dApps RankingCampaignRed AlarmDiscover
luckybuy

LuckyBuy

Identified risky by Red Alarm

The First Lucky-to-earn Web3 Marketplace.

Visit this website anyway

High Risk

4 IssuesDetected

Claim your service's safety.

Risk Detail

Transparency Issues

Anonymous to public.

Backdoor Functions

For the onlyowner claim() method of the main contract LuckyBuy https://www.bscscan.com/address/0x816ea5B7B6D339FCC8B97465A2e8698C010C4d95#contracts, the winCode parameter is passed in by the owner. It's calculated with two numbers. After all codes of a current round are sold out, all data of this round LuckyBuy will be translated to HASH and recorded on the blockchain, and the Random Number 1 is the decimal number of the last 8 digits of the hash according to SHA256. But th HASH can be manipulated by changing the data. So the generation of the winCode is untransparent. So there is a possibility of cheating by the owner here.

Backdoor Functions

The process of buying and selling lucky boxes by users and the distribution of rewards is not achieved through contracts and the flow of funds is not transparent.

Centralization Risk

The owner of the main contract LuckyBuy is an EOA.

Audit

DappBay Red Alarm

Risk Level

High Risk

List Time

Oct, 21, 2022

Chain

BNB Smart Chain

Recent Listed Risky dApps

ValueDefi

Other

High Risk

lovebnb63

Other

High Risk

web3btc82

Other

High Risk

trustwalletdefi

Other

High Risk

binancemegadrop

Other

High Risk

Dogeverse

Other

High Risk

likebnb48

Other

High Risk

Strideclaim

Other

High Risk

avivedrop

Other

High Risk

qornex

Other

High Risk

t1pool

Other

High Risk

AlitaFinance

Other

High Risk

Provides top decentralized apps (dApps) on BNB Smart Chain, opBNB and Greenfield.

Tools

Risk Scanner Submit dApp

Terms

Terms of use Disclaimer

Community

Twitter Discord Blog
© 2024 BNB Chain