SMART CONTRACT SECURITY AUDIT EARNTRON300 [ TRON BLOCKCHAIN ] Audit NO: 02100340128 December, 2020 PROJECT DETAILS ▪ Project Name: EARNTRON300 ▪ Technology : Blockchain Smart Contract ▪ Blockchain : Tron Blockchain ▪ Programming Language : Solidity ▪ Version : 0.5.12 ▪ Contract Type: Decentralized Smart Contract ▪ Category : High-Risk Dapp ▪ Website: https://www.earntron300.com ▪ Audit Type: Function Report ▪ File(s) Audited: EarnTron300.sol ▪ Audit No : 02100340128 ▪ The contract source code is verified on TRONSCAN ▪ Contract name: EarnTron300 ▪ Optimization: Yes with 200 runs ▪ Compiler version: solidity 0.5.12 ▪ License: MIT ▪ E-mail: firstname.lastname@example.org ▪ Telegram : https://t.me/OfficialEarnTron300 NOTE : This Audit Report was issued before the launch of the project. All tests are performed with the given Source Code on the test network. After the project’s launch, we will verify and issue another Audit Mentioning the contract's Address . Disclaimer INFIGO only audits the source code for security and its functions. We don’t audit for the contract logic honesty. This report is for the source code given and the contract deployed at the address mentioned in this document and doesn’t guarantee if the contract is being deployed to another address or any alterations made. We have nothing to do if the contract functioning contains risks like gambling and other functions. Security Items and Results NO ITEM SEVERITY DESCRIPTION RESULT All types of 1 Race Condition High Race Condition Passed Attacks Integer overflows / underflows. 2 Overflow High Passed Fulfilled by using SafeMath library Fulfilled by implementing “ Denial of 3 High balance Passed Service withdrawal” design pattern Doesn’t rely on Time-based 4 High small time Passed Decisions periods Function / Data 5 Structure High Passed Exposure NO ITEM SEVERITY DESCRIPTION RESULT Parameter 6 High Passed Sanitization Require 7 Medium Passed Statement Contract Doesn’t 8 High Passed ownership required isContract() 9 Inline assembly Warning Passed function 10 Loops Low Controlled Passed Function Report Constants and Read Functions : • MAX_DAILY_WITHDRAWAL: Showing maximum withdrawal per day and is set to 50,000 TRX. • INVEST_MIN_AMOUNT: Stores the minimum investment amount and is equivalent to 100 TRX. • FIX_PERCENT: Showing the daily fix percentage. Its set to 30% (300/ PERCENTS_DIVIDER). • REFERRAL_PERCENTS: Showing the referral levels percent and is equivalent to 7%, 2%, 1% for levels 1 to 3. • MARKETING_FEE: Showing the marketing fee and is equivalent to 5%. • SUPPORTING_FEE: Showing the supporting fee and is equivalent to 5%. • ADMIN_FEE: Showing the admin fee and is equivalent to 1.5%. • DEV_FEE: Showing the developer fee and is equivalent to 1.5%. • PERCENTS_DIVIDER: All percentage values is divided to this number in calculations and is equivalent to 1000. • TIME_STEP: Showing the time step and is 1 days or 86400 • totalUsers: Number of total users can be read from this variable. • totalInvested: Showing the total invested • getMyDividends(): This function is used to get user real time dividends. • getMyWithdrawals(): This function is used to get user total withdrawals. • getMyInvestments(): This function is used to get user total investments. • withdrawAllowance(): This function is used to disable withdrawal in the time between 0 and 4 am UTC. • getStatsView(): Returns statistics. • isContract(): Checks if an address is a contract address. Write Functions : • payUplines(): This function updates up-line referral bonuses. This is a private function and can’t be called from outside the contract. • invest(): This function is used to make a deposit in the system. This function accepts a referral address. This is a public function and can be called from outside. This function is the only payable function and half of the admin fees are paid in this function. The total of 13% of each deposit is transferred to four admin accounts. The first referral bonus is calculated here as 7% of the deposit and is set to the corresponding referrer user account. Note that the minimum amount to make a successful deposit is 100 TRX • withdraw(): This function is used to withdraw the dividends so far. 50% of the dividends is directly sent to to the user wallet and the other half is reinvested. Note that either referral bonus or the dividends can only be withdrawn in a day. No back-door was found in this function. Note: There are two constraints that determine profit maximum value withdrawal. One is maximum profit constraint which ensures the total withdraw amount be less than 300% of all deposits. So in order to withdraw profits more than 300%users have to invest again. Another limit check is daily withdraw limit check. Users can not withdraw more than 50K TRX a day and also can not withdraw more than once a day. Note that either referral bonus or the dividends can only be withdrawn in a day. • withdrawRefBonus(): This function is used to withdraw referral bonus so far. There is no backdoor in this function and the only transfer () call is used to send referral profit to the user wallet. User allowed to withdraw just once a day. Summary of the Audit : • Overall the Code is good and performs well. • No Backdoors or Vulnerabilities were found on the EARNTRON300 Contract. • EARNTRON300’s code is safe to use in the Tron Main Network. Website : www.infigo.solutions Mail : email@example.com Telegram : @InfigoSolutions NOTE : This Audit Report was issued before the launch of the project. All tests are performed with the given Source Code on the test network. After the project’s launch, we will verify and issue another Audit Mentioning the contract's Address .