There are certain things that RugDoc’s reviewers look out for when reviewing the code of a farm. Here we explain what the different lines in our reviews mean so you know what to look out for when trying to check the contract on your own.
What does it mean when the dev renounces ownership of the Masterchef? What does it mean if they transfer ownership to a timelock? What are the implications if they do not do this? #
Renouncing MC – No changes can ever be made to the Masterchef.
Transfer ownership to timelock – Any changes to be made has a delay that gives users the chance to react to any queued timelock transactions. This is important when there is the possibility of suspicious or rug vectors in the Masterchef.
No timelock – Not always a bad thing, especially for safe projects which follow RugDoc’s best practices; In fact, not having a timelock may even hurt safe and legitimate projects because they don’t have any rug code but have to wait for the queued transactions to clear before being able to do anything. Not having a timelock a bad thing when there are ways to screw over users like 100% deposit fees, upgrading contracts using a proxy, executing rug function, etc.
What are the implications if the owner of the Masterchef is an EOA? #
They can change function parameters of the Masterchef without delay.
If there are no hard rug functions in the code, does it matter if the Masterchef is not behind a timelock? #
Not necessarily, because most Masterchefs have the ability to set up to 100% deposit fees, and they’re only rated a Medium Risk for us. If the deposit fees are uncapped, then we highly recommend a 24 hour timelock to give users more peace of mind. If the Masterchef truly does implement all RugDoc best practices, then there’s really no point in having a timelock.
If 100% deposit fees are possible, would this be mitigated with a timelock? #
A timelock just delays the execution of an update to the parameters of a contract. If the developer can set the deposit fees to a 100% and steal all deposits, a timelock merely delays this. For more information, read our article on timelocks.
Why can’t the anti-whale amount be too low? #
If the anti-whale amount is too low, the developer can block all token sells.
Why do we recommend that the token owner should be the Masterchef? #
If the token owner is the developer or an EOA (externally-owned address), they can mint and dump tokens at any time. Note that not all tokens require the owner to be the Masterchef, especially if they include the role of ‘Minters’ in the token contract which allow for any privileged addresses to have the minting ability; this poses a problem because it means that users would have to worry about several parties having the ability to arbitrarily mint any amount of tokens at any time.
What does “does not support deflationary/transfer-tax token pools” mean? #
Several farms were exploited when they added tokens with transfer tax to their pools as the Masterchef does not account for tokens with transfer tax mechanisms.
How do I check if liquidity has been locked or burned? #
The easiest method would be to ask the project to provide proof of locked liquidity via 3rd party locking services such as DXSale or Unicrypt, etc. Alternatively, they may use a locking contract, though caution should be taken that there have been many such contracts without any explicit locking mechanism (the contract holds the LP tokens, but the project can withdraw them at any time).
For burning, you can just ask to see the transaction where they sent the LP tokens to the burn/dead address.
What does it mean if a contract is unverified? #
An unverified contract is a blackbox – it means that we cannot read the content of the contract so we have no idea what the underlying code is like. Usually unverified contracts have malicious code, so we recommend users to stay away from interacting with unverified contracts.
What does it mean if a contract is behind an upgradeable proxy? #
Upgradeable proxy contracts can be upgraded to literally anything, including to malicious contracts at any time.
What are the implications if the token router can be changed? #
If the router can be changed, then the project can swap it to a malicious router that sends the LP tokens generated from swapAndLiquify to any address which they desire. Note that this does not mean that they can steal users’ funds, but rather that the Panther tokenomics has an automatic liquidity-generating function that uses a portion of the token’s transfer tax to add liquidity to the native token LP – normally this goes to the operator’s wallet anyway, which can then potentially dump those tokens on users.
