VANCAT - Smart Contract Audit Report


VANCAT Audit Report VANCAT is a platform where fees charged from transactions are shared among token holders. Fee sharing is instant, increasing the balance of all token holders with each transaction.

VANCAT is deployed at 0x8597ba143ac509189e89aab3ba28d661a5dd9830 on the Binance Smart Chain.

Notes on the contract:
  • VANCAT is a fork of Reflect Finance (RFI). The key notable differences are the transfer tax which is 10x that of RFI, the increased total supply, and the reduction of decimals to 0.
  • The total supply of the token is 1 quadrillion.
  • No mint or burn functions exist, though the circulating supply can be decreased by sending tokens to 0x...dead.
  • 49% of the total supply has been send to the 0xdead address.
  • The team has locked ~10% of the supply on our recommendation, but this lock lasts 3 months and vests over time; giving the team as much as liquidity .
  • 1.1% of the supply is in the Uniswap liquidity pool. 23% of liquidity is held unlocked by the team; 67% is locked in an unverified contract for an unknown amount of time.
  • 5 wallets hold significantly more than the amount of tokens in the liquidity pool. These wallets are not controlled by the team, but each pose a major risk to liquidity if they were to sell.

  • 100% of the fee charged on token transfers is redistributed to existing token holders instantly and automatically at the time of each transaction.
  • The owner can exclude any address from the fee mechanism.
  • The 10x-ing of the standard fee performs a multiplication on the result of a division. While this can lead to slighlty less accurate results, the large supply of the token makes this impact negligible at most.
  • Some gas optimizations can be achieved through declaring functions external instead of public and some variables constant. As this contract is already deployed, this is merely informational.
  • Utilization of SafeMath to prevent overflows.

Audit Findings Summary
  • No external security issues were identified.
  • The team's locked ~10% of the supply, but it will vest to them over 100 days; providing them as much as the LP pool has every ~11 days.
  • Multiple wallets can drain the liquidity pool by ~50% each at any time.
  • Date: April 11th, 2021
  • Update Date: April 12th, 2021 - Locking of tokens by the team.

Audit Results

Vulnerability CategoryNotesResult
Arbitrary Storage WriteN/APASS
Arbitrary JumpN/APASS
Delegate Call to Untrusted ContractN/APASS
Dependence on Predictable VariablesN/APASS
Deprecated OpcodesN/APASS
Ether ThiefN/APASS
External CallsN/APASS
Flash LoansN/APASS
Integer Over/UnderflowN/APASS
Multiple SendsN/APASS
State Change External CallsN/APASS
Unchecked RetvalN/APASS
User Supplied AssertionN/APASS
Critical Solidity CompilerN/APASS
Overall Contract Safety PASS

Function Graph

ERC20 Token Graph

Inheritence Chart

Multi-file Token

Functions Overview

 ($) = payable function
 # = non-constant function
 Int = Internal
 Ext = External
 Pub = Public
 +  Context 
    - [Int] _msgSender
    - [Int] _msgData

 + [Int] IERC20 
    - [Ext] totalSupply
    - [Ext] balanceOf
    - [Ext] transfer #
    - [Ext] allowance
    - [Ext] approve #
    - [Ext] transferFrom #

 + [Lib] SafeMath 
    - [Int] add
    - [Int] sub
    - [Int] sub
    - [Int] mul
    - [Int] div
    - [Int] div
    - [Int] mod
    - [Int] mod

 + [Lib] Address 
    - [Int] isContract
    - [Int] sendValue #
    - [Int] functionCall #
    - [Int] functionCall #
    - [Int] functionCallWithValue #
    - [Int] functionCallWithValue #
    - [Prv] _functionCallWithValue #

 +  Ownable (Context)
    - [Pub]  #
    - [Pub] owner
    - [Pub] renounceOwnership #
       - modifiers: onlyOwner
    - [Pub] transferOwnership #
       - modifiers: onlyOwner

 +  VANCAT (Context, IERC20, Ownable)
    - [Pub]  #
    - [Pub] name
    - [Pub] symbol
    - [Pub] decimals
    - [Pub] totalSupply
    - [Pub] balanceOf
    - [Pub] transfer #
    - [Pub] allowance
    - [Pub] approve #
    - [Pub] transferFrom #
    - [Pub] increaseAllowance #
    - [Pub] decreaseAllowance #
    - [Pub] isExcluded
    - [Pub] totalFees
    - [Pub] reflect #
    - [Pub] reflectionFromToken
    - [Pub] tokenFromReflection
    - [Ext] excludeAccount #
       - modifiers: onlyOwner
    - [Ext] includeAccount #
       - modifiers: onlyOwner
    - [Prv] _approve #
    - [Prv] _transfer #
    - [Prv] _transferStandard #
    - [Prv] _transferToExcluded #
    - [Prv] _transferFromExcluded #
    - [Prv] _transferBothExcluded #
    - [Prv] _reflectFee #
    - [Prv] _getValues
    - [Prv] _getTValues
    - [Prv] _getRValues
    - [Prv] _getRate
    - [Prv] _getCurrentSupply