How to fix this Safemoon's issue

Do you guys have any idea how to fix this safemon’s hardcode issue? Certifik Foundation shows this issue in Safemoon’s security audit.

Contract gains non-withdrawableBNB via the swapAndLiquify function

The swapAndLiquify function converts half of the contractTokenBalance SafeMoon tokens to BNB.
The other half of SafeMoon tokens and part of the converted BNB are deposited into the SafeMoonBNB pool on pancakeswap as liquidity. For every swapAndLiquify function call, a small amount of BNB
leftover in the contract. This is because the price of SafeMoon drops after swapping the first half of
SafeMoon tokens into BNBs, and the other half of SafeMoon tokens require less than the converted
BNB to be paired with it when adding liquidity. The contract doesn’t appear to provide a way to
withdraw those BNB, and they will be locked in the contract forever.

It’s not ideal that more and more BNB are locked into the contract over time. The simplest solution is to
add a withdraw function in the contract to withdraw BNB. Other approaches that benefit the SafeMoon
token holders can be:

  • Distribute BNB to SafeMoon token holders proportional to the amount of token they hold.
  • Use leftover BNB to buy back SafeMoon tokens from the market to increase the price of

The screenshot talking about it

I would fix it by adding a way to update the Uniswap/Pancakeswap Router address via an owner only function. That way if an update happens, the owner of the contract can update the router address and still have Swap and Liquify work.

A slightly more complex way would be to allow for multiple Router Addresses so that swap and liquifies only effect certain dexs. Imagine a system where certain amounts are tracked. These amounts are for the specific dex, where their specific swap and liquify can occur.

If you want a system where a non-owner can do this, it would need to rely on an auxillary contract to read from. This axuillary contract would still need to be updated by something like PancakeSwap when updating it’s router address.

If someone knows of a contract where they supply their most up to date router address that would be great.

Tsushima - I ran across this earlier…

function setRouterAddress(address newRouter) public onlyOwner() {
    IUniswapV2Router02 _newPancakeRouter = IUniswapV2Router02(newRouter);
    uniswapV2Pair = IUniswapV2Factory(_newPancakeRouter.factory()).createPair(address(this), _newPancakeRouter.WETH());
    uniswapV2Router = _newPancakeRouter;

This is from

Please make sure you give credit to @FreezyEx

Yes that would fix it I think. But the code for SafeMoon is immutable. They would need a proxy to update it. Or they could fork and make SafeMoon2.

1 Like

I guess it works!
Let’s imagine that V3 arrives now, so we need to migrate V2 to V3 LP and then update the router using this function?

1 Like

sincerely, I have also been confused with this swapandliquify thing and also the NumTokenSellForLiquidity.

Who can explain what it means, and how to go about it.

Hi there! Welcome to Open Zeppelin.

Please use the search bar before posting, this has been asked multiple times as well as answered. If you still cannot find it, then ask with very specific questions on what you do not understand.

This goes for all Safemoon Related Questions. The chances of it already being answered is very high. Please search first.