Report Statement:
Lunaray has now started projectluna, which by scanning the security of smart contracts in decentralized projects in the blockchain ecosystem, Our team try our best to find security problems in smart contracts and reduce asset losses. This scan result is only for general security vulnerabilities and is not used as the final contract security audit result, nor as investment advice for users. If you have any questions, please contact support@lunaray.co.
The scan contract address:
The scan tool:
Lunaray Contract Security Scanner
Scan result:
By scanning the PancakeSwap contract, it is found there are types of security risks:
● [“low”] wrong storage usage
● [“info”] hard coding
● [“low”] onlyowner
● [“info”] no events added
● [“info”] unclear type
● [“low”] self transfer
● [“low”] unchecked empty address
Security advice:
○ advice: Use memory instead of storage
○ advice: Replace magic number with an enumeration or constant definition
○ advice: It is recommended to set TimeLock time lock to time bound the administrator operation; it is recommended to store this administrator key securely.
○ advice: It is recommended to add event logging of user or administrator sensitive actions to add clarity to the operation of the project.
○ advice: using explicitly type like: uint256
○ advice: It is recommended to determine whether the sending and receiving addresses are the same
○ advice: Adding a determination of whether the incoming address is address(0)
Lunaray social media
Twitter: https://twitter.com/lunaray_sec
Github: https://github.com/LunaraySec
Telegram:http://t.me/LunaraySec
Facebook: https://www.facebook.com/lunarayblockchain
Quora:https://blockchainsecurityaudit.quora.com/
Reddit:https://www.reddit.com/user/Lunarayblockchain/
Instagram: https://www.instagram.com/lunarayblockchain02/
Website: https://lunaray.co
