Episode Transcript
[00:00:00] Speaker A: Out of cycle update.
Is Redic finance a scam?
Cryptotalk FM my name is Leister. I'm your host. And the question came in. I didn't expect the question to come in. I did expect it, but I'm disappointed it did. But the question came in about Reddit.
[00:00:16] Speaker B: Finance, which has been getting a significant.
[00:00:18] Speaker A: Amount of hype across social media, more than the vast majority that I've seen in the past. There's news articles getting paid for on.
[00:00:26] Speaker B: Crypto daily that's getting spammed left right Sunday.
[00:00:29] Speaker A: They're being put alongside Salon and Shib to kind of hook into those.
And as a result, it was inevitable that the question was going to come up about whether it's a scam. And I'm, I don't cover extensive cover tokens that get a lot of hype.
[00:00:43] Speaker B: On social media as a policy, and.
[00:00:45] Speaker A: I will not deep dive this one. And I can't even tell you, I cannot whether or not it's a scam. But what I thought I would do, since I am a cryptocurrency auditor myself, is I would share at least bit basic things I saw in the contract. Now, if you're kind of out of the loop, kudos to you, by the way. But if you're out of the loop, Reddit finance did a pre sale some time ago was not pink scam. So that was, that was actually a good thing. Not Pink scam was on their site, and they did ads on whatever sites, and the pre sales ended. It was a, I think a nine stage or something. And then they're allegedly going to be launching on Uniswap. It's an Ethereum based token launching on Uniswap on May 21, as I record this. So that's why some of the hype is starting to hit a fever pitch, because people that were in the presale have been sitting on, they weren't even able to claim the tokens. They're sitting out there. Allegedly there's some sort of a vesting, something that's designed to offset significant dumps. But depending on the stage that you bought in, you might have had a.
[00:01:48] Speaker B: Lower price, which could still contribute to.
[00:01:50] Speaker A: Some dumps, depending on, you know, large players that bought into the business. So given it's going to launch on either swap pretty soon, I decided I would look at the contract to see if there was anything blatantly obvious. That caught my eye. Again, I'm not deep diving into it.
[00:02:04] Speaker B: You are free to if you want to.
[00:02:06] Speaker A: The site is reddick.com retik.com. If you want to check out what it's doing, you will not be able.
[00:02:13] Speaker B: To purchase it, as I understand it, until May 21. So you've already missed the pre sale. That's why I figured, okay, it's probably.
[00:02:19] Speaker A: Harmless at this point, because even if you wanted to fomo into it, if you're going to do it, it would already have been, from your perspective at launch. It's not a fair launch and not a fair price because there's countless people, I'm going to figure probably about 15 to 20,000 people bought into the presale. I don't know exact numbers, but I'm going to guess that the first thing I noticed on the contract, it appears to be handwritten, as in they, it's.
[00:02:45] Speaker B: Not like a copy of another contract.
[00:02:46] Speaker A: As far as I can tell. I didn't see any evidence that it was copied. And just functionally, structurally, it actually looks very well written from what I can tell. So. All right, well, I went a little bit deeper, and the only things that.
[00:03:00] Speaker B: Stood out, so they did a certic audit. Certic called out the centralization issue, which.
[00:03:03] Speaker A: I talked about is what can the owner do that they don't think that you should be able to do? And they gave a finding that talked about it and said there's too much.
[00:03:12] Speaker B: Centralization that you should consider.
[00:03:13] Speaker A: Multisig wallet, the idea that multiple people have to approve the transaction before it goes through, and you don't have single point of failure with the owner, because if that private key got breached or somehow compromised or even lost, it's going to screw you in the end. The Reddit team responded and essentially said.
[00:03:31] Speaker B: Something to the effect of, we're going.
[00:03:33] Speaker A: To lock, we're going to lock 40% of the tokens according to the tokenomics. Well, locking the token does not solve centralization risk. So the centralization risk is still there. There's going to be an owner there.
[00:03:44] Speaker B: Don'T plan to renounce, as far as.
[00:03:46] Speaker A: We can tell, which means there's a.
[00:03:48] Speaker B: Risk of rug pull by the team.
[00:03:50] Speaker A: So that's there. And I'm just calling out what it is.
[00:03:53] Speaker B: Centralization.
[00:03:54] Speaker A: That's exactly what it is. You're creating a risk that they might.
[00:03:56] Speaker B: Rug and take the money and run.
[00:03:58] Speaker A: Because they hold the private key. But also, even if it's not malicious.
[00:04:03] Speaker B: Let'S say they just lose the key, which has happened.
[00:04:06] Speaker A: Okay, you're screwed. Because if there's something that happens, something.
[00:04:09] Speaker B: Goes wrong, they can't intervene to help.
[00:04:11] Speaker A: You in any way, when I looked then at some of the functions, the only functions that were concerning, and I understand why they're there, but they're concerning to me, there was a function that said something to the effect of, you know, if you send your ETH to this address, the contract address, when you're not supposed to, they can return it to you. So if they had renounced, they wouldn't be able to do that to return your ethnic. Well, that's a gift and a curse, because that could expose them to an attack, theoretically. I'm not saying it will. I'm saying theoretically because it's there. Let's say somebody does an attack where they're sending, I don't know, tokens, like valid Reddit tokens to the address on.
[00:04:49] Speaker B: Purpose, and then trying to do a.
[00:04:50] Speaker A: Swap attack, it's theoretically possible.
[00:04:52] Speaker B: How likely?
[00:04:53] Speaker A: I don't know. Theoretically possible. They also had a function that was designed for antibot, but they hard coded. What they did was they basically did a timespan that they believe is likely a bot attack of a small amount of time, as in, if the transaction seems to be happening within transaction a and transaction b, or within, you know, a very small amount of time of each other, assume it's a bot and block it. Well, if you're a smart bot builder.
[00:05:19] Speaker B: All you have to do is adjust.
[00:05:20] Speaker A: Your timing to go one millisecond outside of that threshold, and it's going to pass. So I suspect there's going to be some arbitrage going on, likely Jared from subway.
[00:05:31] Speaker B: I can't say for sure, but he.
[00:05:32] Speaker A: Seems to play on Ethereum like crazy. So I would expect some arbitrage, as in liquidity, is being drained out of the project, which may cause it to do the pump and dump pattern and never recover, as you know.
So then I look down, and they have functions that are designed. And this concerned me just ever slightly, not really, but they have, like, a allowance concept. I understand why they have the allowance concept. They're trying to mitigate, you know, how many tokens people can hold so they can't dump the project. The problem is, because they're functions in the contract itself, it could open itself.
[00:06:10] Speaker B: Up to a breach.
[00:06:11] Speaker A: Okay. And then they could just change, exploit the allowance concept, override it, and then.
[00:06:17] Speaker B: Do, let's say, a flash loan attack.
[00:06:19] Speaker A: And then get more tokens and then dump it, and then it never recovers. So I'm not saying guarantee these are going to happen.
[00:06:26] Speaker B: I'm saying I do see a couple.
[00:06:28] Speaker A: Of flaws from my perspective. Flaws in the contract that they at.
[00:06:32] Speaker B: This point probably felt are necessary to.
[00:06:34] Speaker A: Get the thing going. I understand, but there's risk there. So if you were in the presale and you plan to just sell out when it launches, probably not an issue. But there's risk if you plan to stay in it. They are doing a debit card kind of thing. So if you plan to stay in it, just understand there's strong risk that this could get breached or rug pulled. It's possible, I would think. It's not necessarily rug pull risk.
[00:07:00] Speaker B: I would think it's breach risk.
[00:07:02] Speaker A: I would think that there's some way that somebody can backdoor this business and drain the project. That would be my guess on what likely might happen for smart people. Don't come at me talking about FUD. I'm giving what I see in the contract. These functions could be exploited because they're not addressing the whole owner situation as raised by certicates.
