Findings
Issue 01
Type | Severity | Location | Status |
Owner Capabilities | High | setTaxFee | ✔️ Resolved |
Description
The owner of the contract can set the tax fee to any value he desires.
Recommendation:
Consider adding an upper limit to the set functions.
Issue 02
Type | Severity | Location | Status |
Logical Issue | Low | _transfer | Acknowledged |
Description
There is no way to distinguish between buy/sell and add/remove liquidity transactions since both buy and remove liquidity operations receive tokens from the pair address (the pair is sending tokens to the caller) and sell and add liquidity follow the same logic. Therefore, fees will be taken on add liquidity transactions and remove liquidity transactions as well.
Recommendation:
Consider supporting excluding specific addresses from fees (For example, the address which adds the liquidity).
Issue 03
Type | Severity | Location | Status |
Volatile Code | High | burn | ✔️ Resolved |
Description
The Admin role can burn tokens (decrease the balance of any holder) on behalf of any address.
Recommendation:
Consider implementing burnFrom logic, which checks that the caller has an allowance to burn tokens on behalf of the account.
Last updated