search

Safemoon-Protocol / safemoon.sol

MIT License
79 stars 98 forks source link

Reflection / Burn Logic #1

Open Jovonni opened 3 years ago

Jovonni commented 3 years ago

Hey team,

Great work so far.

I have seen people ask these questions, and I have also wondered myself, but if you can help us understand this, that would be great.

Is the burn + reflection logic manual? If not where in the contract does this logic reside?

Or, is the burn and reflection logic residing in another contract at another address?

It is understood, that the 10% tax exists in the contract, as the two fee variables declared in the token contract:

contract SafeMoon is Context, IERC20, Ownable

but where do we find the logic to:

1) Reward tokens to holders, weighted by how many tokens they hold. I see references to _rOwned and _tOwned

Is it these two functions:


function _transferToExcluded(address sender, address recipient, uint256 tAmount) private {
        (uint256 rAmount, uint256 rTransferAmount, uint256 rFee, uint256 tTransferAmount, uint256 tFee, uint256 tLiquidity) = _getValues(tAmount);
        _rOwned[sender] = _rOwned[sender].sub(rAmount);
        _tOwned[recipient] = _tOwned[recipient].add(tTransferAmount);
        _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount);           
        _takeLiquidity(tLiquidity);
        _reflectFee(rFee, tFee);
        emit Transfer(sender, recipient, tTransferAmount);
    }

    function _transferFromExcluded(address sender, address recipient, uint256 tAmount) private {
        (uint256 rAmount, uint256 rTransferAmount, uint256 rFee, uint256 tTransferAmount, uint256 tFee, uint256 tLiquidity) = _getValues(tAmount);
        _tOwned[sender] = _tOwned[sender].sub(tAmount);
        _rOwned[sender] = _rOwned[sender].sub(rAmount);
        _rOwned[recipient] = _rOwned[recipient].add(rTransferAmount);   
        _takeLiquidity(tLiquidity);
        _reflectFee(rFee, tFee);
        emit Transfer(sender, recipient, tTransferAmount);
    }

includeInReward is the only function I see that is making use of iterating over accounts, aside from _getCurrentSupply

Does the includeInReward function set who in included in the reflection?


function includeInReward(address account) external onlyOwner() {
        require(_isExcluded[account], "Account is already excluded");
        for (uint256 i = 0; i < _excluded.length; i++) {
            if (_excluded[i] == account) {
                _excluded[i] = _excluded[_excluded.length - 1];
                _tOwned[account] = 0;
                _isExcluded[account] = false;
                _excluded.pop();
                break;
            }
        }
    }

2) secondly, where is the logic to Burn the other 50% (from the 10% tax). I see the burn function, and event declared but don't see where they are invoked. I also don't see the burn event is ever emitted in this contract.

These are pretty straightforward answers, and I think this will help quite a bit of supporters, including myself. Any help on this would be greatly appreciated

Love the approach overall 🚀

PiecePaperCode commented 3 years ago

How it works

10% Tax Here The Owner has exkluded himself https://github.com/Safemoon-Protocol/safemoon.sol/blob/0f0aef2f4e6ca00d6a46ca6ea60caa4d36c5fd6f/Safemoon.sol#L1114 Everybody else pays the tax https://github.com/Safemoon-Protocol/safemoon.sol/blob/0f0aef2f4e6ca00d6a46ca6ea60caa4d36c5fd6f/Safemoon.sol#L1134

5% gets added to the LP https://github.com/Safemoon-Protocol/safemoon.sol/blob/0f0aef2f4e6ca00d6a46ca6ea60caa4d36c5fd6f/Safemoon.sol#L964 the contract adress gets the LP Fee _rOwned[address(this)] = _rOwned[address(this)].add(rLiquidity);

5% Token gets Burned https://github.com/Safemoon-Protocol/safemoon.sol/blob/0f0aef2f4e6ca00d6a46ca6ea60caa4d36c5fd6f/Safemoon.sol#L921 the burned amount just gets added to an variable and are taken away from the total supply variable as per this code there is no Burned Wallet you just get returned an int of the total burned amount.

Whats the 0 Adress? With no surprice the owner of the contract himself. https://github.com/Safemoon-Protocol/safemoon.sol/blob/0f0aef2f4e6ca00d6a46ca6ea60caa4d36c5fd6f/Safemoon.sol#L481

and here is how the owner will rugpull out

set Tax to 100%, 0% 50% He can make prevent people of pulling out of this contract https://github.com/Safemoon-Protocol/safemoon.sol/blob/0f0aef2f4e6ca00d6a46ca6ea60caa4d36c5fd6f/Safemoon.sol#L899 Think about if Satoshi could just 100% the fees all by himself BTC would be worthless

This Code was copypasted and a couple of lines are changed. So there is some dead code in ther that dosent run or is runned by another contract but i dont know ether.

Kovan91 commented 3 years ago

Unfortunately, he can. This is often used as a defense mechanism against hackers, but it can be updated with a better one. Many lines should be included

PiecePaperCode commented 3 years ago

https://www.certik.org/projects/safemoon it got adressed here aswell. its an issue that needs to be adressed

hamza9114 commented 2 years ago

https://www.certik.org/projects/safemoon it got adressed here aswell. its an issue that needs to be adressed

For example people buy and then they change tax to 100% and now only owner can sell tax free right? but if owner have no tokens to sell and liquidity is all burned into dead wallet. This happened with me but i am not sure how owner can rug? when he have no tokens and liquidity is burned how he can be benifit by stoping us from selling?? kindly reply

PiecePaperCode commented 2 years ago

https://www.certik.org/projects/safemoon it got adressed here aswell. its an issue that needs to be adressed

For example people buy and then they change tax to 100% and now only owner can sell tax free right? but if owner have no tokens to sell and liquidity is all burned into dead wallet. This happened with me but i am not sure how owner can rug? when he have no tokens and liquidity is burned how he can be benifit by stoping us from selling?? kindly reply

You are right. It is a centraliced company that tries to sell decentralized crypto but holds all the cards.

example: if i am an exchanche and i want to sell safemonn on my own bag they can just shut down the exchange adress. Other mayor tokens have given that power away by using a concens algo.

to add:

  1. the owner has acces to the liq pool and they can swap and liquify to bsc. the safemoon dev is selling his bag aswell.

  2. the owner has not implemented the reflection code in this repo. we dont really know how it works. they could take 50% of all reflections and no one would know.

  3. if the private key of the owner ever gets leaked its over. its a one point of failure.

  4. Videos of the safemoon company employed have surfaced where they eat golden beef.

to finish: ill be very happy to see the V2 of the contract where all the issues are adressed. the code is much cleaner. and it would be possible to contribute as open source. doing everythin inhouse is just to much time co suming

yuc0rp commented 2 years ago

wen v2

mamadeusia commented 2 years ago

Hi, I implemented burnable safemoon token in this repository https://github.com/mamadeusia/BurnableReflectionToken I also checked the functionality of code with python in jupyter-lab. if you have problem with it feel free to ask .