SSHIBA x Solid Group: Audit Results
Auditing Process
Solid Group’s auditing process goes in-depth and covers a wide range of token code characteristics. The main things the audit checks for are vulnerabilities and imminent risks to the safety and security of the code, Solid Group does an extensive auditing process intending to help their customers increase their code quality while reducing the high level of risk presented by cryptographic tokens and blockchain technology.
Contract BSC
Highlights of the process
✅BEP-20’s Conformance
✅ No mint function
Privileged Functions
✅ Ownership was renounced
Findings
Issue #1 |🔍 Location includeInReward | Logical Issue| 🟢 Informational Severity | Status: Not Fixed ❌
Description
The error message in the require doesn’t describe the error correctly.
require(_isExcluded[account], "Account is already excluded");Issue #2 |🔍 Location swapAndLiquify |Logical Issue | 🟠 Medium Severity | Status: Not Fixed ❌
Description
The swapAndLiquify function converts half of the contract’s tokens to BNB. The other half of the tokens are used for liquidity addition. The price of the token drops after executing the first conversion, having said that the other half of tokens require less than the converted BNB to be paired with it when adding liquidity.
Recommendation:
Our recommendation is to use the leftover BNBs for buyback.
⚠️ Note that when swapAndLiquified() function takes place, the tokens that were accumulated as fees are sold to bnb. When this scenario occurs, it may cause a significant decrease in the token price. The team renounced ownership, making it incompetent to prevent swapAndLiquified() functionality.
Issue #3 | 🔍 Location Super Shiba Token (SSHIBA)|Gas Optimization | 🟢Informational Severity | Status: Not Fixed ❌
Description
State variables that are never changed should be constant.
Recommendation
The state variable _decimals, _name, _symbol, _tTotal, and numTokensSellToAddToLiquidityare never changed consider changing their attribute to constant to save on gas.
Issue #4 | 🔍 Location Super Shiba Token (SSHIBA)| Gas Optimization | 🟢 Informational Severity | Status: Not Fixed ❌
Description
The public functions Ownable.getUnlockTime, Ownable.lock, Ownable.unlock, totalFees, deliver, reflectionFromToken, includeInFee, excludeFromFee, excludeFromReward, setSwapAndLiquifyEnabled, isExcludedFromFee should be declared as external.
Recommendation
These functions are only called outside the contract consider using external attribute instead of public.
Vulnerability Summary
Summary
The contract has one medium severity issue and three informational severity issues. The medium severity issue is related to the fact that leftover bnb from liquidity addition may be stuck forever in the contract, instead of benefit the investors. The rest of the issues are informational which doesn’t affect the code itself.
About SSHIBA
Super Shiba is an ecosystem of DeFi platforms centred around introducing newcomers to emerging cryptocurrencies. Each of our platforms addresses issues that currently plague smart contract services, particularly relating to scams and misinformation. Super Shiba’s SafeDex addresses the issue of scams currently riddling the Binance Smart Chain. SafeDex provides an exchange of exclusively audited projects, to reduce the prevalence of rugs and other common scams. Super Shiba’s SafeDex is now live and includes farming and pooling options. Super Shiba’s SafeDex can be found here: https://supershiba.exchange/.
🌏 Website|📣 Telegram| Discord | 🐦 Twitter |
About Solid Group
Solid Group is a blockchain consulting and auditing service provider, founded by 3 cybersecurity experts with a passion for thinking out of the box, learning, and sharing knowledge. Every project goes through a meticulous process and is viewed by at least two partners, thereby achieving a high level of credibility and professionalism. Our group is partnered with multiple organizations and launchpads that have a combined market cap of over 400 million USD.
📣 Telegram| 🗣Telegram discussion group |🐦 Twitter |🛡 Contact for audit | Audit Checker Bot
Disclaimer
SolidGroup reports are not, nor should be considered, an “endorsement” or “disapproval” of any particular project or team. These reports are not, nor should be considered, an indication of the economics or value of any “product” or “asset” created by any team. Solid Group do not cover testing or auditing the integration with external contract or services (such as Unicrypt, Uniswap, PancakeSwap etc’…)
SolidGroup Audits do not provide any warranty or guarantee regarding the absolute bug-free nature of the technology analyzed, nor do they provide any indication of the technologies proprietors. SolidGroup Audits should not be used in any way to make decisions around investment or involvement with any particular project. These reports in no way provide investment advice, nor should be leveraged as investment advice of any sort. SolidGroup Reports represent an extensive auditing process intending to help our customers increase the quality of their code while reducing the high level of risk presented by cryptographic tokens and blockchain technology. Blockchain technology and cryptographic assets present a high level of ongoing risk. SolidGroup’s position is that each company and individual are responsible for their own due diligence and continuous security. SolidGroup in no way claims any guarantee of security or functionality of the technology we agree to analyze.
