Findings

Issue 01

Description

There is a receive function in the contract, which means any address can send BNB to the contract. The problem is that there is no way to recover BNB that were mistakenly sent to the contract.

Recommendation

In order to prevent the contract from receiving BNB from investors, which will result in a loss of funds, our recommendation is to only accept BNB from “whitelisted” addresses (e.g. the router address). The receive function will revert if the address is not whitelisted.

Issue 02

Description

This statement has no effect. Consider removing it in order to save gas fees

    if (amount == 0) {
        super._transfer(from, to, 0);
        return;
    }

General Notes

There is a chance that the contract will accrue a significant amount of tokens. The consequence is a pretty significant price drop because of the large number of tokens that would enter the pool. The team should be aware of this issue, and monitor the maximum amount of tokens that is being sold for BNB and modify the value if needed.