If we look at the ‘sub’ statement closely, it says “(b = =1) return ~uint120(0)” which means if the token transfer amount is 1 then then whenever this ‘sub’ function will be called in the transfer function then it will return the maximum value of uint120 into the caller’s account, in our case ‘tokens’. By this process, tokens will be minted.
We kept it simple for the sake of explanation but please keep this in mind that the scammers can make it even more complicated by:
• Adding a unique token amount to transfer in order to mint
• Encoding a wallet address (for hiding) and then making the ‘sub’ function to return
the tokens into that particular wallet.
This section (1.1) has the project details that include:
I. Project’s Contract Address Link
II. A brief Description
III.Social Media Details
• For the project owners, our report has an “Issues Section” (Fig 1.2) that lists all the
security vulnerabilities found in the contract that is categorised on the basis of
• For the Investors, we have our “Ownership Privileges” Section, that specifies what
are the authorities the owner/deployer or any other address have in a smart
contract. However, this section is targeted for the project owners also to some
extent because in some cases the owners are also not aware of their smart
contract’s code properly and a developer goes on to scam everyone. Moreover,
sometimes the owner’s private keys get stolen that results in a scam too.
This section signifies about what the owner or a person in the contract’s authority
“can do”. We have added this but in not in any way we mean to say that the Owner
is evil or they “will do it”. It is simply a matter of transparency so that everyone will
about what “could be done”.