Loading...
Contract Renounce

Project Name

CO2DAO Token

Project Logo

Contract Address

0x9029d8...2aC5

Symbol

CO2

Category

DeFi

Audit Release

Audit Release #748

Platform

bsc
BSC

Contract Type

DAO
Share
Audit Timeline

Audit Request

2023-08-09

Audit Onboard

2023-08-09

Revision At

No Revision

Release At

2023-08-09
About Project

No project description contact developer team for update project description..

Token Information
Token Name :
CO2DAO Token
Token Symbol :
CO2
Token Decimal :
18
Total Supply :
500,000,000,000,000
Holder Count :
4022
Contract Address :
Contract Verified? :
Yes
Projects Age :
1 years, 5 months, 521 days
Contract Type :
BEP20
Compiler :
v0.8.19+commit.7dd6d404
Sol License :
Unlicense
Contract Name :
CO2DAOToken
Contract Created :
Jul-09-2023 05:07:39 PM +UTC
Contract Language :
Solidity
Related Audit :
0
Available
Owner & Deployer Information
Owner Address :
Owner Balance :
0
Owner Percent :
0%
Deployer Address :
Deployer Balance :
139,094,582,775
Deployer Percent :
0%

Project Information

Trust Score

Information About Trust Score

C+
Low Risk

Code Review

1 Minor
1 Medium
1 Major
0 Critical
3 Informational

Safety Overview

E
Very Risk
0-20
D
High Risk
20-35
D+
Risk
35-50
C
Medium Risk
50-60
C+
Low Risk
60-70
B
Secure
70-80
B+
Good Secure
80-90
A
Very Secure
90-100

Trust Score Around Project

Information about trust score other projects

Community Trust

Information About Trust Score

Yes
No

Overview Information

Overview contract information


Notes:

Safe
Be Careful
Danger
Function Detected

Tax / Fees Information

All information about tax information

Buy Tax Information

Tax buy distribution information

Current Buy Tax/Fees: 0.00%
Name TaxReceiverValue
tax0%
Total0%

Sell Tax Information

Tax sell distribution information

Current Sell Tax/Fees: 2.99%
Name TaxReceiverValue
tax3%
Total3%

Transfer Tax Information

Tax transfer distribution information

Name TaxReceiverValue
No tax in this contract%
Total0%

Manual Audit

Recap manual audit information, click tabs on below for explanation, and recommendation

Minor
- Could be fixed, will not bring problems.

1. Potential use of block.timestamp as source of randomness

Risk Scenario

Based on our analysis, [CO2DAOToken.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32)](CO2.sol#L1107-L1146) uses timestamp for comparisons Dangerous comparisons: - [require(bool,string)(block.timestamp <= expiry,CO2::delegateBySig: signature expired)](CO2.sol#L1144)

Risk Recommendation:

We would recommend project owner to not use any of the environment variables like coinbase, gaslimit, block number and timestamp as sources of randomness since they are predictable and be aware that such usage could introduces a certain level of trust into miners. Keep in mind that malicious miner can manipulate the value of those variables and that any attackers could also predetermine the hashes of earlier blocks. However, based on our analysis, there’s nothing to be done by project owner since in each of the “block.number” value was used as a means to keep track of time/epoch that relates to the trigger of a specific function.

Section that explains how to fix existing risks

Risk Code
CO2DAOToken.sol

Section that explains the lines of code that contain risks

Audit Information

Information audit recap

CO2DAO Token

View PDF
Manual ReviewStatic AnalysisDynamic AnalysisSymbolic ExecutionSWC CheckDynamic Testing

Contract Name

CO2DAOToken

Compiler

v0.8.19+commit.7dd6d404

Language

Solidity

License

Unlicense
Audit Timeline

Audit Request

2023-08-09

Audit Onboard

2023-08-09

Revision At

No Revision

Release At

2023-08-09

Issue Information

Critical Count:
Major Count:
Medium Count:
Minor Count:
Informational Count:
0
1
1
1
3

Issue Tags

No Tags
Minting
Dangerous strict equalities
Potential use of block.timestamp as source of randomness
Safemath
Whitelist
Set Fees

Contract Detail

All information about contract detail

Loading...

Contract Inheritance

Information about contract inheritance and relation

platform

Address Indexing

This tools will be extracted all address from contract code for checking wrong address (notice user)

Loading...

Dex Information

Information about dex list

Pair List

PancakeV2
$5,560
UniswapV3
$7
PancakeV3
$2

Website Information

Information about project website

SSL Status

Secured

Website Domain

.money

Web Status

Not Active / Cloudflare

SSL Provider

Google Trust Services LLC

Speed Information

First Contentful Paint: 2.7s
Fully loaded Time: 5.6s

Domain Checker

Website: https://co2.money/

country

Location:Loading...

Region: Loading...

Token Holder & Lp Information

Information about token holder and liquidity protocol

IDAddressBalancePercentTagUnlocked Date
10x000...dead
$487,556,331,931,179
97.51%
20xd54...fb6f
$5,296,943,291,188
1.06%PancakeV2
30xf57...137b
$1,675,347,810,228
0.34%
40x184...81f8
$1,171,702,846,475
0.23%
50xa98...6f88
$842,083,913,338
0.17%
60x725...e262
$542,646,148,412
0.11%
70x1e6...c4f9
$359,922,089,816
0.07%
80x3ad...bfd9
$186,790,405,900
0.04%
90xf25...e4ba
$162,815,828,778
0.03%
100xd8a...c872
$139,094,582,775
0.03%
IDAddressBalancePercentTagUnlocked Date
10x0c8...8820
$155,077,240
100.00%TeamFinance
20x000...0000
$0
0.00%Null Address

BlockSAFU Automatic Vulnerability Scan

Vuln list information and explanation

Function Summary

All information about function summary

Report By Investor

All investor report

No Report

Comment

Post Comment
Connect Wallet on top first
No comment in this audit projects

Disclaimer

This audit provides a technical evaluation of the associated project's smart contract. It aims to enhance security and value perception but does not guarantee safety or profitability. The audit isn't an endorsement of the project and doesn't absolve investors from conducting their due diligence.

Liability for any losses related to the use or interpretation of this audit is expressly disclaimed. Investing in blockchain and cryptocurrency projects inherently involves risk, and investors should only commit funds they are prepared to lose.

Investors are strongly advised to "Do Your Research" (DYOR). Here's a simplified checklist to guide the DYOR process:

1. Research the project and team.
2. Review audits and code.
3. Analyze token metrics and unlock dates.
4. Verify self-contribution in the launchpad pool.
5. Understand the token's functions and features.
6. Investigate token explorer comments.
7. Assess community activity and reviews.
8. Verify partnerships and compare the roadmap with the team's capabilities.
9. Trust your intuition and evaluate risks.