HECO Farms

*Paid Advertisement. Not financial advice. RugDoc is not responsible for the projects showcased here. DYOR and ape safu.

Filter by risk

Fork of OlympusDAO:

  • ⚠️ Not KYC'd with RugDoc
  • ⚠️ No reputable audits as of date
  • ⚠️ Liquidity is not locked with RugDoc
  • ✅ Multisig - Total of 4 members in their multisig contract, 2 of which are third party members. With 3 out of 4 approvals needed to execute a transaction.

Having said the above, we are classifying this as [Not Eligible] as we recommend these kind of complex projects to pass reputable audits and KYC verifications as there is a risk of governance mishandling. Before investing, we also recommend users to conduct their own due diligence checks.

Posted on 10 January 2022 |
Update

UPDATE:

  • ✅ Masterchef is now behind a 24-hour timelock.
  • Token ownership has been transferred to the Masterchef and the antibot features were disabled.
Updated on 11 January 2022

RugDoc KYC: Project owner has KYC’d to us, and has signalled his transparency and commitment to this project. We have also confirmed that the project owner has access to the privileged addresses of the project, and shall retain full responsibility over them and any actions taken by them.

Banksy Farm (Avalanche) fork with 1,000,000 max token supply

  • Banksy Farm expansion to the Fantom network
  • ✅ Max 4% deposit fees
  • ✅ Correctly accounts for transfer taxes on any token pool
  • 3% anti-whale (min 0.5%)
  • 9% max wallet size (Min 5%, Max 100%)
  • An additional 10% of emissions rewards are minted to the treasury address.
  • ⚠️ Masterchef currently not behind a timelock
  • ⚠️ Token owner is not yet Masterchef. Dev has clarified that ownership will be transferred immediately to Masterchef upon conclusion of presale.
  • ⚠️ Token has blacklisting capabilities for bot prevention (holding more than max wallet size) and can be manually called by owner to elect which addresses.
  • ⚠️ Token anti-whale can be set artificially low, which could impede/block transfers.

⚠️ TRIPLE CHECK the contract you interact with matches the one reviewed here (0x6daa...33cd0)

Posted on 04 January 2022 |

RugDoc KYC: Project owner has KYC’d to us, and has signalled his transparency and commitment to this project and shall retain full responsibility over them and any actions taken by them.

  • ✅ KYC'd with RugDoc

We reserve the right to not review exceedingly complex projects that would require tens of thousands of dollars of senior security analyst man hours.

Typically these are projects that deal with leverage, lending, options, derivatives, and anything that is overly complex and which requires tons of peer reviews and audits from top audit companies.

Since our resources are stretched thin and we don’t have the funding for these kind of massive endeavors, we may pass on projects that meet this level of complexity. DYOR.

Posted on 25 December 2021 |

The DUSD stablecoin is part of a lending protocol, Demeter, in HECO. The protocol appears to offer staking options as well to distribute its governance token. While its lending options appears to be a fork of Venus (BSC) which involves multiple complex contracts that manages the collateral factors of each users, monitors user DUSD minting, repayment, liquidation eligibility, price feed monitoring, governance, and etc.

We reserve the right to not review projects that deal with leverage, lending, options, derivatives, and anything that is overly complex and requires tons of peer reviews and audits from top audit companies. Since our resources are stretched thin and we don’t have the funding for these kind of massive endeavors, we may pass on projects that meet this level of complexity. DYOR.

Posted on 23 October 2021 |

Description

Blockchain Monster Hunt (BCMH) is the world’s first multi-chain game that runs entirely on the blockchain itself. Inspired by Pokémon-GO, BCMH allows players to continuously explore brand-new locations on the blockchain to hunt and battle monsters. Each block on the blockchain is a unique digital space where a limited number of Monsters (of the same DNA gene and rarity) may exist. Players and collectors can hunt or battle for a chance to capture these unique Monsters and to earn coins.

Max Mintable / Minted (At time of listing)

  • 16,500  / 0%

Mint Price

  • Unknown

Launch Details

  • Genesis Monsters cannot be caught or created within the game, and come with the following benefits:
  • Exclusive staking pool, separate from the rest of the Blockchain Monster Universe
  • Genesis Monsters are required to engineer (breed) new Monsters – and Genesis Monsters can be lent to those that need them for breeding with the in-game NFT Flash Loan feature
  • Increased chance of catching other Monsters in battle
  • Total supply 16,500 Genesis Monsters, within 22 species

Contract

  • ✅ Verified
  • ⚠️ Token contract is behind an upgradeable proxy

Community Hypestatus

  • 49,851 Follower @ Twitter
  • 39,428 Members @ Discord
  • 9,200 Follower @ Medium
  • 6,819 Members @ Telegram
Posted on 21 October 2021 |

Panther fork

  • ✅ Max 4% deposit fees
  • ⚠️ Masterchef currently not behind a timelock
  • ✅ Correctly accounts for transfer taxes on any token pool
  • 2% referral (max 20%)
  • 5% of emission rewards minted to dev address
  • ⚠️ Transfer-tax liquidity tokens can be sent to the operator wallet. Please clarify with the project on how they plan to use this.
  • 0.4% transfer tax (max 4%)
  • 2.5% anti-whale (fixed)
  • Antibot: 1 txn every 20 blocks.

⚠️ TRIPLE CHECK the contract you interact with matches the one reviewed here (0xb63ab342...a7dd).

Posted on 24 September 2021 |

The project focuses on Cross-chain swaps, yield farming, auto-compounding vaults, staking, referral program, lottery and more.

We reserve the right to not review exceedingly complex projects that would require tens of thousands of dollars of senior security analyst man hours.

Typically these are projects that deal with leverage, lending, options, derivatives, and anything that is overly complex and which requires tons of peer reviews and audits from top audit companies.

Since our resources are stretched thin and we don’t have the funding for these kind of massive endeavors, we may pass on projects that meet this level of complexity. DYOR.

Posted on 07 September 2021 |

🚨PancakeSwap fork with migrator code intact🚨

  • ⚠️ Masterchef currently not behind a timelock.
  • 🚨 Has the SYRUP bug with the CREAM token when staking in the BUT Cream pool 2.0.
  • ⚠️ Does not support deflationary/transfer-tax token pools, just clarify with project that none will be added
  • 1/10th of emission rewards minted to dev address.
  • ⚠️The project have your own AMM. The Router and Factory are clean clone of PCS Router and Factory, ensure that you perform a small test transaction first and check that the Router contract matches the one reviewed here.

⚠️ TRIPLE CHECK the contract you interact with matches the one reviewed here (0x89a3BfA...2935)

⚠️ Note: Vault, Board and Referral contracts have not been reviewed.

Posted on 27 July 2021 |
Update

Update 2: Galaxy Finance changed their token operator to a 24h timelock. This means that if they were intending to rug, they now need to wait a day before they could lock funds. This makes it a little bit safer, but the hard rug vector is still present. The devs also mentioned that they would look into deploying a wrapper around their contracts (which could mitigate the rug vector).

Update: Moving to high (hard rug) risk rating since the dev can update the router in the masterchef to take all funds out of the masterchef. There's also suspicious code in the emergency withdraw function which can send all withdrawn funds to the feeAddress. Project looks large and promising so this might not be with malicious intent but the code simply has too many negative aspects to keep this non-eligible.

Updated on 6 August 2021

We reserve the right to not review exceedingly complex projects that would require tens of thousands of dollars of senior security analyst man hours.

Typically these are projects that deal with leverage, lending, options, derivatives, and anything that is overly complex and which requires tons of peer reviews and audits from top audit companies.

Since our resources are stretched thin and we don’t have the funding for these kind of massive endeavors, we may pass on projects that meet this level of complexity. DYOR.

Posted on 26 July 2021 |

SPONSORED AD

Uses an upgradeable proxy, which means there is a high risk of hard rugs.

That being said, it's possible that this has a lot more mitigating factors due to the fact that it's likely that it's owned by or closely connected to Mdex, a cornerstone project in Mainland China / the HECO universe.

They give out single staking Mdex rewards, while Mdex phased their single staking rewards out.

If you look at a list of their partnerships, they're mostly all Tier 1 VC's in China, and/or the same ones that associate with Mdex, on top of having Certik audits, etc.

Burgerswap on BSC has white labeled their service for xburger as well.  So not your typical low grade trash project using proxies, but technically according to our scoring system, you should use extreme caution

Posted on 26 June 2021 |

Cornerstone AMM and project for HECO (The Pancakeswap or Uniswap of HECO) and have expanded to BSC.  Several billion $ worth of TVL on both chains at the time of this review, and they have many novel features / concepts like liquidity mining instead of just yield farming.  Super integrated into the Mainland China crypto space, with deep ties to Huobi and many other type gigantic crypto entities.

Multiple audits from Tier 1 companies (Slowmist, Certik Fairyproof)

Posted on 26 June 2021 |

Leveraged yield farm that got their LP funds stuck in PancakeSwap

Posted on 16 May 2021 |

Cross chain auto compounding vault. Interacts with an unverified contract. Has certik audit on Github repository contracts...but not the verified contract.

Posted on 16 May 2021 |

first goose fork on huobi chain, clean fork deposit fees up to 100% possible, timelock in place

Posted on 11 May 2021 |

Cornerstone vault project from BSC that has expanded to multiple chains.  As with most vaults, they have elevated governance powers to be able to modify and change strategies which theoretically would allow them to execute malicious contracts, locked behind a 6 hour timelock.  That being said, the team is one of the most open and transparent teams and has a talented dev team and only one operational incident in their history which they reimbursed users for.  They have multiple Certik Audits and a DefiYield audit.

As with all vaults, they contain a higher level of risk since they are building a product on top of other underlying products and introduce more vectors to attack, but due to its operational history and all the factors mentioned, we are marking this project as Grey.

Posted on 06 April 2021 |

Cornerstone vault project from BSC that has expanded to multiple chains.  Unlike most other vaults that have governance powers to be able to modify and swap strategies to malicious ones, Autofarm vaults generally do not have the ability to hard rug as long as you verify the strat is non-malicious beforehand.  Once you deposit into a verified safe strat, there is no way for them to steal your underlying funds without additional interaction on your end.

For the auto-compounding portion, there is a theoretical vector for them to swap out the router they use and steal a portion of the compounded harvests, but due to their operational history, most people have given them a pass on this.  Your theoretical max loss if this were to happen is just the loss of some compound profits vs other vaults where your theoretical max loss would be 100% if their keys were compromised or they decided to be malicious.

The team has only one operational incident in their history which they reimbursed users for.  They have multiple Certik Audits, a SlowMist audit, and a Vidar audit.

As with all vaults, they contain a higher level of risk since they are building a product on top of other underlying products and introduce more vectors to attack, but due to its operational history and all the factors mentioned, we are marking this project as Low Risk.

Posted on 19 March 2021 |

Search

🟢 For owners who have made impactful changes and would like an update to their farm review:

1️⃣ Use #update at @RugDocChat with your description and proof of changes and it will be forwarded to our scanners.

2️⃣ This does not guarantee a change in your review.

3️⃣ Owners who have difficulty solving the issues can consider our Consultation Package – please contact @BaymaxCrypto on Telegram to discuss.

Our mission here at RugDoc is to screen for hard rug code that results in 100% theft of ALL underlying funds for ALL participants.

This is the ONE part of the due diligence process that most people cannot simply do on their own as it costs thousands of dollars to hire a senior solidity developer to look over a farm for safety.

A project coin with terrible code can go up in price, and a project with good code and a good team can also go down in price.

Do NOT use our ratings to refer to your likelihood in making money if you invest in the project. They are ONLY in reference to code safety.

Everything else beyond code safety is YOUR responsibility to go do research on. We just make sure the casino you’re betting in won’t rob you before you even get to place a bet.

Our reviews for projects are organized into a few colors.

🟢 Least Risk
These projects are the least likely to hard or soft rug. Usually reserved for cornerstone projects of an ecosystem where it makes no financial sense for them to rug in any manner as they make more money just being legit.

🔵 Low Risk
These projects are usually established projects in an ecosystem that have a track record of success or have KYC’d to us or other authoritative sources in the real world. As a result, it is extremely unlikely for them to soft rug or hard rug their projects. The projects can still fail and the token price can go down, but usually more as a result of natural market forces.

⚪️ Some Risk
This is the default rating for projects with unknown teams but have code that is unlikely to have hard rug risk. Since the team is unknown and doesn’t have a track record of success, it’s entirely possible that they may try to soft rug by dumping tokens, abandoning the project, etc. Even a last minute contract swap to a malicious contract is possible. The only thing that is unlikely is a complete hard rug as long as you are 100% sure you deposit into the contract we review.

🟠 Medium Risk
Similar to Some Risk, but the underlying code itself is custom enough or complex enough that it warrants an elevated risk rating that needs deeper research. Make sure you read every point presented to make sure you’re comfortable with that before entering. Still unlikely to hard rug, but more chances of custom code behaving incorrectly and causing other issues.

🔴 High Risk
Project contains code or practices that are HIGHLY LIKELY to lead to catastrophic losses as they are right now. Make sure you read the description carefully as we will always warn what these issues are. If you see the words Hard Rug anywhere in the review, STAY FAR AWAY!

⚫️ Not Eligible
We reserve the right to not review exceedingly complex projects that would require tens of thousands of dollars of senior security analyst man hours. Typically these are projects that deal with leverage, lending, options, derivatives, and anything that is overly complex and which requires tons of peer reviews and audits from top audit companies.