├── Slavicoin.Full.sol ├── SlavicoinProxy.Full.sol └── [Slavi _10032022]SCAudit_Report.pdf /Slavicoin.Full.sol: -------------------------------------------------------------------------------- 1 | // File: @openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol 2 | 3 | // SPDX-License-Identifier: MIT 4 | 5 | pragma solidity ^0.8.0; 6 | 7 | /** 8 | * @dev Interface of the ERC20 standard as defined in the EIP. 9 | */ 10 | interface IERC20Upgradeable { 11 | /** 12 | * @dev Returns the amount of tokens in existence. 13 | */ 14 | function totalSupply() external view returns (uint256); 15 | 16 | /** 17 | * @dev Returns the amount of tokens owned by `account`. 18 | */ 19 | function balanceOf(address account) external view returns (uint256); 20 | 21 | /** 22 | * @dev Moves `amount` tokens from the caller's account to `recipient`. 23 | * 24 | * Returns a boolean value indicating whether the operation succeeded. 25 | * 26 | * Emits a {Transfer} event. 27 | */ 28 | function transfer(address recipient, uint256 amount) external returns (bool); 29 | 30 | /** 31 | * @dev Returns the remaining number of tokens that `spender` will be 32 | * allowed to spend on behalf of `owner` through {transferFrom}. This is 33 | * zero by default. 34 | * 35 | * This value changes when {approve} or {transferFrom} are called. 36 | */ 37 | function allowance(address owner, address spender) external view returns (uint256); 38 | 39 | /** 40 | * @dev Sets `amount` as the allowance of `spender` over the caller's tokens. 41 | * 42 | * Returns a boolean value indicating whether the operation succeeded. 43 | * 44 | * IMPORTANT: Beware that changing an allowance with this method brings the risk 45 | * that someone may use both the old and the new allowance by unfortunate 46 | * transaction ordering. One possible solution to mitigate this race 47 | * condition is to first reduce the spender's allowance to 0 and set the 48 | * desired value afterwards: 49 | * https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 50 | * 51 | * Emits an {Approval} event. 52 | */ 53 | function approve(address spender, uint256 amount) external returns (bool); 54 | 55 | /** 56 | * @dev Moves `amount` tokens from `sender` to `recipient` using the 57 | * allowance mechanism. `amount` is then deducted from the caller's 58 | * allowance. 59 | * 60 | * Returns a boolean value indicating whether the operation succeeded. 61 | * 62 | * Emits a {Transfer} event. 63 | */ 64 | function transferFrom(address sender, address recipient, uint256 amount) external returns (bool); 65 | 66 | /** 67 | * @dev Emitted when `value` tokens are moved from one account (`from`) to 68 | * another (`to`). 69 | * 70 | * Note that `value` may be zero. 71 | */ 72 | event Transfer(address indexed from, address indexed to, uint256 value); 73 | 74 | /** 75 | * @dev Emitted when the allowance of a `spender` for an `owner` is set by 76 | * a call to {approve}. `value` is the new allowance. 77 | */ 78 | event Approval(address indexed owner, address indexed spender, uint256 value); 79 | } 80 | 81 | // File: @openzeppelin/contracts-upgradeable/token/ERC20/extensions/IERC20MetadataUpgradeable.sol 82 | 83 | 84 | pragma solidity ^0.8.0; 85 | 86 | 87 | /** 88 | * @dev Interface for the optional metadata functions from the ERC20 standard. 89 | * 90 | * _Available since v4.1._ 91 | */ 92 | interface IERC20MetadataUpgradeable is IERC20Upgradeable { 93 | /** 94 | * @dev Returns the name of the token. 95 | */ 96 | function name() external view returns (string memory); 97 | 98 | /** 99 | * @dev Returns the symbol of the token. 100 | */ 101 | function symbol() external view returns (string memory); 102 | 103 | /** 104 | * @dev Returns the decimals places of the token. 105 | */ 106 | function decimals() external view returns (uint8); 107 | } 108 | 109 | // File: @openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol 110 | 111 | 112 | // solhint-disable-next-line compiler-version 113 | pragma solidity ^0.8.0; 114 | 115 | /** 116 | * @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed 117 | * behind a proxy. Since a proxied contract can't have a constructor, it's common to move constructor logic to an 118 | * external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer 119 | * function so it can only be called once. The {initializer} modifier provided by this contract will have this effect. 120 | * 121 | * TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as 122 | * possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}. 123 | * 124 | * CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure 125 | * that all initializers are idempotent. This is not verified automatically as constructors are by Solidity. 126 | */ 127 | abstract contract Initializable { 128 | 129 | /** 130 | * @dev Indicates that the contract has been initialized. 131 | */ 132 | bool private _initialized; 133 | 134 | /** 135 | * @dev Indicates that the contract is in the process of being initialized. 136 | */ 137 | bool private _initializing; 138 | 139 | /** 140 | * @dev Modifier to protect an initializer function from being invoked twice. 141 | */ 142 | modifier initializer() { 143 | require(_initializing || !_initialized, "Initializable: contract is already initialized"); 144 | 145 | bool isTopLevelCall = !_initializing; 146 | if (isTopLevelCall) { 147 | _initializing = true; 148 | _initialized = true; 149 | } 150 | 151 | _; 152 | 153 | if (isTopLevelCall) { 154 | _initializing = false; 155 | } 156 | } 157 | } 158 | 159 | // File: @openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol 160 | 161 | 162 | pragma solidity ^0.8.0; 163 | 164 | 165 | /* 166 | * @dev Provides information about the current execution context, including the 167 | * sender of the transaction and its data. While these are generally available 168 | * via msg.sender and msg.data, they should not be accessed in such a direct 169 | * manner, since when dealing with meta-transactions the account sending and 170 | * paying for execution may not be the actual sender (as far as an application 171 | * is concerned). 172 | * 173 | * This contract is only required for intermediate, library-like contracts. 174 | */ 175 | abstract contract ContextUpgradeable is Initializable { 176 | function __Context_init() internal initializer { 177 | __Context_init_unchained(); 178 | } 179 | 180 | function __Context_init_unchained() internal initializer { 181 | } 182 | function _msgSender() internal view virtual returns (address) { 183 | return msg.sender; 184 | } 185 | 186 | function _msgData() internal view virtual returns (bytes calldata) { 187 | this; // silence state mutability warning without generating bytecode - see https://github.com/ethereum/solidity/issues/2691 188 | return msg.data; 189 | } 190 | uint256[50] private __gap; 191 | } 192 | 193 | // File: @openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol 194 | 195 | 196 | pragma solidity ^0.8.0; 197 | 198 | 199 | 200 | 201 | 202 | /** 203 | * @dev Implementation of the {IERC20} interface. 204 | * 205 | * This implementation is agnostic to the way tokens are created. This means 206 | * that a supply mechanism has to be added in a derived contract using {_mint}. 207 | * For a generic mechanism see {ERC20PresetMinterPauser}. 208 | * 209 | * TIP: For a detailed writeup see our guide 210 | * https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How 211 | * to implement supply mechanisms]. 212 | * 213 | * We have followed general OpenZeppelin guidelines: functions revert instead 214 | * of returning `false` on failure. This behavior is nonetheless conventional 215 | * and does not conflict with the expectations of ERC20 applications. 216 | * 217 | * Additionally, an {Approval} event is emitted on calls to {transferFrom}. 218 | * This allows applications to reconstruct the allowance for all accounts just 219 | * by listening to said events. Other implementations of the EIP may not emit 220 | * these events, as it isn't required by the specification. 221 | * 222 | * Finally, the non-standard {decreaseAllowance} and {increaseAllowance} 223 | * functions have been added to mitigate the well-known issues around setting 224 | * allowances. See {IERC20-approve}. 225 | */ 226 | contract ERC20Upgradeable is Initializable, ContextUpgradeable, IERC20Upgradeable, IERC20MetadataUpgradeable { 227 | mapping (address => uint256) private _balances; 228 | 229 | mapping (address => mapping (address => uint256)) private _allowances; 230 | 231 | uint256 private _totalSupply; 232 | 233 | string private _name; 234 | string private _symbol; 235 | 236 | /** 237 | * @dev Sets the values for {name} and {symbol}. 238 | * 239 | * The defaut value of {decimals} is 18. To select a different value for 240 | * {decimals} you should overload it. 241 | * 242 | * All two of these values are immutable: they can only be set once during 243 | * construction. 244 | */ 245 | function __ERC20_init(string memory name_, string memory symbol_) internal initializer { 246 | __Context_init_unchained(); 247 | __ERC20_init_unchained(name_, symbol_); 248 | } 249 | 250 | function __ERC20_init_unchained(string memory name_, string memory symbol_) internal initializer { 251 | _name = name_; 252 | _symbol = symbol_; 253 | } 254 | 255 | /** 256 | * @dev Returns the name of the token. 257 | */ 258 | function name() public view virtual override returns (string memory) { 259 | return _name; 260 | } 261 | 262 | /** 263 | * @dev Returns the symbol of the token, usually a shorter version of the 264 | * name. 265 | */ 266 | function symbol() public view virtual override returns (string memory) { 267 | return _symbol; 268 | } 269 | 270 | /** 271 | * @dev Returns the number of decimals used to get its user representation. 272 | * For example, if `decimals` equals `2`, a balance of `505` tokens should 273 | * be displayed to a user as `5,05` (`505 / 10 ** 2`). 274 | * 275 | * Tokens usually opt for a value of 18, imitating the relationship between 276 | * Ether and Wei. This is the value {ERC20} uses, unless this function is 277 | * overridden; 278 | * 279 | * NOTE: This information is only used for _display_ purposes: it in 280 | * no way affects any of the arithmetic of the contract, including 281 | * {IERC20-balanceOf} and {IERC20-transfer}. 282 | */ 283 | function decimals() public view virtual override returns (uint8) { 284 | return 18; 285 | } 286 | 287 | /** 288 | * @dev See {IERC20-totalSupply}. 289 | */ 290 | function totalSupply() public view virtual override returns (uint256) { 291 | return _totalSupply; 292 | } 293 | 294 | /** 295 | * @dev See {IERC20-balanceOf}. 296 | */ 297 | function balanceOf(address account) public view virtual override returns (uint256) { 298 | return _balances[account]; 299 | } 300 | 301 | /** 302 | * @dev See {IERC20-transfer}. 303 | * 304 | * Requirements: 305 | * 306 | * - `recipient` cannot be the zero address. 307 | * - the caller must have a balance of at least `amount`. 308 | */ 309 | function transfer(address recipient, uint256 amount) public virtual override returns (bool) { 310 | _transfer(_msgSender(), recipient, amount); 311 | return true; 312 | } 313 | 314 | /** 315 | * @dev See {IERC20-allowance}. 316 | */ 317 | function allowance(address owner, address spender) public view virtual override returns (uint256) { 318 | return _allowances[owner][spender]; 319 | } 320 | 321 | /** 322 | * @dev See {IERC20-approve}. 323 | * 324 | * Requirements: 325 | * 326 | * - `spender` cannot be the zero address. 327 | */ 328 | function approve(address spender, uint256 amount) public virtual override returns (bool) { 329 | _approve(_msgSender(), spender, amount); 330 | return true; 331 | } 332 | 333 | /** 334 | * @dev See {IERC20-transferFrom}. 335 | * 336 | * Emits an {Approval} event indicating the updated allowance. This is not 337 | * required by the EIP. See the note at the beginning of {ERC20}. 338 | * 339 | * Requirements: 340 | * 341 | * - `sender` and `recipient` cannot be the zero address. 342 | * - `sender` must have a balance of at least `amount`. 343 | * - the caller must have allowance for ``sender``'s tokens of at least 344 | * `amount`. 345 | */ 346 | function transferFrom(address sender, address recipient, uint256 amount) public virtual override returns (bool) { 347 | _transfer(sender, recipient, amount); 348 | 349 | uint256 currentAllowance = _allowances[sender][_msgSender()]; 350 | require(currentAllowance >= amount, "ERC20: transfer amount exceeds allowance"); 351 | _approve(sender, _msgSender(), currentAllowance - amount); 352 | 353 | return true; 354 | } 355 | 356 | /** 357 | * @dev Atomically increases the allowance granted to `spender` by the caller. 358 | * 359 | * This is an alternative to {approve} that can be used as a mitigation for 360 | * problems described in {IERC20-approve}. 361 | * 362 | * Emits an {Approval} event indicating the updated allowance. 363 | * 364 | * Requirements: 365 | * 366 | * - `spender` cannot be the zero address. 367 | */ 368 | function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) { 369 | _approve(_msgSender(), spender, _allowances[_msgSender()][spender] + addedValue); 370 | return true; 371 | } 372 | 373 | /** 374 | * @dev Atomically decreases the allowance granted to `spender` by the caller. 375 | * 376 | * This is an alternative to {approve} that can be used as a mitigation for 377 | * problems described in {IERC20-approve}. 378 | * 379 | * Emits an {Approval} event indicating the updated allowance. 380 | * 381 | * Requirements: 382 | * 383 | * - `spender` cannot be the zero address. 384 | * - `spender` must have allowance for the caller of at least 385 | * `subtractedValue`. 386 | */ 387 | function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) { 388 | uint256 currentAllowance = _allowances[_msgSender()][spender]; 389 | require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero"); 390 | _approve(_msgSender(), spender, currentAllowance - subtractedValue); 391 | 392 | return true; 393 | } 394 | 395 | /** 396 | * @dev Moves tokens `amount` from `sender` to `recipient`. 397 | * 398 | * This is internal function is equivalent to {transfer}, and can be used to 399 | * e.g. implement automatic token fees, slashing mechanisms, etc. 400 | * 401 | * Emits a {Transfer} event. 402 | * 403 | * Requirements: 404 | * 405 | * - `sender` cannot be the zero address. 406 | * - `recipient` cannot be the zero address. 407 | * - `sender` must have a balance of at least `amount`. 408 | */ 409 | function _transfer(address sender, address recipient, uint256 amount) internal virtual { 410 | require(sender != address(0), "ERC20: transfer from the zero address"); 411 | require(recipient != address(0), "ERC20: transfer to the zero address"); 412 | 413 | _beforeTokenTransfer(sender, recipient, amount); 414 | 415 | uint256 senderBalance = _balances[sender]; 416 | require(senderBalance >= amount, "ERC20: transfer amount exceeds balance"); 417 | _balances[sender] = senderBalance - amount; 418 | _balances[recipient] += amount; 419 | 420 | emit Transfer(sender, recipient, amount); 421 | } 422 | 423 | /** @dev Creates `amount` tokens and assigns them to `account`, increasing 424 | * the total supply. 425 | * 426 | * Emits a {Transfer} event with `from` set to the zero address. 427 | * 428 | * Requirements: 429 | * 430 | * - `to` cannot be the zero address. 431 | */ 432 | function _mint(address account, uint256 amount) internal virtual { 433 | require(account != address(0), "ERC20: mint to the zero address"); 434 | 435 | _beforeTokenTransfer(address(0), account, amount); 436 | 437 | _totalSupply += amount; 438 | _balances[account] += amount; 439 | emit Transfer(address(0), account, amount); 440 | } 441 | 442 | /** 443 | * @dev Destroys `amount` tokens from `account`, reducing the 444 | * total supply. 445 | * 446 | * Emits a {Transfer} event with `to` set to the zero address. 447 | * 448 | * Requirements: 449 | * 450 | * - `account` cannot be the zero address. 451 | * - `account` must have at least `amount` tokens. 452 | */ 453 | function _burn(address account, uint256 amount) internal virtual { 454 | require(account != address(0), "ERC20: burn from the zero address"); 455 | 456 | _beforeTokenTransfer(account, address(0), amount); 457 | 458 | uint256 accountBalance = _balances[account]; 459 | require(accountBalance >= amount, "ERC20: burn amount exceeds balance"); 460 | _balances[account] = accountBalance - amount; 461 | _totalSupply -= amount; 462 | 463 | emit Transfer(account, address(0), amount); 464 | } 465 | 466 | /** 467 | * @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens. 468 | * 469 | * This internal function is equivalent to `approve`, and can be used to 470 | * e.g. set automatic allowances for certain subsystems, etc. 471 | * 472 | * Emits an {Approval} event. 473 | * 474 | * Requirements: 475 | * 476 | * - `owner` cannot be the zero address. 477 | * - `spender` cannot be the zero address. 478 | */ 479 | function _approve(address owner, address spender, uint256 amount) internal virtual { 480 | require(owner != address(0), "ERC20: approve from the zero address"); 481 | require(spender != address(0), "ERC20: approve to the zero address"); 482 | 483 | _allowances[owner][spender] = amount; 484 | emit Approval(owner, spender, amount); 485 | } 486 | 487 | /** 488 | * @dev Hook that is called before any transfer of tokens. This includes 489 | * minting and burning. 490 | * 491 | * Calling conditions: 492 | * 493 | * - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens 494 | * will be to transferred to `to`. 495 | * - when `from` is zero, `amount` tokens will be minted for `to`. 496 | * - when `to` is zero, `amount` of ``from``'s tokens will be burned. 497 | * - `from` and `to` are never both zero. 498 | * 499 | * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks]. 500 | */ 501 | function _beforeTokenTransfer(address from, address to, uint256 amount) internal virtual { } 502 | uint256[45] private __gap; 503 | } 504 | 505 | // File: contracts/Slavicoin.sol 506 | 507 | pragma solidity >=0.6.0 <=0.8.0; 508 | 509 | 510 | 511 | contract Slavicoin is Initializable, ERC20Upgradeable { 512 | uint256 public constant _INITIAL_SUPPLY = 990_000_000 * (10**18); 513 | uint256 public constant _IEO_SUPPLY = 10_000_000 * (10**18); 514 | address public constant OWNER_WALLET = 515 | 0x37ee0B71f22A117F88f93884403412C476Ba930A; 516 | address public constant IEO_WALLET = 517 | 0x928DC3fFAAE7dba01F3D8BEF7FdC52563Dc69e5C; 518 | 519 | function initialize() public virtual initializer { 520 | __ERC20_init("Slavi coin", "SLV"); 521 | _mint(address(OWNER_WALLET), _INITIAL_SUPPLY); 522 | _mint(address(IEO_WALLET), _IEO_SUPPLY); 523 | } 524 | } 525 | -------------------------------------------------------------------------------- /SlavicoinProxy.Full.sol: -------------------------------------------------------------------------------- 1 | // File: @openzeppelin/contracts/proxy/Proxy.sol 2 | 3 | // SPDX-License-Identifier: MIT 4 | 5 | pragma solidity >=0.6.0 <0.8.0; 6 | 7 | /** 8 | * @dev This abstract contract provides a fallback function that delegates all calls to another contract using the EVM 9 | * instruction `delegatecall`. We refer to the second contract as the _implementation_ behind the proxy, and it has to 10 | * be specified by overriding the virtual {_implementation} function. 11 | * 12 | * Additionally, delegation to the implementation can be triggered manually through the {_fallback} function, or to a 13 | * different contract through the {_delegate} function. 14 | * 15 | * The success and return data of the delegated call will be returned back to the caller of the proxy. 16 | */ 17 | abstract contract Proxy { 18 | /** 19 | * @dev Delegates the current call to `implementation`. 20 | * 21 | * This function does not return to its internall call site, it will return directly to the external caller. 22 | */ 23 | function _delegate(address implementation) internal virtual { 24 | // solhint-disable-next-line no-inline-assembly 25 | assembly { 26 | // Copy msg.data. We take full control of memory in this inline assembly 27 | // block because it will not return to Solidity code. We overwrite the 28 | // Solidity scratch pad at memory position 0. 29 | calldatacopy(0, 0, calldatasize()) 30 | 31 | // Call the implementation. 32 | // out and outsize are 0 because we don't know the size yet. 33 | let result := delegatecall(gas(), implementation, 0, calldatasize(), 0, 0) 34 | 35 | // Copy the returned data. 36 | returndatacopy(0, 0, returndatasize()) 37 | 38 | switch result 39 | // delegatecall returns 0 on error. 40 | case 0 { revert(0, returndatasize()) } 41 | default { return(0, returndatasize()) } 42 | } 43 | } 44 | 45 | /** 46 | * @dev This is a virtual function that should be overriden so it returns the address to which the fallback function 47 | * and {_fallback} should delegate. 48 | */ 49 | function _implementation() internal view virtual returns (address); 50 | 51 | /** 52 | * @dev Delegates the current call to the address returned by `_implementation()`. 53 | * 54 | * This function does not return to its internall call site, it will return directly to the external caller. 55 | */ 56 | function _fallback() internal virtual { 57 | _beforeFallback(); 58 | _delegate(_implementation()); 59 | } 60 | 61 | /** 62 | * @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if no other 63 | * function in the contract matches the call data. 64 | */ 65 | fallback () external payable virtual { 66 | _fallback(); 67 | } 68 | 69 | /** 70 | * @dev Fallback function that delegates calls to the address returned by `_implementation()`. Will run if call data 71 | * is empty. 72 | */ 73 | receive () external payable virtual { 74 | _fallback(); 75 | } 76 | 77 | /** 78 | * @dev Hook that is called before falling back to the implementation. Can happen as part of a manual `_fallback` 79 | * call, or as part of the Solidity `fallback` or `receive` functions. 80 | * 81 | * If overriden should call `super._beforeFallback()`. 82 | */ 83 | function _beforeFallback() internal virtual { 84 | } 85 | } 86 | 87 | // File: @openzeppelin/contracts/utils/Address.sol 88 | 89 | // SPDX-License-Identifier: MIT 90 | 91 | pragma solidity >=0.6.2 <0.8.0; 92 | 93 | /** 94 | * @dev Collection of functions related to the address type 95 | */ 96 | library Address { 97 | /** 98 | * @dev Returns true if `account` is a contract. 99 | * 100 | * [IMPORTANT] 101 | * ==== 102 | * It is unsafe to assume that an address for which this function returns 103 | * false is an externally-owned account (EOA) and not a contract. 104 | * 105 | * Among others, `isContract` will return false for the following 106 | * types of addresses: 107 | * 108 | * - an externally-owned account 109 | * - a contract in construction 110 | * - an address where a contract will be created 111 | * - an address where a contract lived, but was destroyed 112 | * ==== 113 | */ 114 | function isContract(address account) internal view returns (bool) { 115 | // This method relies on extcodesize, which returns 0 for contracts in 116 | // construction, since the code is only stored at the end of the 117 | // constructor execution. 118 | 119 | uint256 size; 120 | // solhint-disable-next-line no-inline-assembly 121 | assembly { size := extcodesize(account) } 122 | return size > 0; 123 | } 124 | 125 | /** 126 | * @dev Replacement for Solidity's `transfer`: sends `amount` wei to 127 | * `recipient`, forwarding all available gas and reverting on errors. 128 | * 129 | * https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost 130 | * of certain opcodes, possibly making contracts go over the 2300 gas limit 131 | * imposed by `transfer`, making them unable to receive funds via 132 | * `transfer`. {sendValue} removes this limitation. 133 | * 134 | * https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more]. 135 | * 136 | * IMPORTANT: because control is transferred to `recipient`, care must be 137 | * taken to not create reentrancy vulnerabilities. Consider using 138 | * {ReentrancyGuard} or the 139 | * https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern]. 140 | */ 141 | function sendValue(address payable recipient, uint256 amount) internal { 142 | require(address(this).balance >= amount, "Address: insufficient balance"); 143 | 144 | // solhint-disable-next-line avoid-low-level-calls, avoid-call-value 145 | (bool success, ) = recipient.call{ value: amount }(""); 146 | require(success, "Address: unable to send value, recipient may have reverted"); 147 | } 148 | 149 | /** 150 | * @dev Performs a Solidity function call using a low level `call`. A 151 | * plain`call` is an unsafe replacement for a function call: use this 152 | * function instead. 153 | * 154 | * If `target` reverts with a revert reason, it is bubbled up by this 155 | * function (like regular Solidity function calls). 156 | * 157 | * Returns the raw returned data. To convert to the expected return value, 158 | * use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`]. 159 | * 160 | * Requirements: 161 | * 162 | * - `target` must be a contract. 163 | * - calling `target` with `data` must not revert. 164 | * 165 | * _Available since v3.1._ 166 | */ 167 | function functionCall(address target, bytes memory data) internal returns (bytes memory) { 168 | return functionCall(target, data, "Address: low-level call failed"); 169 | } 170 | 171 | /** 172 | * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with 173 | * `errorMessage` as a fallback revert reason when `target` reverts. 174 | * 175 | * _Available since v3.1._ 176 | */ 177 | function functionCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) { 178 | return functionCallWithValue(target, data, 0, errorMessage); 179 | } 180 | 181 | /** 182 | * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], 183 | * but also transferring `value` wei to `target`. 184 | * 185 | * Requirements: 186 | * 187 | * - the calling contract must have an ETH balance of at least `value`. 188 | * - the called Solidity function must be `payable`. 189 | * 190 | * _Available since v3.1._ 191 | */ 192 | function functionCallWithValue(address target, bytes memory data, uint256 value) internal returns (bytes memory) { 193 | return functionCallWithValue(target, data, value, "Address: low-level call with value failed"); 194 | } 195 | 196 | /** 197 | * @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but 198 | * with `errorMessage` as a fallback revert reason when `target` reverts. 199 | * 200 | * _Available since v3.1._ 201 | */ 202 | function functionCallWithValue(address target, bytes memory data, uint256 value, string memory errorMessage) internal returns (bytes memory) { 203 | require(address(this).balance >= value, "Address: insufficient balance for call"); 204 | require(isContract(target), "Address: call to non-contract"); 205 | 206 | // solhint-disable-next-line avoid-low-level-calls 207 | (bool success, bytes memory returndata) = target.call{ value: value }(data); 208 | return _verifyCallResult(success, returndata, errorMessage); 209 | } 210 | 211 | /** 212 | * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], 213 | * but performing a static call. 214 | * 215 | * _Available since v3.3._ 216 | */ 217 | function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) { 218 | return functionStaticCall(target, data, "Address: low-level static call failed"); 219 | } 220 | 221 | /** 222 | * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], 223 | * but performing a static call. 224 | * 225 | * _Available since v3.3._ 226 | */ 227 | function functionStaticCall(address target, bytes memory data, string memory errorMessage) internal view returns (bytes memory) { 228 | require(isContract(target), "Address: static call to non-contract"); 229 | 230 | // solhint-disable-next-line avoid-low-level-calls 231 | (bool success, bytes memory returndata) = target.staticcall(data); 232 | return _verifyCallResult(success, returndata, errorMessage); 233 | } 234 | 235 | /** 236 | * @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], 237 | * but performing a delegate call. 238 | * 239 | * _Available since v3.4._ 240 | */ 241 | function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) { 242 | return functionDelegateCall(target, data, "Address: low-level delegate call failed"); 243 | } 244 | 245 | /** 246 | * @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`], 247 | * but performing a delegate call. 248 | * 249 | * _Available since v3.4._ 250 | */ 251 | function functionDelegateCall(address target, bytes memory data, string memory errorMessage) internal returns (bytes memory) { 252 | require(isContract(target), "Address: delegate call to non-contract"); 253 | 254 | // solhint-disable-next-line avoid-low-level-calls 255 | (bool success, bytes memory returndata) = target.delegatecall(data); 256 | return _verifyCallResult(success, returndata, errorMessage); 257 | } 258 | 259 | function _verifyCallResult(bool success, bytes memory returndata, string memory errorMessage) private pure returns(bytes memory) { 260 | if (success) { 261 | return returndata; 262 | } else { 263 | // Look for revert reason and bubble it up if present 264 | if (returndata.length > 0) { 265 | // The easiest way to bubble the revert reason is using memory via assembly 266 | 267 | // solhint-disable-next-line no-inline-assembly 268 | assembly { 269 | let returndata_size := mload(returndata) 270 | revert(add(32, returndata), returndata_size) 271 | } 272 | } else { 273 | revert(errorMessage); 274 | } 275 | } 276 | } 277 | } 278 | 279 | // File: @openzeppelin/contracts/proxy/UpgradeableProxy.sol 280 | 281 | // SPDX-License-Identifier: MIT 282 | 283 | pragma solidity >=0.6.0 <0.8.0; 284 | 285 | 286 | 287 | /** 288 | * @dev This contract implements an upgradeable proxy. It is upgradeable because calls are delegated to an 289 | * implementation address that can be changed. This address is stored in storage in the location specified by 290 | * https://eips.ethereum.org/EIPS/eip-1967[EIP1967], so that it doesn't conflict with the storage layout of the 291 | * implementation behind the proxy. 292 | * 293 | * Upgradeability is only provided internally through {_upgradeTo}. For an externally upgradeable proxy see 294 | * {TransparentUpgradeableProxy}. 295 | */ 296 | contract UpgradeableProxy is Proxy { 297 | /** 298 | * @dev Initializes the upgradeable proxy with an initial implementation specified by `_logic`. 299 | * 300 | * If `_data` is nonempty, it's used as data in a delegate call to `_logic`. This will typically be an encoded 301 | * function call, and allows initializating the storage of the proxy like a Solidity constructor. 302 | */ 303 | constructor(address _logic, bytes memory _data) public payable { 304 | assert(_IMPLEMENTATION_SLOT == bytes32(uint256(keccak256("eip1967.proxy.implementation")) - 1)); 305 | _setImplementation(_logic); 306 | if(_data.length > 0) { 307 | Address.functionDelegateCall(_logic, _data); 308 | } 309 | } 310 | 311 | /** 312 | * @dev Emitted when the implementation is upgraded. 313 | */ 314 | event Upgraded(address indexed implementation); 315 | 316 | /** 317 | * @dev Storage slot with the address of the current implementation. 318 | * This is the keccak-256 hash of "eip1967.proxy.implementation" subtracted by 1, and is 319 | * validated in the constructor. 320 | */ 321 | bytes32 private constant _IMPLEMENTATION_SLOT = 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc; 322 | 323 | /** 324 | * @dev Returns the current implementation address. 325 | */ 326 | function _implementation() internal view virtual override returns (address impl) { 327 | bytes32 slot = _IMPLEMENTATION_SLOT; 328 | // solhint-disable-next-line no-inline-assembly 329 | assembly { 330 | impl := sload(slot) 331 | } 332 | } 333 | 334 | /** 335 | * @dev Upgrades the proxy to a new implementation. 336 | * 337 | * Emits an {Upgraded} event. 338 | */ 339 | function _upgradeTo(address newImplementation) internal virtual { 340 | _setImplementation(newImplementation); 341 | emit Upgraded(newImplementation); 342 | } 343 | 344 | /** 345 | * @dev Stores a new address in the EIP1967 implementation slot. 346 | */ 347 | function _setImplementation(address newImplementation) private { 348 | require(Address.isContract(newImplementation), "UpgradeableProxy: new implementation is not a contract"); 349 | 350 | bytes32 slot = _IMPLEMENTATION_SLOT; 351 | 352 | // solhint-disable-next-line no-inline-assembly 353 | assembly { 354 | sstore(slot, newImplementation) 355 | } 356 | } 357 | } 358 | 359 | // File: @openzeppelin/contracts/proxy/TransparentUpgradeableProxy.sol 360 | 361 | // SPDX-License-Identifier: MIT 362 | 363 | pragma solidity >=0.6.0 <0.8.0; 364 | 365 | 366 | /** 367 | * @dev This contract implements a proxy that is upgradeable by an admin. 368 | * 369 | * To avoid https://medium.com/nomic-labs-blog/malicious-backdoors-in-ethereum-proxies-62629adf3357[proxy selector 370 | * clashing], which can potentially be used in an attack, this contract uses the 371 | * https://blog.openzeppelin.com/the-transparent-proxy-pattern/[transparent proxy pattern]. This pattern implies two 372 | * things that go hand in hand: 373 | * 374 | * 1. If any account other than the admin calls the proxy, the call will be forwarded to the implementation, even if 375 | * that call matches one of the admin functions exposed by the proxy itself. 376 | * 2. If the admin calls the proxy, it can access the admin functions, but its calls will never be forwarded to the 377 | * implementation. If the admin tries to call a function on the implementation it will fail with an error that says 378 | * "admin cannot fallback to proxy target". 379 | * 380 | * These properties mean that the admin account can only be used for admin actions like upgrading the proxy or changing 381 | * the admin, so it's best if it's a dedicated account that is not used for anything else. This will avoid headaches due 382 | * to sudden errors when trying to call a function from the proxy implementation. 383 | * 384 | * Our recommendation is for the dedicated account to be an instance of the {ProxyAdmin} contract. If set up this way, 385 | * you should think of the `ProxyAdmin` instance as the real administrative interface of your proxy. 386 | */ 387 | contract TransparentUpgradeableProxy is UpgradeableProxy { 388 | /** 389 | * @dev Initializes an upgradeable proxy managed by `_admin`, backed by the implementation at `_logic`, and 390 | * optionally initialized with `_data` as explained in {UpgradeableProxy-constructor}. 391 | */ 392 | constructor(address _logic, address admin_, bytes memory _data) public payable UpgradeableProxy(_logic, _data) { 393 | assert(_ADMIN_SLOT == bytes32(uint256(keccak256("eip1967.proxy.admin")) - 1)); 394 | _setAdmin(admin_); 395 | } 396 | 397 | /** 398 | * @dev Emitted when the admin account has changed. 399 | */ 400 | event AdminChanged(address previousAdmin, address newAdmin); 401 | 402 | /** 403 | * @dev Storage slot with the admin of the contract. 404 | * This is the keccak-256 hash of "eip1967.proxy.admin" subtracted by 1, and is 405 | * validated in the constructor. 406 | */ 407 | bytes32 private constant _ADMIN_SLOT = 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103; 408 | 409 | /** 410 | * @dev Modifier used internally that will delegate the call to the implementation unless the sender is the admin. 411 | */ 412 | modifier ifAdmin() { 413 | if (msg.sender == _admin()) { 414 | _; 415 | } else { 416 | _fallback(); 417 | } 418 | } 419 | 420 | /** 421 | * @dev Returns the current admin. 422 | * 423 | * NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyAdmin}. 424 | * 425 | * TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the 426 | * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call. 427 | * `0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103` 428 | */ 429 | function admin() external ifAdmin returns (address admin_) { 430 | admin_ = _admin(); 431 | } 432 | 433 | /** 434 | * @dev Returns the current implementation. 435 | * 436 | * NOTE: Only the admin can call this function. See {ProxyAdmin-getProxyImplementation}. 437 | * 438 | * TIP: To get this value clients can read directly from the storage slot shown below (specified by EIP1967) using the 439 | * https://eth.wiki/json-rpc/API#eth_getstorageat[`eth_getStorageAt`] RPC call. 440 | * `0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc` 441 | */ 442 | function implementation() external ifAdmin returns (address implementation_) { 443 | implementation_ = _implementation(); 444 | } 445 | 446 | /** 447 | * @dev Changes the admin of the proxy. 448 | * 449 | * Emits an {AdminChanged} event. 450 | * 451 | * NOTE: Only the admin can call this function. See {ProxyAdmin-changeProxyAdmin}. 452 | */ 453 | function changeAdmin(address newAdmin) external virtual ifAdmin { 454 | require(newAdmin != address(0), "TransparentUpgradeableProxy: new admin is the zero address"); 455 | emit AdminChanged(_admin(), newAdmin); 456 | _setAdmin(newAdmin); 457 | } 458 | 459 | /** 460 | * @dev Upgrade the implementation of the proxy. 461 | * 462 | * NOTE: Only the admin can call this function. See {ProxyAdmin-upgrade}. 463 | */ 464 | function upgradeTo(address newImplementation) external virtual ifAdmin { 465 | _upgradeTo(newImplementation); 466 | } 467 | 468 | /** 469 | * @dev Upgrade the implementation of the proxy, and then call a function from the new implementation as specified 470 | * by `data`, which should be an encoded function call. This is useful to initialize new storage variables in the 471 | * proxied contract. 472 | * 473 | * NOTE: Only the admin can call this function. See {ProxyAdmin-upgradeAndCall}. 474 | */ 475 | function upgradeToAndCall(address newImplementation, bytes calldata data) external payable virtual ifAdmin { 476 | _upgradeTo(newImplementation); 477 | Address.functionDelegateCall(newImplementation, data); 478 | } 479 | 480 | /** 481 | * @dev Returns the current admin. 482 | */ 483 | function _admin() internal view virtual returns (address adm) { 484 | bytes32 slot = _ADMIN_SLOT; 485 | // solhint-disable-next-line no-inline-assembly 486 | assembly { 487 | adm := sload(slot) 488 | } 489 | } 490 | 491 | /** 492 | * @dev Stores a new address in the EIP1967 admin slot. 493 | */ 494 | function _setAdmin(address newAdmin) private { 495 | bytes32 slot = _ADMIN_SLOT; 496 | 497 | // solhint-disable-next-line no-inline-assembly 498 | assembly { 499 | sstore(slot, newAdmin) 500 | } 501 | } 502 | 503 | /** 504 | * @dev Makes sure the admin cannot access the fallback function. See {Proxy-_beforeFallback}. 505 | */ 506 | function _beforeFallback() internal virtual override { 507 | require(msg.sender != _admin(), "TransparentUpgradeableProxy: admin cannot fallback to proxy target"); 508 | super._beforeFallback(); 509 | } 510 | } 511 | 512 | // File: contracts/SlavicoinProxy.sol 513 | 514 | // SPDX-License-Identifier: MIT 515 | 516 | pragma solidity ^0.6.2; 517 | 518 | 519 | contract SlavicoinProxy {} 520 | -------------------------------------------------------------------------------- /[Slavi _10032022]SCAudit_Report.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SlvLabs/SLVToken/2bd3076f3a57b8cc10a6ccfef85e8aff79de2f34/[Slavi _10032022]SCAudit_Report.pdf --------------------------------------------------------------------------------