Ganymede x Solid Group: Audit Results

Solidgroup
4 min readJul 23, 2021

--

Auditing Process

Solid Group’s auditing process goes in-depth and covers a wide range of token code characteristics. The main things the audit checks for are vulnerabilities and imminent risks to the safety and security of the code, Solid Group does an extensive auditing process intending to help their customers increase their code quality while reducing the high level of risk presented by cryptographic tokens and blockchain technology.

Highlights of the process

✅BEP-20’s Conformance

✅ No mint function

Contract

Contract

Findings

Issue #1 | Owner Capabilities | 🔴 High | 🔍 freezeToken | ✅ Fixed

Description

The token can be frozen by the owner of the contract making it unsalable, only the owner of the contract can sell the token.

if (sender != owner() && _isFrozen)
{
revert(“token is frozen”);
}

Recommendation

Given the fact that the contract is already deployed and cannot be updated, Our recommendation is to call renounce ownership or to transfer the ownership to a contract that would have diminished owner capabilities, For example, a contract that cannot call freezeToken function.

Issue #2 | Owner Capabilities | 🔴 High | 🔍 freezeToken | ✅ Fixed

Description

The owner of the contract can set the fee by calling changeFeePercentage to any value he desires. If the owner sets the fee to 100% the token will be untradable.

Recommendation

Given the fact that the contract is already deployed and cannot be updated, Our recommendation is to call renounce ownership or to transfer the ownership to a contract that would have diminished owner capabilities, For example, a contract that can call changeFeePercentage function with limit.

Issue #3 | Gas Optimization| 🟢 Informational| freezeToken | ✅ Fixed

Description

The public functions freezeToken, unfreezeToken, feePercentage, feeWallet, deliver, reflectionFromToken, includeInFee, excludeFromFee, excludeFromReward, setSwapAndLiquifyEnabled, isExcludedFromFee should be declared as external to save on gas fees.

Issue #4 | Best Practice| 🟢 Informational| freezeToken | ✅ Fixed

Description

Lack of events in the contract. The functions freezeToken , unfreezeToken, addFromFees, removeFromFees, addToFees, removeToFees, addTeamWallet, removeTeamWallet, changeFeePercentage should emit events. Functions that change the state of the contract or mitigate important variables value should emit events.

About Ganymede

Ganymede provides an algorithmic trading service that you can access through their token $GANY.

The trading bot is controlled by you via telegram and can either long or short the market with different risk levels (spot and futures).

The bot trades your funds on FTX and the latest results show profit ranging from 10% to 30% monthly. In addition to the trading service, Ganymede uses its algorithm on one main FTX account ($40k) to buyback and burn its token with the profits generated.

Token holders are rewarded by both the buyback and burn program that will inflate the token price over time as well as $GANY airdrop coming from the 10% tax applied on every $GANY sell.

Ganymede is different from its competitor as you generate profits from the algorithmic trading bot as well as from their tokenomics.

🌏 Website|🗣 Telegram group |📣 Telegram Ann |🐦 Twitter |🅼 Medium

About Solid Group

Solid Group is a blockchain consulting and auditing service provider, founded by 3 cybersecurity experts with a passion for thinking out of the box, learning, and sharing knowledge. Every project goes through a meticulous process and is viewed by at least two partners, thereby achieving a high level of credibility and professionalism. Our group is partnered with multiple organizations and launchpads that have a combined market cap of over 400 million USD.

📣 Telegram| 🗣Telegram discussion group |🐦 Twitter |🛡 Contact for audit

Disclaimer

SolidGroup reports are not, nor should be considered, an “endorsement” or “disapproval” of any particular project or team. These reports are not, nor should be considered, an indication of the economics or value of any “product” or “asset” created by any team. Solid Group do not cover testing or auditing the integration with external contract or services (such as Unicrypt, Uniswap, PancakeSwap etc’…)

SolidGroup Audits do not provide any warranty or guarantee regarding the absolute bug-free nature of the technology analyzed, nor do they provide any indication of the technologies proprietors. SolidGroup Audits should not be used in any way to make decisions around investment or involvement with any particular project. These reports in no way provide investment advice, nor should be leveraged as investment advice of any sort. SolidGroup Reports represent an extensive auditing process intending to help our customers increase the quality of their code while reducing the high level of risk presented by cryptographic tokens and blockchain technology. Blockchain technology and cryptographic assets present a high level of ongoing risk. SolidGroup’s position is that each company and individual are responsible for their own due diligence and continuous security. SolidGroup in no way claims any guarantee of security or functionality of the technology we agree to analyze.

--

--

Solidgroup
Solidgroup

Written by Solidgroup

We are a group 3 software developers with combined experience of over 15years in various fields such as Software design, Operating systems, and solidity.

No responses yet