee structures.
- We recommend that the unlock function is modified to set the "previous owner" = "address(0)" at the end of the unlock function to prevent it from being used more than once per lock.
Audit Findings Summary:
- No external threats were identified.
- Please ensure trust in the team prior to investing as they have substantial control in the ecosystem.
- Date: November 10th, 2021.
External Threat Results
| Vulnerability Category | Notes | Result |
|---|---|---|
| Arbitrary Storage Write | N/A | PASS |
| Arbitrary Jump | N/A | PASS |
| Delegate Call to Untrusted Contract | N/A | PASS |
| Dependence on Predictable Variables | Decisions are made based on the block.difficulty, block.timestamp, and block.number environment variables which can be manipulated by a malicious miner. This is extremley unlikely to occur. | WARNING |
| Deprecated Opcodes | N/A | PASS |
| Ether Thief | N/A | PASS |
| Exceptions | N/A | PASS |
| External Calls | N/A | PASS |
| Integer Over/Underflow | N/A | PASS |
| Multiple Sends | N/A | PASS |
| Suicide | N/A | PASS |
| State Change External Calls | N/A | PASS |
| Unchecked Retval | N/A | PASS |
| User Supplied Assertion | N/A | PASS |
| Critical Solidity Compiler | N/A | PASS |
| Overall Contract Safety | PASS |
($) = payable function
# = non-constant function
Int = Internal
Ext = External
Pub = Public
+ [Int] IBEP20
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] transfer #
- [Ext] allowance
- [Ext] approve #
- [Ext] transferFrom #
+ [Lib] SafeMath
- [Int] add
- [Int] sub
- [Int] sub
- [Int] mul
- [Int] div
- [Int] div
- [Int] mod
- [Int] mod
+ Context
- [Int] _msgSender
- [Int] _msgData
+ [Lib] Address
- [Int] isContract
- [Int] sendValue #
- [Int] functionCall #
- [Int] functionCall #
- [Int] functionCallWithValue #
- [Int] functionCallWithValue #
- [Prv] _functionCallWithValue #
+ Ownable (Context)
- [Pub] #
- [Pub] owner
- [Pub] renounceOwnership #
- modifiers: onlyOwner
- [Pub] transferOwnership #
- modifiers: onlyOwner
- [Pub] getUnlockTime
- [Pub] lockShortTime #
- modifiers: onlyOwner
- [Pub] lockLongTime #
- modifiers: onlyOwner
- [Pub] unlock #
+ [Int] IUniswapV2Factory
- [Ext] feeTo
- [Ext] feeToSetter
- [Ext] getPair
- [Ext] allPairs
- [Ext] allPairsLength
- [Ext] createPair #
- [Ext] setFeeTo #
- [Ext] setFeeToSetter #
+ [Int] IUniswapV2Pair
- [Ext] name
- [Ext] symbol
- [Ext] decimals
- [Ext] totalSupply
- [Ext] balanceOf
- [Ext] allowance
- [Ext] approve #
- [Ext] transfer #
- [Ext] transferFrom #
- [Ext] DOMAIN_SEPARATOR
- [Ext] PERMIT_TYPEHASH
- [Ext] nonces
- [Ext] permit #
- [Ext] MINIMUM_LIQUIDITY
- [Ext] factory
- [Ext] token0
- [Ext] token1
- [Ext] getReserves
- [Ext] price0CumulativeLast
- [Ext] price1CumulativeLast
- [Ext] kLast
- [Ext] mint #
- [Ext] burn #
- [Ext] swap #
- [Ext] skim #
- [Ext] sync #
- [Ext] initialize #
+ [Int] IUniswapV2Router01
- [Ext] factory
- [Ext] WETH
- [Ext] addLiquidity #
- [Ext] addLiquidityETH ($)
- [Ext] removeLiquidity #
- [Ext] removeLiquidityETH #
- [Ext] removeLiquidityWithPermit #
- [Ext] removeLiquidityETHWithPermit #
- [Ext] swapExactTokensForTokens #
- [Ext] swapTokensForExactTokens #
- [Ext] swapExactETHForTokens ($)
- [Ext] swapTokensForExactETH #
- [Ext] swapExactTokensForETH #
- [Ext] swapETHForExactTokens ($)
- [Ext] quote
- [Ext] getAmountOut
- [Ext] getAmountIn
- [Ext] getAmountsOut
- [Ext] getAmountsIn
+ [Int] IUniswapV2Router02 (IUniswapV2Router01)
- [Ext] removeLiquidityETHSupportingFeeOnTransferTokens #
- [Ext] removeLiquidityETHWithPermitSupportingFeeOnTransferTokens #
- [Ext] swapExactTokensForTokensSupportingFeeOnTransferTokens #
- [Ext] swapExactETHForTokensSupportingFeeOnTransferTokens ($)
- [Ext] swapExactTokensForETHSupportingFeeOnTransferTokens #
+ TEZILLA (Context, IBEP20, Ownable)
- [Pub] #
- [Pub] name
- [Pub] symbol
- [Pub] decimals
- [Pub] totalSupply
- [Pub] minLottoBalance
- [Pub] currentLottoPool
- [Pub] balanceOf
- [Pub] transfer #
- [Pub] allowance
- [Pub] approve #
- [Pub] transferFrom #
- [Pub] increaseAllowance #
- [Pub] decreaseAllowance #
- [Pub] isExcludedFromReward
- [Pub] isIncludeFromLotto
- [Pub] totalFees
- [Pub] deliver #
- [Pub] reflectionFromToken
- [Pub] tokenFromReflection
- [Pub] excludeFromReward #
- modifiers: onlyOwner
- [Ext] includeInReward #
- modifiers: onlyOwner
- [Prv] _transferBothExcluded #
- [Ext] setUniswapRouter #
- modifiers: onlyOwner
- [Ext] setUniswapPair #
- modifiers: onlyOwner
- [Pub] excludeFromFee #
- modifiers: onlyOwner
- [Pub] includeInFee #
- modifiers: onlyOwner
- [Ext] setTaxFeePercent #
- modifiers: onlyOwner
- [Ext] setLottoFeePercent #
- modifiers: onlyOwner
- [Ext] setTxgoldFeePercent #
- modifiers: onlyOwner
- [Ext] setMarketingFeePercent #
- modifiers: onlyOwner
- [Pub] setshouldSwapToBNB #
- modifiers: onlyOwner
- [Pub] setLottoEnabled #
- modifiers: onlyOwner
- [Pub] setOwnerWalletAddress #
- modifiers: onlyOwner
- [Pub] setTxgoldAddress #
- modifiers: onlyOwner
- [Pub] setMarketingAddress #
- modifiers: onlyOwner
- [Pub] setMinLottoBalance #
- modifiers: onlyOwner
- [Pub] setLotteryThresHold #
- modifiers: onlyOwner
- [Ext] setLiquidityFeePercent #
- modifiers: onlyOwner
- [Ext] setMaxTxPercent #
- modifiers: onlyOwner
- [Pub] setSwapAndLiquidityEnabled #
- modifiers: onlyOwner
- [Ext] setAntiWhaleEnabled #
- modifiers: onlyOwner
- [Ext] setAntiWhaleThreshold #
- modifiers: onlyOwner
- [Ext] setExcludedFromAntiWhale #
- modifiers: onlyOwner
- [Pub] withDrawWBNB #
- [Pub] withDrawUSDT #
- [Pub] withDrawBUSD #
- [Pub] withDraw #
- [Ext] ($)
- [Prv] _reflectFee #
- [Prv] _getValues
- [Prv] _getTValues
- [Prv] _getRValues
- [Prv] _getRate
- [Prv] _getCurrentSupply
- [Prv] addAddress #
- [Prv] random
- [Prv] lotterize
- [Prv] _takeLotto #
- [Prv] drawLotto #
- modifiers: lockTheLottery
- [Prv] _takeTxgold #
- [Prv] _takeMarketing #
- [Prv] _takeLiquidity #
- [Prv] calculateLottoFee
- [Prv] calculateTxgoldFee
- [Prv] calculateMarketingFee
- [Prv] calculateTaxFee
- [Prv] calculateLiquidityFee
- [Prv] removeAllFee #
- [Prv] restoreAllFee #
- [Pub] isExcludedFromFee
- [Prv] _approve #
- [Prv] _transfer #
- [Prv] swapAndLiquidity #
- modifiers: lockTheSwap
- [Prv] swapTokensForEth #
- [Prv] addLiquidity #
- [Prv] _tokenTransfer #
- [Prv] _transferStandard #
- [Prv] _transferToExcluded #
- [Prv] _transferFromExcluded #
($) = payable function
# = non-constant function