TrustNet Score
The TrustNet Score evaluates crypto projects based on audit results, security, KYC verification, and social media presence. This score offers a quick, transparent view of a project's credibility, helping users make informed decisions in the Web3 space.
Real-Time Threat Detection
Real-time threat detection, powered by Cyvers.io,
is currently not
activated
for this project.
This advanced feature provides continuous monitoring and instant alerts to safeguard your assets from potential security threats. Real-time detection enhances your project's security by proactively identifying and mitigating risks.
For more information, click here.
Summary and Final Words
No crucial issues found
The contract does not contain issues of high or medium criticality. This means that no known vulnerabilities were found in the source code.
Contract owner cannot mint
It is not possible to mint new tokens.
Contract owner cannot blacklist addresses.
It is not possible to lock user funds by blacklisting addresses.
Contract owner can set high fees
Contract owner is able to set fees above 25%. Very high fees can also prevent token transfer.
Contract cannot be locked
Owner cannot lock any user funds.
Token cannot be burned
There is no burning within the contract without any allowances
Ownership is not renounced
The owner retains significant control, which could potentially be used to modify key contract parameters.
Contract is not upgradeable
The contract does not use proxy patterns or other mechanisms to allow future upgrades. Its behavior is locked in its current state.
Scope of Work
This audit encompasses the evaluation of the files listed below, each verified with a SHA-1 Hash. The team referenced above has provided the necessary files for assessment.
The auditing process consists of the following systematic steps:
- Specification Review: Analyze the provided specifications, source code, and instructions to fully understand the smart contract's size, scope, and functionality.
- Manual Code Examination: Conduct a thorough line-by-line review of the source code to identify potential vulnerabilities and areas for improvement.
- Specification Alignment: Ensure that the code accurately implements the provided specifications and intended functionalities.
- Test Coverage Assessment: Evaluate the extent and effectiveness of test cases in covering the codebase, identifying any gaps in testing.
- Symbolic Execution: Analyze the smart contract to determine how various inputs affect execution paths, identifying potential edge cases and vulnerabilities.
- Best Practices Evaluation: Assess the smart contracts against established industry and academic best practices to enhance efficiency, maintainability, and security.
- Actionable Recommendations: Provide detailed, specific, and actionable steps to secure and optimize the smart contracts.
A file with a different Hash has been intentionally or otherwise modified after the security review. A different Hash may indicate a changed condition or potential vulnerability that was not within the scope of this review.
Final Words
The following provides a concise summary of the audit report, accompanied by insightful comments from the auditor. This overview captures the key findings and observations, offering valuable context and clarity.
Smart Contract Analysis Statement
Contract Analysis
The COD3R (cod3r.ai) contract implements an ERC20 token with fee-on-transfer mechanics (buy/sell fees split across marketing, liquidity, treasury, reserve, and buyback wallets), automatic liquification via Uniswap V2, anti-whale wallet limits, and a one-block launch fee mechanism. While the overall design follows common taxed-token patterns on Ethereum, several areas need attention:
- A 99.9% launch fee is applied on the first trading block. The fee proceeds are not distributed to any wallet (the fee struct is uninitialized in that code path) and instead remain as ETH in the contract, extractable by the owner via
retrieveETH(). This presents a clear value extraction mechanism from first-block traders. - All four fee destination wallets (
marketingWallet,treasuryWallet,reserveWallet,buybackWallet) are uninitialized at deployment (default toaddress(0)), while the initial fee configuration already has treasury and buyback fees active at 12.5% each. If trading is enabled before these wallets are properly configured, ETH from the liquification process is permanently lost by being sent toaddress(0). - The fee cap validation uses integer division (
sum / 10 <= 25), which allows total fees up to 25.9% instead of the stated 25% maximum due to Solidity's truncating integer arithmetic. - The
_transferfunction violates the checks-effects-interactions pattern by performing external calls vialiquify()before updating token balances, creating potential reentrancy vectors despite the presence of a manual reentrancy lock. - Both swap and liquidity addition operations use zero slippage protection (
amountOutMin = 0), making every auto-liquification transaction vulnerable to MEV sandwich attacks. - The project has zero test coverage — no unit tests, integration tests, or fuzz tests exist for the contract logic.
Ownership Privileges
The ownership of the contract has been assigned to the deployer via a single-step Ownable pattern (no two-step transfer, no timelock, no multi-sig requirement). The owner retains full privileges including:
- Enable trading (one-time, irreversible) via
enableTrading() - Modify buy and sell fees across five categories (marketing, liquidity, treasury, reserve, buyback) up to ~25.9% total via
setBuyFees()andsetSellFees() - Change the anti-whale wallet limit (minimum 2% of supply, no maximum) via
setWalletLimit() - Grant or revoke fee exemptions for any address via
setFeeExempt()andsetFeeExempts() - Change all four fee destination wallet addresses via
setMarketingWallet(),setTreasuryWallet(),setReserveWallet(), andsetBuybackWallet() - Adjust the auto-liquification threshold (up to 1% of supply) via
setLiquificationThreshold() - Withdraw the entire ETH balance of the contract (including ETH pending distribution) via
retrieveETH() - Transfer or permanently renounce ownership via
transferOwnership()andrenounceOwnership()
Limitations
- The owner cannot mint new tokens — total supply is fixed at 1,000,000,000 COD3R
- The owner cannot burn tokens — there is no burn function in the contract
- The owner cannot blacklist or block specific addresses from transacting
- The owner cannot upgrade or modify the contract logic — the contract is not upgradeable
- The owner cannot lock tokens — there is no token locking mechanism
Security Features
The contract implements several positive security features:
- Anti-whale protection via configurable per-wallet holding limits (default 2% of total supply) enforced on buys and wallet-to-wallet transfers
- Trading is disabled by default and must be explicitly enabled by the owner, preventing pre-launch sniping of the liquidity pool
- Manual reentrancy guard (
_reentrantLock) on theliquify()function to prevent recursive liquification calls - LP tokens from auto-liquification are permanently locked by being sent to the dead address (
0x...dEaD) - Fee destination wallet setters include zero-address validation to prevent accidental misconfiguration after deployment
- The
Address.sendValue()library correctly uses low-levelcall{value:}instead of deprecated.transfer()for ETH distribution in the liquification flow
Note — This audit report consists of a security analysis of the COD3R (cod3r.ai) smart contract. This analysis did not include economic analysis of the contract's tokenomics. Moreover, we only audited the main contract for the COD3R team. Other contracts associated with the project were not audited by our team. We recommend investors do their own research before investing.
Files and details
Functions
public
/
State variables
public
/
Total lines
of code
/
Capabilities
Hover on items
/
Findings and Audit result
low Issues | 7 findings
Pending
#1 low Issue
Unsafe Deadline Handling During Swaps
The contract sets the deadline to the current block time when calling swap and liquidity functions. In practice, this gives no real deadline protection because the timestamp is always valid at execution time. A validator can delay inclusion and execute the transaction under less favorable market conditions.
Pending
#2 low Issue
ETH Withdrawal Can Fail For Contract Owners
The `retrieveETH()` function uses `.transfer()`, which forwards only 2300 gas. If the owner is a multisig or another smart contract wallet, receiving ETH may require more gas and the call can revert. In that case, ETH can become stuck in the contract.
Pending
#3 low Issue
Fee Cap Check Allows Values Above 25%
The buy and sell fee validators use integer division in a way that rounds down and allows values above the intended 25% cap. For example, a total of 259 in this fee scale still passes. This creates a mismatch between documented and enforced limits.
Pending
#4 low Issue
Liquify Operations Have No Slippage Protection
The swap and add-liquidity calls set minimum output values to zero. This allows execution at adverse prices and can increase loss to MEV around liquification transactions.
Pending
#5 low Issue
Owner Can Drain All ETH From Contract
`retrieveETH()` allows the owner to transfer the full ETH balance without accounting boundaries. This creates a strong trust assumption around funds expected for liquidity or fee distribution.
Pending
#6 low Issue
Launch Block Enables 99.9% Effective Tax
When trading is enabled, non-exempt trades in the same block are charged a launch fee of 99.9%. The captured amount is converted to ETH, and because fee split values are zero in this path, ETH remains in the contract and can be withdrawn by owner. This creates an immediate value-extraction path for first-block buyers.
Pending
#7 low Issue
Zero Wallet Addresses Can Burn Fee ETH
Fee destination wallets default to `address(0)`. If trading is enabled before those wallets are set, liquification can send ETH to the zero address, permanently burning funds.
optimization Issues | 2 findings
Pending
#1 optimization Issue
Use Immutable Variables For Static Addresses
The `router`, `pair`, and `_totalSupply` values are initialized once and never changed. Marking appropriate values as `immutable` reduces repeated storage reads and lowers transfer costs over time.
Pending
#2 optimization Issue
Batch Fee Exemption Loop Can Be Cheaper
`setFeeExempts()` writes storage in a loop. For large address arrays, this makes admin transactions expensive. Cache the array length and use low-overhead loop patterns (`unchecked` increment where safe) to reduce gas.
informational Issues | 10 findings
Pending
#1 informational Issue
Fee Distribution Rounding Leaves Dust
In `liquify()`, dividing before multiplying can round small distributions down to zero. This leaves residual ETH dust in the contract unless explicitly handled.
Pending
#2 informational Issue
Initial Mint Event Is Missing
The constructor assigns the initial supply directly but does not emit the ERC-20 mint `Transfer` event from zero address. This mainly affects indexer and explorer consistency.
Pending
#3 informational Issue
Wallet Updates Do Not Preserve Fee Exemptions
Changing fee destination wallets does not automatically synchronize fee-exempt status. This is primarily an operational footgun for administrators.
Pending
#4 informational Issue
Admin Changes Lack Audit Trail Events
Several owner-only configuration changes do not emit events. This mainly reduces observability and governance transparency for off-chain monitoring.
Pending
#5 informational Issue
Ownership Transfer Has No Safety Confirmation
Ownership transfer is immediate in one step. This raises operational risk of accidental ownership loss due to address mistakes.
Pending
#6 informational Issue
Transfer Function Is Hard To Maintain Safely
`_transfer` currently handles trading gates, wallet checks, fee branching, liquification triggers, and token movement in one place. This complexity increases maintenance risk and makes security review harder.
Pending
#7 informational Issue
Naming Style Is Inconsistent With Solidity Conventions
The contract and parameter naming style is inconsistent with common Solidity conventions. Standardized naming improves readability and tooling consistency.
Pending
#8 informational Issue
Compiler Target May Not Match All Deployment Chains
The selected compiler range can produce bytecode that depends on newer EVM opcodes (such as `PUSH0`). Some chains may not support these opcodes yet.
Pending
#9 informational Issue
Add Coverage Metrics To Existing Test Suite
The project already includes a substantial test suite for token logic and admin flows, including fuzz cases. Remaining improvement is to enforce measurable coverage targets and add a few explicit invariants around accounting and liquidity operations.
Pending
#10 informational Issue
External Calls Occur Before Balance Updates
The transfer path calls `liquify()` before final token balance updates. This is a hardening concern and code-clarity issue; it is not currently demonstrated as an exploitable reentrancy path in this implementation.