Discovery Trending Launches KYC Verified Watchlist Risk Alerts
Token Minter AI Threat Detection Token Burner
Blog & News Docs Visit SolidProof.io

Ape Express Info

ape.express

Ape Express represents an innovative protocol to overcome the obstacles project initiators encounter during token launch. This protocol allows creators to instantly launch a token that aligns with their project's specific needs.

Ape Express Logo
Onboarded date 12/12/2025

TrustNet Score

The TrustNet Score evaluates crypto projects based on audit results, security, KYC verification, and social media presence. This score offers a quick, transparent view of a project's credibility, helping users make informed decisions in the Web3 space.

3.42
Poor Excellent

Real-Time Threat Detection

Real-time threat detection, powered by Cyvers.io, is currently not activated for this project.

This advanced feature provides continuous monitoring and instant alerts to safeguard your assets from potential security threats. Real-time detection enhances your project's security by proactively identifying and mitigating risks. For more information, click here.

Security Assessments

Select the audit
"Static Analysis Dynamic Analysis Symbolic Execution SWC Check Manual Review"
Contract address
N/A
Network N/A
License N/A
Compiler N/A
Type N/A
Language Solidity
Onboard date 2025/12/15
Revision date 2025/12/15

Summary and Final Words

No crucial issues found

The contract does not contain issues of high or medium criticality. This means that no known vulnerabilities were found in the source code.

Contract owner cannot mint

It is not possible to mint new tokens.

Contract owner cannot blacklist addresses.

It is not possible to lock user funds by blacklisting addresses.

Contract owner cannot set high fees

The fees, if applicable, can be a maximum of 25% or lower. The contract can therefore not be locked. Please take a look in the comment section for more details.

Contract cannot be locked

Owner cannot lock any user funds.

Token cannot be burned

There is no burning within the contract without any allowances

Ownership is not renounced

The owner retains significant control, which could potentially be used to modify key contract parameters.

Contract is not upgradeable

The contract does not use proxy patterns or other mechanisms to allow future upgrades. Its behavior is locked in its current state.

Scope of Work

This audit encompasses the evaluation of the files listed below, each verified with a SHA-1 Hash. The team referenced above has provided the necessary files for assessment.

The auditing process consists of the following systematic steps:

  1. Specification Review: Analyze the provided specifications, source code, and instructions to fully understand the smart contract's size, scope, and functionality.
  2. Manual Code Examination: Conduct a thorough line-by-line review of the source code to identify potential vulnerabilities and areas for improvement.
  3. Specification Alignment: Ensure that the code accurately implements the provided specifications and intended functionalities.
  4. Test Coverage Assessment: Evaluate the extent and effectiveness of test cases in covering the codebase, identifying any gaps in testing.
  5. Symbolic Execution: Analyze the smart contract to determine how various inputs affect execution paths, identifying potential edge cases and vulnerabilities.
  6. Best Practices Evaluation: Assess the smart contracts against established industry and academic best practices to enhance efficiency, maintainability, and security.
  7. Actionable Recommendations: Provide detailed, specific, and actionable steps to secure and optimize the smart contracts.

A file with a different Hash has been intentionally or otherwise modified after the security review. A different Hash may indicate a changed condition or potential vulnerability that was not within the scope of this review.

Final Words

The following provides a concise summary of the audit report, accompanied by insightful comments from the auditor. This overview captures the key findings and observations, offering valuable context and clarity.

Ownership Privileges
  • The owner can set the V3 locker contract address.
  • The owner can withdraw ETH and tokens from the contract.
  • The owner can set the token slippage value.

Note - This Audit report consists of a security analysis of the LiquidityAdder smart contract. This analysis did not include functional testing (or unit testing) of the contract’s logic. Moreover, we only audited the mentioned contract for the Ape Express team. Other contracts associated with the project were not audited by our team. We recommend investors do their own research before investing.

Files and details

Functions
public

/

State variables
public

/

Total lines
of code

/

Capabilities
Hover on items

/

Findings and Audit result

Critical
High
3
Medium
1
Low
1
Optimization
2
Informational
medium Issues | 3 findings

Pending

#1 medium Issue
Lacks Contract Existence Check
LiquidityAdder.sol
L2521-2524
Description

The setV3Locker function does not verify that the provided _v3Locker address has contract code deployed to it. The only validation is a check against the zero address. An owner could set this critical address to a standard wallet address (an EOA). If this occurs, the subsequent call to v3Locker.lock(...) during the liquidity addition process would fail silently. It would not revert the transaction, but the LP NFT would never be transferred to the locker. This results in the newly created and highly valuable liquidity position becoming permanently stuck in the LiquidityAdder contract, failing the primary promise of the protocol—to lock liquidity. The only recourse would be for the owner to manually retrieve the LP NFT using their centralized withdrawToken function, which completely undermines the trustless nature of the system.

Comments

The function must be updated to verify that the _v3Locker address contains contract code. This is a standard security check for functions that set critical interaction addresses. The most common method is to check that the address's code.length is greater than zero.

Pending

#2 medium Issue
Critical Price Manipulation Vulnerability in V2 Fallback Mechanism
LiquidityAdder.sol
L2545-2573
Description

The bond function's fallback to a V2 DEX introduces a critical vulnerability to "sandwich" attacks. An attacker can intentionally poison the V3 liquidity pools with trivial amounts of liquidity to force the function to use its V2 fallback logic. The V2 liquidity addition is executed using a globally configured and dangerously permissive slippage setting, which can be as high as 50%. An attacker can exploit this by front-running the bond transaction to manipulate the APECOIN price on the V2 DEX, causing the liquidity to be added at a highly unfavorable rate. The transaction succeeds due to the loose slippage, and the attacker then back-runs it to realize a profit, effectively stealing a significant portion of the project's initial liquidity value.

Comments

To mitigate this vulnerability, the slippage tolerance for the initial liquidity provision in the _addLiquidityV2 function must not be a high, globally-configurable variable. The amountTokenMin and amountAPEMin parameters should be calculated dynamically within the bond function with a hardcoded, minimal slippage tolerance (e.g., 0.5% to 1%). This ensures that any significant price manipulation would cause the addLiquidity call to revert, thereby protecting the project's assets. The setTokenSlippage function, in its current form, is a security risk and should be removed or fundamentally redesigned to enforce safe limits.

Pending

#3 medium Issue
Price Manipulation Vulnerability via Insecure V2 Liquidity Provision Path
LiquidityAdder.sol
L2736-2763
Description

The _addLiquidityV2 function contains a critical vulnerability within a flawed edge-case handler. This handler activates if a V2 pool is detected with a pre-existing APECOIN balance but no project tokens. An attacker can front-run any legitimate launch transaction to create this specific state, forcing the function down this vulnerable path. This logic bypasses the secure Uniswap V2 Router and instead uses the low-level pair.mint() function, which provides no price or slippage protection. This allows the attacker to unilaterally set a malicious and wildly unfavorable initial price for the liquidity pool, leading to a catastrophic loss of value for the project as the attacker can immediately arbitrage this price difference and drain the project's side of the liquidity.

Comments

To eliminate this vulnerability, the entire logic block for handling one-sided liquidity must be removed. All V2 liquidity additions must be performed exclusively through the standard and secure IUniswapV2Router02.addLiquidity function. The router provides essential, non-bypassable security checks that ensure liquidity is added at a ratio close to the fair market price, causing the transaction to revert if significant price manipulation is detected. This special logic path is a dangerous and unnecessary optimization that must be removed in favor of the universally accepted secure method for providing liquidity.

low Issues | 1 findings

Pending

#1 low Issue
Insufficient Access Control on pancakeV3SwapCallback Function
LiquidityAdder.sol
L2986-3000
Description

The pancakeV3SwapCallback function contains an insufficient authentication mechanism that allows it to be successfully invoked by any arbitrary external contract. The current security check relies on decoding a pool address from the data parameter and comparing it to msg.sender. However, since an external caller has full control over the data parameter, they can easily craft a call that passes this check by encoding their own contract's address. While this flaw does not lead to a direct theft of funds, it represents a significant security oversight, as a critical function intended for a specific, sensitive operation is left open and callable by any actor on the network at any time.

Comments

To properly secure the callback, a state-based locking mechanism must be implemented. A private state variable, such as address private _snappingPool, should be added to the contract. In the _zeroLiquiditySnap function, this variable must be set to the address of the target pool immediately before the pool.swap call is made. The pancakeV3SwapCallback function must then be modified to require that msg.sender is equal to this _snappingPool variable, ignoring the data parameter for authentication. Finally, the _snappingPool variable must be cleared immediately after the swap call completes to ensure the lock is released. This guarantees that the callback is only callable by the correct pool and only during the intended _zeroLiquiditySnap operation.

optimization Issues | 1 findings

Pending

#1 optimization Issue
Gas Optimization by Declaring onERC721Received as pure
LiquidityAdder.sol
L3002-3010
Description

The onERC721Received function is currently declared as external but does not read from or modify the contract's state in any way. Its sole purpose is to return a constant value, the function selector, to comply with the ERC721 standard. As the function's logic and return value are entirely independent of the contract's state, it is unnecessarily permissive. This represents a missed opportunity for gas optimization and a deviation from Solidity best practices for code clarity.

Comments

The function signature should be modified from external to external pure. This change more accurately reflects the function's behavior, provides a minor gas saving for callers, and signals to the compiler and other developers that the function has no side effects and does not depend on storage variables. This is a simple but important refinement for maintaining high code quality.

informational Issues | 2 findings

Pending

#1 informational Issue
Missing events arithmetic
LiquidityAdder.sol
L2521-2524
L2540-2543
Description

It is recommended to emit all the critical parameter changes.

Pending

#2 informational Issue
Function that are not used (Dead code).
LiquidityAdder.sol
L461
L478
L495
L512
L529
L546
L563
L580
L597
L614
L631
L648
L665
L682
L699
L716
L733
L750
L767
L784
L801
L818
L835
L852
L869
L886
L903
L920
L937
L954
L971
L985
L1003
L1021
L1039
L1057
L1075
L1093
L1111
L1129
L1147
L1165
L1183
L1201
L1219
L1237
L1255
L1273
L1291
L1309
L1327
L1345
L1363
L1381
L1399
L1417
L1435
L1453
L1471
L1489
L1507
L1525
L1543
L1561
L1579
L1597
L1615
L1633
L1651
L1669
L1687
L1705
L1723
L1741
L1759
L1777
L1795
L1813
L1831
L1849
L1867
L1885
L1903
L1921
L1939
L1957
L1975
L1993
L2011
L2029
L2047
L2065
L2083
L2101
L2119
L2137
L2155
L2173
L2191
L2209
L2227
L2245
L2263
L2281
L2299
L2317
L2335
L2353
L2371
L2389
L2407
L2425
L2443
L2461
Description

It is recommended to remove the unused code from the contract.