Issue 01

Description

There is no guarantee that the owner deposits will satisfy the presale and liquidity rates.

Issue 02

Description

masterCopy is unused and unnecessary. In addition It will be overridden by the implementation contract, making its usage dangerous.

Recommendation

Remove this variable.

Issue 03

Description

The proxy contract call can be frontrun by a malicious user who deploys to the same address as the legitimate user because the salt is generated only by the address and timestamp.

Recommendation

Use a more secure salt that cannot cause denial of service.

Issue 04

Description

Proxy contracts are very vulnerable and may easily cause high severity logical and security issues by misusing them.

Recommendation

Make sure you are familiar with the potential risks of using proxy contracts and have handled them properly.

Issue 05

Description

A struct can be used to pass multiple variables in a more descriptive and readable way.

Issue 06

Description

There are many different places in the code containing "magic numbers". There is no way for us to know what they mean and therefore, review the logic of the code containing them. In addition, parts containing "magic numbers" are more error prone.

For example:

uint256 tokenAmount = values[3].mul(values[6]).mul(1000 + values[11]).div(1000) + values[3].mul(values[7]).mul(1000 - values[10]).div(1000).mul(values[8]).div(1000);

uint256 hardCap = values[3].mul(1000000).div(1000 - values[7]).div(1000 - values[5]);

uint256 tokenAmount = values[4].mul(1000 + (1000 - values[7]).mul(values[5]).div(1000) + values[8]).div(1000);

IBEP20(addresses[0]).safeTransferFrom(msg.sender, launchpad, tokenAmount.div(10**18) + values[15]);

Recommendation

Change these values into variables or constants with descriptive names.

Issue 07

Description

If these values must be equal to a constant you know beforehand, why are they received externally? Just use the const.