Jun 10th, 2021
Main Source information : H E R E
Table Of Content
Summary
Overview
Project Summary
Audit Summary
Vulnerability Summary
Audit Scope
Findings
PEA-01 : Unlocked Compiler Version
PEA-02 : Division Before Multiplication
Appendix
Disclaimer
About
SUMMARY
This report has been prepared for PeacockCoin Token smart contracts, to discover issues and vulnerabilities in the source code of their Smart Contract as well as any contract dependencies that were not part of an officially recognized library. A comprehensive examination has been performed, utilizing Static Analysis and Manual Review techniques. The auditing process pays special attention to the following considerations: Testing the smart contracts against both common and uncommon attack vectors. Assessing the codebase to ensure compliance with current best practices and industry standards. Ensuring contract logic meets the specifications and intentions of the client. Cross referencing contract structure and implementation against similar smart contracts produced by industry leaders. Thorough line-by-line manual review of the entire codebase by industry experts. The security assessment resulted in findings that ranged from critical to informational. We recommend addressing these findings to ensure a high level of security standards and industry practices. We suggest recommendations that could better serve the project from the security perspective: Enhance general coding practices for better structures of source codes; Add enough unit tests to cover the possible use cases given they are currently missing in the repository; Provide more comments per each function for readability, especially contracts are verified in public; Provide more transparency on privileged activities once the protocol is live. No notable vulnerabilities were identified in the codebase and it makes use of the latest security principles and style guidelines. There were certain optimizations observed as well as security principles that can optionally be applied to the codebase to fortify the codebase to a greater extent. It should be noted that the codebase is based on a known project, hence inheriting the original’s vulnerabilities.
Overview Project Summary
Project Name PeacockCoin
Token Description A deflationary yield token
Platform BSC
Language Solidity
Codebase https://bscscan.com/address/0x050787de0cf5da03d9387b344334d51cae5dd0fd#code
Commit
Audit Summary
Delivery Date : Jun 10, 2021
Audit Methodology : Static Analysis, Manual Review
Key Components : Deflationary Yield Token
Vulnerability Summary
Total Issues 2
Critical : 0
Major ; 0
Medium : 0
Minor : 1
Informational :1
Discussion : 0
Audit Scope
ID file SHA256 Checksum
PEA PEACOCKCOIN.sol 532af37c4b88318490e43e62c6e40052c620d04b3b0a5a5490ebcb09f0a1e14b
#Description
The contract has unlocked compiler version. An unlocked compiler version in the source code of the contract permits the user to compile it at or above a particular version. This, in turn, leads to differences in the generated bytecode between compilations due to differing compiler version numbers. This can lead to an ambiguity when debugging as compiler specific bugs may occur in the codebase that would be hard to identify over a span of multiple compiler versions rather than a specific one.
#Recommendation
We advise that the compiler version is instead locked at the lowest version possible that the contract can be compiled at. For example, for version v0.6.2 the contract should contain the following line:
pragma solidity 0.6.2
#Alleviation
The development team has acknowledged this exhibit but decided to not apply its remediation in the current version of the codebase
#Description
Integer division might truncate, hence division before multiplication can lead to loss of precision.
#Recommendation
We advise to perform multiplication before division to avoid loss of precision.
#Alleviation
The development team has acknowledged this exhibit but decided to not apply its remediation in the current version of the codebase.
#Appendix
#Finding Categories
#Mathematical Operations
Mathematical Operation findings relate to mishandling of math formulas, such as overflows, incorrect operations etc.
#Language Specific
Language Specific findings are issues that would only arise within Solidity, i.e. incorrect usage of private or delete.
#Checksum Calculation Method
The “Checksum” field in the “Audit Scope” section is calculated as the SHA-256 (Secure Hash Algorithm 2 with digest size of 256 bits) digest of the content of each file hosted in the listed source repository under the specified commit. The result is hexadecimal encoded and is the same as the output of the Linux “sha256sum” command against the target file.
Disclaimer
This report is subject to the terms and conditions (including without limitation, description of services, confidentiality, disclaimer and limitation of liability) set forth in the Services Agreement, or the scope of services, and terms and conditions provided to the Company in connection with the Agreement. This report provided in connection with the Services set forth in the Agreement shall be used by the Company only to the extent permitted under the terms and conditions set forth in the Agreement. This report may not be transmitted, disclosed, referred to or relied upon by any person for any purposes without CertiK’s prior written consent.
This report is not, nor should be considered, an “endorsement” or “disapproval” of any particular project or team. This report is not, nor should be considered, an indication of the economics or value of any “product” or “asset” created by any team or project that contracts CertiK to perform a security assessment. This report does not provide any warranty or guarantee regarding the absolute bug-free nature of the technology analyzed, nor do they provide any indication of the technologies proprietors, business, business model or legal compliance.
This report should not be used in any way to make decisions around investment or involvement with any particular project. This report in no way provides investment advice, nor should be leveraged as investment advice of any sort. This report represents an extensive assessing process intending to help our customers increase the quality of their code while reducing the high level of risk presented by cryptographic tokens and blockchain technology.
Blockchain technology and cryptographic assets present a high level of ongoing risk. CertiK’s position is that each company and individual are responsible for their own due diligence and continuous security. CertiK’s goal is to help reduce the attack vectors and the high level of variance associated with utilizing new and consistently changing technologies, and in no way claims any guarantee of security or functionality of the technology we agree to analyze.
PEACOCKCOIN STRUCTURE
Total Supply: 100,000,000,000,000,000 PEKC
Token Distribution
PEKC TOKEN is listed on BSC chain.
Maximum supply of token is 100 Quadrillion and 50% was initially burnt.
- Liquidity locked
- Ownership renounced
- Chart
- Buy On Pancake Swap
- $PECK Transactions
- $PEKC Contract
- $PEKC Holders
Information Boards
Website : Peacockcoin
TG Official : Telegram
Twitter Official : Twitter
Discord : Discord
Reddit : Reddit
IG: Instagram
PeacockCoin : Whitepaper
PeacockCoin : Roadmap or Website
PEKC Audit (1st) : Solidity Audits
PEKC Audit (2nd) : Certik Audits
PeacockCoin : Marketplace (Beta Preview)
PeacockCoin : Wallet Tracker
PeacockCoin : Coin markets Cap
PeacockCoin : Coingecko
Price List : Coinbase
Price List : Live coin watch
Listing : Coin Sniper
Listing : Stock Wits
Peacockcoin Ecosystem
Peacockcoin is designed to rewards holders. The Peacockcoin tokenomics apply a special tax to every buyer or seller : 2,5% are redistributed back to holders while 2,5% are burned forever reducing the total supply. With the PEKC token there is no need to stake or lock up your tokens anywhere to receive rewards. Just hold tokens in your wallet and watch your balance increase
RISK
Please note there are always risks associated with smart-contracts. Please use at your own risk. PEKC Token is not a registered broker, analyst or investment advisor. Everything that we provide on this site is purely for guidance, informational and educational purposes. All information contained herein should be independently verified and confirmed. We do not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. Please be aware of the risks involved with any trading done in any financial market. Do not trade with money that you cannot afford to lose. When in doubt, you should consult a qualified financial advisor before making any investment decisions.
Our Network :
BINANCE SMART CHAIN
PANCAKE SWAP
Fundraising campaign
We have decided to launch a fundraising campaign that will be used on marketing, exchanges and charity donations. This will help to boost our growth and expand our vision to more communities out there.
Any help and support is greatly appreciated. You can find the Peacockcoin Fundraising wallets below :
Fundarasing Peacockcoin
