VANCAT - Smart Contract Audit Report
VANCAT is a platform where fees charged from transactions are shared among token holders. Fee sharing is instant, increasing the balance of all token holders with each transaction.
Notes on the contract:
- VANCAT is a fork of Reflect Finance (RFI). The key notable differences are the transfer tax which is 10x that of RFI, the increased total supply, and the reduction of decimals to 0.
- The total supply of the token is 1 quadrillion.
- No mint or burn functions exist, though the circulating supply can be decreased by sending tokens to 0x...dead.
- 49% of the total supply has been send to the 0xdead address.
- The team has locked ~10% of the supply on our recommendation, but this lock lasts 3 months and vests over time; giving the team as much as liquidity .
- 1.1% of the supply is in the Uniswap liquidity pool. 23% of liquidity is held unlocked by the team; 67% is locked in an unverified contract for an unknown amount of time.
- 5 wallets hold significantly more than the amount of tokens in the liquidity pool. These wallets are not controlled by the team, but each pose a major risk to liquidity if they were to sell.
- 100% of the fee charged on token transfers is redistributed to existing token holders instantly and automatically at the time of each transaction.
- The owner can exclude any address from the fee mechanism.
- The 10x-ing of the standard fee performs a multiplication on the result of a division. While this can lead to slighlty less accurate results, the large supply of the token makes this impact negligible at most.
- Some gas optimizations can be achieved through declaring functions external instead of public and some variables constant. As this contract is already deployed, this is merely informational.
- Utilization of SafeMath to prevent overflows.
Audit Findings Summary
- No external security issues were identified.
- The team's locked ~10% of the supply, but it will vest to them over 100 days; providing them as much as the LP pool has every ~11 days.
- Multiple wallets can drain the liquidity pool by ~50% each at any time.
- Date: April 11th, 2021
- Update Date: April 12th, 2021 - Locking of tokens by the team.
|Arbitrary Storage Write||N/A||PASS|
|Delegate Call to Untrusted Contract||N/A||PASS|
|Dependence on Predictable Variables||N/A||PASS|
|State Change External Calls||N/A||PASS|
|User Supplied Assertion||N/A||PASS|
|Critical Solidity Compiler||N/A||PASS|
|Overall Contract Safety||PASS|
($) = payable function # = non-constant function Int = Internal Ext = External Pub = Public + Context - [Int] _msgSender - [Int] _msgData + [Int] IERC20 - [Ext] totalSupply - [Ext] balanceOf - [Ext] transfer # - [Ext] allowance - [Ext] approve # - [Ext] transferFrom # + [Lib] SafeMath - [Int] add - [Int] sub - [Int] sub - [Int] mul - [Int] div - [Int] div - [Int] mod - [Int] mod + [Lib] Address - [Int] isContract - [Int] sendValue # - [Int] functionCall # - [Int] functionCall # - [Int] functionCallWithValue # - [Int] functionCallWithValue # - [Prv] _functionCallWithValue # + Ownable (Context) - [Pub]
# - [Pub] owner - [Pub] renounceOwnership # - modifiers: onlyOwner - [Pub] transferOwnership # - modifiers: onlyOwner + VANCAT (Context, IERC20, Ownable) - [Pub] # - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # - [Pub] isExcluded - [Pub] totalFees - [Pub] reflect # - [Pub] reflectionFromToken - [Pub] tokenFromReflection - [Ext] excludeAccount # - modifiers: onlyOwner - [Ext] includeAccount # - modifiers: onlyOwner - [Prv] _approve # - [Prv] _transfer # - [Prv] _transferStandard # - [Prv] _transferToExcluded # - [Prv] _transferFromExcluded # - [Prv] _transferBothExcluded # - [Prv] _reflectFee # - [Prv] _getValues - [Prv] _getTValues - [Prv] _getRValues - [Prv] _getRate - [Prv] _getCurrentSupply