Revolutionize Your Business with Xamer's Smart Audit Services
On-chain smart contract security monitoring
Built on the Binance Smart Chain, SEEDx is an AMM that uses a limit and Market order book to provide instantaneous trades, pooled liquidity, and innovative yield-generating features.
Audits
Onboarded Date
22/May/2023
Contracts
0x0cB...7C605
Website
We talked about a project on linkedin.
Create new project Buildng product
Adding a new event with attachments
added a new member to velzon dashboard
These customers can rest assured their order has been placed.
They all have something to say beyond the words on the page. They can come across as casual or neutral, exotic or graphic.
2 days left notification to submit the monthly sales report. Reports Builder
User Erica245 submitted a ticket.
Team Leader & HR
Projects
Tasks
Full Stack Developer
Project Manager
UI/UX Designer
Team Leader & Web Developer
Backend Developer
Front-End Developer
Web Designer
Wed Developer
Showing 1 to 10 of 12 entries
All Findings
Acknowledge
Partially
Resolved
0x0cBfDea4F4...7C605
Token Standard
Functions
Verified Contract
/** *Submitted for verification at BscScan.com on 2023-02-16*//** *Submitted for verification at Etherscan.io on 2021-05-23*//* SPDX-License-Identifier: Apache-2.0*/pragma solidity 0.6.9;pragma experimental ABIEncoderV2;library SafeMath { function mul(uint256 a, uint256 b) internal pure returns (uint256) { if (a == 0) { return 0; } uint256 c = a * b; require(c / a == b, "MUL_ERROR"); return c; } function div(uint256 a, uint256 b) internal pure returns (uint256) { require(b > 0, "DIVIDING_ERROR"); return a / b; } function divCeil(uint256 a, uint256 b) internal pure returns (uint256) { uint256 quotient = div(a, b); uint256 remainder = a - quotient * b; if (remainder > 0) { return quotient + 1; } else { return quotient; } } function sub(uint256 a, uint256 b) internal pure returns (uint256) { require(b <= a, "SUB_ERROR"); return a - b; } function add(uint256 a, uint256 b) internal pure returns (uint256) { uint256 c = a + b; require(c >= a, "ADD_ERROR"); return c; } function sqrt(uint256 x) internal pure returns (uint256 y) { uint256 z = x / 2 + 1; y = x; while (z < y) { y = z; z = (x / z + z) / 2; } }}contract Ownable { address public _OWNER_; address public _Future_OWNER_; // ============ Events ============ event OwnershipTransferPrepared(address indexed previousOwner, address indexed newOwner); event OwnershipTransferred(address indexed previousOwner, address indexed newOwner); // ============ Modifiers ============ modifier onlyOwner() { require(msg.sender == _OWNER_, "NOT_OWNER"); _; } // ============ Functions ============ constructor() internal { _OWNER_ = msg.sender; emit OwnershipTransferred(address(0), _OWNER_); } function transferOwnership(address futureOwner) external onlyOwner { require(futureOwner != address(0), "INVALID_OWNER"); emit OwnershipTransferPrepared(_OWNER_, futureOwner); _Future_OWNER_ = futureOwner; } function claimOwnership() external { require(msg.sender == _Future_OWNER_, "INVALID_CLAIM"); emit OwnershipTransferred(_OWNER_, _Future_OWNER_); _OWNER_ = _Future_OWNER_; _Future_OWNER_ = address(0); }}contract SEEDx is Ownable { using SafeMath for uint256; string public name = "SEEDx"; uint256 public decimals = 18; string public symbol = "SEEDx"; uint256 public totalSupply; uint256 public maxSupply = 25e25; mapping(address => uint256) balances; mapping(address => mapping(address => uint256)) internal allowed; event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount); event Mint(address indexed user, uint256 value); event Burn(address indexed user, uint256 value); event Redeem(address indexed sender, address indexed redeemToEthAccount, uint256 value); function transfer(address to, uint256 amount) public returns (bool) { require(to != address(0), "TO_ADDRESS_IS_EMPTY"); require(amount <= balances[msg.sender], "BALANCE_NOT_ENOUGH"); balances[msg.sender] = balances[msg.sender].sub(amount); balances[to] = balances[to].add(amount); emit Transfer(msg.sender, to, amount); return true; } function balanceOf(address owner) public view returns (uint256 balance) { return balances[owner]; } function transferFrom( address from, address to, uint256 amount ) public returns (bool) { require(to != address(0), "TO_ADDRESS_IS_EMPTY"); require(amount <= balances[from], "BALANCE_NOT_ENOUGH"); require(amount <= allowed[from][msg.sender], "ALLOWANCE_NOT_ENOUGH"); balances[from] = balances[from].sub(amount); balances[to] = balances[to].add(amount); allowed[from][msg.sender] = allowed[from][msg.sender].sub(amount); emit Transfer(from, to, amount); return true; } function approve(address spender, uint256 amount) public returns (bool) { allowed[msg.sender][spender] = amount; emit Approval(msg.sender, spender, amount); return true; } function allowance(address owner, address spender) public view returns (uint256) { return allowed[owner][spender]; } function redeem(uint256 value, address redeemToEthAccount) external { require(balances[msg.sender] >= value, "Seedx: NOT_ENOUGH"); balances[msg.sender] = balances[msg.sender].sub(value); totalSupply = totalSupply.sub(value); emit Redeem(msg.sender, redeemToEthAccount, value); } function mint(address user, uint256 value) external onlyOwner { require(maxSupply >= totalSupply.add(value), "Seedx: MINT_OVERLOAD"); balances[user] = balances[user].add(value); totalSupply = totalSupply.add(value); emit Mint(user, value); emit Transfer(address(0), user, value); } function burn(uint256 value) external { require(balances[msg.sender] >= value, "Seedx: NOT_ENOUGH"); balances[msg.sender] = balances[msg.sender].sub(value); totalSupply = totalSupply.sub(value); emit Burn(msg.sender, value); emit Transfer(msg.sender, address(0), value); }}
/**
*Submitted for verification at BscScan.com on 2023-02-16
*/
*Submitted for verification at Etherscan.io on 2021-05-23
/*
SPDX-License-Identifier: Apache-2.0
pragma solidity 0.6.9;
pragma experimental ABIEncoderV2;
library SafeMath {
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "MUL_ERROR");
return c;
function div(uint256 a, uint256 b) internal pure returns (uint256) {
require(b > 0, "DIVIDING_ERROR");
return a / b;
function divCeil(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 quotient = div(a, b);
uint256 remainder = a - quotient * b;
if (remainder > 0) {
return quotient + 1;
} else {
return quotient;
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a, "SUB_ERROR");
return a - b;
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "ADD_ERROR");
function sqrt(uint256 x) internal pure returns (uint256 y) {
uint256 z = x / 2 + 1;
y = x;
while (z < y) {
y = z;
z = (x / z + z) / 2;
contract Ownable {
address public _OWNER_;
address public _Future_OWNER_;
// ============ Events ============
event OwnershipTransferPrepared(address indexed previousOwner, address indexed newOwner);
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
// ============ Modifiers ============
modifier onlyOwner() {
require(msg.sender == _OWNER_, "NOT_OWNER");
_;
// ============ Functions ============
constructor() internal {
_OWNER_ = msg.sender;
emit OwnershipTransferred(address(0), _OWNER_);
function transferOwnership(address futureOwner) external onlyOwner {
require(futureOwner != address(0), "INVALID_OWNER");
emit OwnershipTransferPrepared(_OWNER_, futureOwner);
_Future_OWNER_ = futureOwner;
function claimOwnership() external {
require(msg.sender == _Future_OWNER_, "INVALID_CLAIM");
emit OwnershipTransferred(_OWNER_, _Future_OWNER_);
_OWNER_ = _Future_OWNER_;
_Future_OWNER_ = address(0);
contract SEEDx is Ownable {
using SafeMath for uint256;
string public name = "SEEDx";
uint256 public decimals = 18;
string public symbol = "SEEDx";
uint256 public totalSupply;
uint256 public maxSupply = 25e25;
mapping(address => uint256) balances;
mapping(address => mapping(address => uint256)) internal allowed;
event Transfer(address indexed from, address indexed to, uint256 amount);
event Approval(address indexed owner, address indexed spender, uint256 amount);
event Mint(address indexed user, uint256 value);
event Burn(address indexed user, uint256 value);
event Redeem(address indexed sender, address indexed redeemToEthAccount, uint256 value);
function transfer(address to, uint256 amount) public returns (bool) {
require(to != address(0), "TO_ADDRESS_IS_EMPTY");
require(amount <= balances[msg.sender], "BALANCE_NOT_ENOUGH");
balances[msg.sender] = balances[msg.sender].sub(amount);
balances[to] = balances[to].add(amount);
emit Transfer(msg.sender, to, amount);
return true;
function balanceOf(address owner) public view returns (uint256 balance) {
return balances[owner];
function transferFrom(
address from,
address to,
uint256 amount
) public returns (bool) {
require(amount <= balances[from], "BALANCE_NOT_ENOUGH");
require(amount <= allowed[from][msg.sender], "ALLOWANCE_NOT_ENOUGH");
balances[from] = balances[from].sub(amount);
allowed[from][msg.sender] = allowed[from][msg.sender].sub(amount);
emit Transfer(from, to, amount);
function approve(address spender, uint256 amount) public returns (bool) {
allowed[msg.sender][spender] = amount;
emit Approval(msg.sender, spender, amount);
function allowance(address owner, address spender) public view returns (uint256) {
return allowed[owner][spender];
function redeem(uint256 value, address redeemToEthAccount) external {
require(balances[msg.sender] >= value, "Seedx: NOT_ENOUGH");
balances[msg.sender] = balances[msg.sender].sub(value);
totalSupply = totalSupply.sub(value);
emit Redeem(msg.sender, redeemToEthAccount, value);
function mint(address user, uint256 value) external onlyOwner {
require(maxSupply >= totalSupply.add(value), "Seedx: MINT_OVERLOAD");
balances[user] = balances[user].add(value);
totalSupply = totalSupply.add(value);
emit Mint(user, value);
emit Transfer(address(0), user, value);
function burn(uint256 value) external {
emit Burn(msg.sender, value);
emit Transfer(msg.sender, address(0), value);
55efgwe623bte2563e23sgh23e6d28356egd82ghty
4yetgwtg7236723teyg7et623et2y3eg23et2378ete2
The INRx contract is an ERC20 token INRx, whose owner has the ability to configure the minters, and pause/unpause the contract.
INRx
The contract has been deployed at address following addresses:
In the INRx contract, the owner and the minters are adopted to ensure a good runtime behavior in the contract, which was specified in the finding Centralization Risks in INRxToken.sol.
The advantage of those privileged roles in the codebase is that the client reserves the ability to configure the minters, and pause/unpause the contract according to the runtime. It is also worth noting the potential drawbacks of these functions, which should be clearly stated through the client's action/plan. Additionally, if the private keys of the privileged accounts are compromised, the project could have devastating consequences.
In the contract Black listable _owner authority over the functions shown in the diagram below.
Any compromise to the _owner account may allow the hacker to take advantage of this authority.hacker to take advantage of this authority.
In the contract INRxToken _owner has authority over the functions shown in the diagram below. Any compromise to the_owner account may allow the hacker to take advantage of this authority. hacker to take advantage of this authority.
In the contract Ownable _owner has authority over the functions shown in the diagram below. Any compromise to the _owner account may allow the hacker to take advantage of this authority. Any compromise to the _owner account may allow the hacker to take advantage of this authority.
In the contract Pausable the role _owner has authority over the functions shown in the diagram below. Any compromise to the _owneraccount may allow the hacker to take advantage of this authority.
INRxToken.sol#L784-L784: 784
From the above example, we noticed that Bob spends a total of 150 allowances, instead of 50 allowances, even though Alice changed her mind to only give Bob 50 allowances.
Recommendation:Consider adding a check, in the configureMinter() function, to ensure that the minter is not a minter before.
Example:
Alleviation:[INRx]: The team resolved this issue by adding a check on the minter parameter in commit 55e7b159832d5c870fd14c209253cd9976b27772.
One or more internal functions are not used.
function reset(Counter storage counter) internal {
function _disableInitializers() internal virtual {
function _getInitializedVersion() internal view returns (uint8) {
function _isInitializing() internal view returns (bool) {
function toHexString(uint256 value) internal pure returns (string memory) {
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
function toHexString(address addr) internal pure returns (string memory) {
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
function tryRecover(
function recover(
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
Recommendation:
We recommend removing those unused functions.
Alleviation:
[INRx]: The team resolved this issue by removing the unused functions in commit 55e7b159832d5c870fd14c209253cd9976b27772.
event PauserChanged(address indexed newAddress); PauserChanged is declared in Pausable but never emitted. event BlacklisterChanged(address indexed newBlacklister); BlacklisterChanged is declared in Blacklistable but never emitted.Recommendation:We advise removing the unused events or emitting them in the intended functions.Alleviation:[INRx]: The team resolved this issue by removing the unused events in commit 55e7b159832d5c870fd14c209253cd9976b27772.
The SafeMath library is used unnecessarily. With Solidity compiler versions 0.8.0 or newer, arithmetic operations will automatically revert in case of integer overflow or underflow.library SafeMath {
Note: Only a sample of 2 SafeMath library usage in this contract (out of 11) are shown above.Recommendation:We advise removing the usage of SafeMath library and using the built-in arithmetic operations provided by the Solidity programming language.Alleviation:[INRx]: The team resolved this issue by removing the usage of SafeMath library in commit 55e7b159832d5c870fd14c209253cd9976b27772.
INRxToken.sol#L688-L688: 688
One or more state variables are never used in the codebase.Variable _PERMIT_TYPEHASH_DEPRECATED_SLOT in INRxToken is never used in INRxToken.bytes32 private _PERMIT_TYPEHASH_DEPRECATED_SLOT;contract INRxToken is Ownable, Pausable, Blacklistable,Initializable, IERC20Permit, EIP712 {Recommendation:We advise removing the unused variables.Alleviation:[INRx]: The team resolved this issue by removing the unused variables in commit 55e7b159832d5c870fd14c209253cd9976b27772.
Our industry-leading audit methodology and tooling includes a review of your code’s logic, with a mathematical approach to ensure your program works as intended.