Annotation 2021-04-12 180725
4 4 votes
Article Rating


The BNBVAULT Smart-Contract were found no vulnerabilities, no backdoors, and no scam scripts.

The code was tested with compatible compilers and simulate manually reviewed for all commonly known and specific vulnerabilities.

So BNBVAULT Smart-Contract is safe for use in the Binance Smart Chain main network.


This audit is only to the Smart-Contract code at the specified address.


The audit makes no statements or warranties about the suitability or sustainability of the business model or regulatory regime for the business model. Do take in consideration that you are doing all financial actions & transactions at your own risk, especially if you are dealing with high-risk projects / Dapps.

CRITICAL ISSUES (critical, high severity): 0

Critical and harmful access for owners, user block ability, Bugs, and vulnerabilities that enable theft of funds, lock access to funds without possibility to restore it or lead to any other loss of funds to be transferred to any party.


ERRORS, BUGS AND WARNINGS (medium, low severity): 0

Bugs can negatively affect the usability of a program, errors that can trigger a contract failure, Lack of necessary security precautions, other warnings for owners and users, warning codes that are valid code but the compiler thinks are suspicious.


OPTIMIZATION (low severity): 1

Methods to decrease the cost of transactions in Smart-Contract.


RECOMMENDATIONS (very low severity): 0

Hint and tips to improve contract functionality and trustworthiness.



Optimization suggestions

1- Loop on the dynamic variable (low severity).

If the user gets more parallel deposits his withdrawal transaction fee will cost more transaction fees because the loop on the dynamic variable is used in the ‘withdraw’ function.

In case of the GAS limit of exceeding the size of transaction withdraw is not possible.


This comment is relevant only if a user creates an excessive number of parallel deposits (more than 100).


Independent description of the smart-contract functionality

The BNBVault smart-contract provides the opportunity to invest any amount in BNB (from 0.05 BNB) in the contract and get 200% return on investment if the contract balance has enough funds for payment.


  • Dividends are paid from deposits of users.
  • All dividends are calculated at the moment of request and available for withdrawal every 24 hours
  • Each subsequent Deposit is kept separately in the contract, in order to maintain the payment amount for each Deposit.


Contract Owners Fee

Marketing Fee:   4.5% of all invest and reinvest and withdraw

Developer Fee:   4.5% of all invest and reinvest and withdraw

Project Fee:             3% of the only invest



7% daily profit. A User can get a 200% return totally.


  • The Minimum deposit amount is 0.05 BNB



Referral System (Match Bonus)

This contract pays 8% referrals commissions over 3 level deeps

  • Level one: 5%
  • Level two: 2%
  • Level three: 1%



  • The Referral should be an active user. it means the referral address has at least one deposit
  • The Referrer is specified once at the time of the first deposit and is assigned to the user without the possibility of changing. From each subsequent Deposit, the referrer will get his percent.


Withdraw System

  • In each withdraw if the deposit did not finish yet 9% of dividends will be added to the deposit amount of each active plan as an auto reinvest system.
  • The user should be an active user, which means has at least one active deposit which did not finish yet


Reinvest System

  • Users can reinvest all dividends and it will be added to the main capital amount of each deposit.
  • The user should be an active user, which means has at least one active deposit which did not finish yet



Hold Bonus

Users can get an extra 1% daily profit every 24h if users did not withdraw.

  • The maximum hold bonus is 3%.


BNBVAULT Smart-Contract Functions

  • Constructor: initial plans, owner address, and start date
  • checkUser_: modifier to check 1 day passed from the last checkpoint
  • checkUser: function to check 1 day passed from the last checkpoint
  • invest: make a new deposit
  • withdraw: transfer dividends to the user wallet
  • reinvestment: re-invest all dividends and increase deposits amounts
  • getNextUserAssignment: return next withdraw or reinvest time
  • getUserholdRate: return hold bonus
  • getUserPercentRate: return user total bonus
  • getPublicData: return contract stats
  • getUserData: return user stats
  • getContractBalance: return contract balance
  • getUserDividends: calculate and return user dividends
  • isActive: check user status
  • getUserDepositInfo: return deposits info
  • getUserTotalDeposits: return total deposit amount
  • getUserTotalWithdrawn: return total withdraw amount
  • isContract: return an address type

Related Posts

4 4 votes
Article Rating
Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments

You should advice it when you audit a “ROI contract” that it’s a ponzi scheme so it’s potentially unsustainable at all, if not people gets a missleading idea of the contract. Look at BNBPlus… 2weeks and the contract is totally empty, with thousands of people trying to withdraw their money and accepting empty transactions that cost a bnnb fee but don’t suppose any real withdrawal, quantity appears as 0 bnb. I think you should at least advice the high-risk and manipulability characteristics. In the case of BNBplus it’s clear that some whales were the first ones to enter (and probably the organizers themselves) and when the first blocking period ended they just withdrawn all their BNB plus all participants BNB, as the profits come from new investors and the profit supposed to be for that big investors means almost all the entire pool. So it’s a total SCAM. Please be a good auditor, pleasde advice the risks and the manipulability of those kind of projects. Thanks

Would love your thoughts, please comment.x