Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
DefiRobot.AI Profile picture
DefiRobot.AI
@RobotDefi
Account in limbo. Deciding what to do with it. Stay tuned.

May 23, 2022, 16 tweets

On-chain "Audit" of PLAYA3ULL GAMES @PLAYA3ULL

My partner in on-chain P.I. work @0xLosingMoney has been getting a lot of requests for an on-chain look into projects...and he can't really handle ALL of them. So I'm giving him a hand.

Let's dive into $3ULL

🕵️‍♂️/1

@PLAYA3ULL @0xLosingMoney First and foremost I need to state the following:

I am NOT a Solidity developer, so my knowledge on what to look for in a #smartcontract is limited.

Also, this is not a deep dive into the project, but only a look at potential security issues.

🕵️‍♂️/2

@PLAYA3ULL @0xLosingMoney OK, the first place I always start is @Token_Sniffer

The contract scores a 60/100...which is actually really good. The only issue is that the liquidity isn't locked.

Yes, locked liquidity DOES protect from #rugpulls BUT...

🕵️‍♂️/3

@PLAYA3ULL @0xLosingMoney @Token_Sniffer MOST rugs are pulled within the first day or week of launch.

Also, this is a V2 contract, so the lack of liquidity lock isn't uncommon as they've already had to transition tokens from another contract.

moving on....

🕵️‍♂️/4

@PLAYA3ULL @0xLosingMoney @Token_Sniffer Next we'll look at the bubble map. This one doesn't tell us much as there aren't a WHOLE lot of holders...but since @0xLosingMoney loves the feature so much, I had to include it.

🕵️‍♂️/5

@PLAYA3ULL @0xLosingMoney @Token_Sniffer Next, we look to see if there is an audit.

And THERE IS! From @CertiK too!

The audit passes with high marks, with only 2 major issues that have been mitigated.

🕵️‍♂️/5

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK The issues were major controls from contract roles, and the mitigation was the implementation of a Gnosis safe.

It's only 2/3 multisig, which could be more secure, but it's definitely better than nothing..

🕵️‍♂️/6

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK Next we look at the contract itself. Again, I'm not a Solidity developer, but I didn't find anything glaringly fishy.

There was only one modifier for onlyOwner (this is normal) and no shady functions or if/else statements.

So now we can look at the holders...

🕵️‍♂️/7

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK Top three holders are contracts. I believe the largest one is the node contract, then we have the Gnosis safe and finally the LP.

The only concern I have here is that 15% of the total supply is owned by 4 private wallets.

🕵️‍♂️/8

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK This isn't a huge deal and doesn't reflect on the protocol...just good to be aware that if they chose to dump or are all controlled by the same person and he/she chose to dump it would have significant impact on price.

🕵️‍♂️/9

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK Also, I can't say for certain if any of those wallets are controlled by the protocol because they did not include a pie-graph with allocations in their tokenomics (tsk tsk).

🕵️‍♂️/10

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK Next, taking a look at the contract creator's address (just to make sure there isn't any fishy behavior there) I found nothing strange at all.

Every txn looked like a legitimate interaction with the Playa3ull contract.

🕵️‍♂️/11

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK Now we can move on to the website.

First, note that the team IS #doxxed

They all seem to have a direct email and LinkedIn profile connected.

🕵️‍♂️/12

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK We can also see that the domain was purchased in Dec 2021, so it wasn't bought and site popped up within days of launch (this is a good sign).

🕵️‍♂️/13

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK Finally, the company claims to be located in Australia, and is, in fact, hiring talent in Australia.

This is a very good sign as well.

The evidence points to this being a legitimate project with no glaringly obvious security issues.

🕵️‍♂️/14

@PLAYA3ULL @0xLosingMoney @Token_Sniffer @CertiK For anyone who has invested or is considering investing, this is #NFA and definitely #DYOR but from my limited knowledge and incredibly skeptical point of view I give $3ULL a passing grade.

Cheers

🕵️‍♂️/finis

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling