SolarFare X Solid Group: Audit Results

Auditing Process

Solid Group’s auditing process goes in-depth and covers a wide range of token code characteristics. The main things the audit checks for are vulnerabilities and imminent risks to the safety and security of the code, Solid Group does an extensive auditing process intending to help their customers increase their code quality while reducing the high level of risk presented by cryptographic tokens and blockchain technology.

Contract

SolarFare Token Contract | Staking Contract

Tokenomics

Total Supply 1,000,000,000 ✅

Team Fund 20,000,000 (2%) locked 1 year ✅

Marketing fund 30,736,200 (3,1%) locked 3 months ✅

Presale 580,000,000 ✅

Liquidity 358,822,800 ✅

Unicrypt fee 10,440,000 ✅

Presale price: 1 WBNB = 580,000 SLF ✅

Listing price: 1 WBNB = 522,000 SLF (10%) ✅

70% of the raised bnb will go for liquidity addition on listing, and are locked for 11 months on Unicrypt platform.

Solarfare (SLF) Lockup Overview | Team by TrustSwap

Unicrypt presale tokenomics:

Highlights of the process

✅BEP-20’s Conformance

✅ No external mint function

✅ No volatile code

✅ KYC

Audit Findings

• Issue 𝟏| Severity 🔴 High | Fixed ✅

Description

The owner of the contract can set the staking address by calling setStakingAddress() function.

The owner can set the stakingAddress function to an address of which he owns and receive all the bnb that was supposed to be taken for the staking pool.

Otherwise, another possible scenario is by creating a new contract, the owner can set the staking address to the new contract, and not implement a distribute function, making the token unsellable.

Recommendation

Our recommendation is to set the staking address only once.

Solid Group should confirm this address before the launch.

Updated code

• Issue 2| Severity 🔴 High | ✅

Description

charityAddress is an address controlled by the owner. If this address is a contract that doesn’t implement a receive() function the token won’t be saleable since it will always fail to execute.

Recommendation

Solid Group should confirm this address before the launch.

The charity address is 0x8B99F3660622e21f2910ECCA7fBe51d654a1517D which is a simple BEP-20 address that can receive BNB, and the scenario described above is not possible in this case. This address is constant and cannot be changed by the owner.

• Issue 3| Severity 🔴 High | Fixed ✅

Description

The contract adds liquidity from the accumulated fees. The recipient of the liquidity tokens is the owner of the contract, which means all the LP tokens that were added for liquidity are unlocked and held by the owner.

Recommendation

Our recommendation is to change the recipient of the liquidity tokens to the contract.

Updated code

Issue 4| Severity 🟢 Informational| Fixed ✅

Description

Lack of events, Missing event in the function updateWhitelist functions.

Recommendation

Our recommendation is to emit event when the state of the contract is changed.

Updated code

• Issue 5| Severity 🟢 Informational| Fixed ✅

Description

Lack of events, Missing event in the function setStakingAddress().

Recommendation

Our recommendation is to emit event when the state of the contract is changed.

Updated code

Summary

All the issues we found were fixed by the team.

About SolareFare

SolarFare (SLF) is a BEP-20 token with LP acquisition, staking to earn BNB, and charity donations to the Binance wallet

🌏 Website |🗣Telegram |📣Twitter |🐱 GitHub

AMA Details

14:00 UTC on Monday https://t.me/overdose_gems_group

About Solid Group

Solid Group is a team of hard-seasoned crypto developers and smart contract auditors. In essence, Solid is a blockchain consulting and auditing service provider that 3 cybersecurity experts founded with a passion for thinking out of the box, learning, and sharing knowledge. Every project goes through a meticulous process and is viewed by at least two partners, thereby achieving a high level of credibility and professionalism. Our team found many high severity issues in the production code and always love to support the customers in finding the best solution.

📣 Telegram| 🗣Telegram discussion group |📣 Twitter |🛡 Contact for audit

Disclaimer

SolidGroup reports are not, nor should be considered, an “endorsement” or “disapproval” of any particular project or team. These reports are not, nor should be considered, an indication of the economics or value of any “product” or “asset” created by any team. Solid Group does not cover testing or auditing the integration with external contracts or services (such as Unicrypt, Uniswap, PancakeSwap, etc’…)

SolidGroup Audits do not provide any warranty or guarantee regarding the absolute bug-free nature of the technology analyzed, nor do they provide an indication of the technology proprietors. SolidGroup Audits should not be used in any way to make decisions around investment or involvement with any particular project. These reports in no way provide investment advice, nor should be leveraged as investment advice of any sort. SolidGroup Reports represent an extensive auditing process intending to help our customers increase the quality of their code while reducing the high level of risk presented by cryptographic tokens and blockchain technology. Blockchain technology and cryptographic assets present a high level of ongoing risk. SolidGroup’s position is that each company and individual are responsible for their own due diligence and continuous security. SolidGroup in no way claims any guarantee of security or functionality of the technology we agree to analyze.