SUNexWorld Audit


Audit of SUNexWorld Smart-Contract:
Smart-contract address: TKMxdoqA7MLyWR1rSRG8BXWpuzvQydr78b


This audit is not a call to participate in the project and applies only to the Smart-Contract code at the specified address.
Do not forget that you are doing all financial actions at your own risk, especially if you deal with high-risk projects.


In the SUNexWorld Smart-Contract were found no vulnerabilities and no backdoors.
The code was manually reviewed for all commonly known and more specific
So SUNexWorld Smart-Contract is safe for use in the main network.
Warning: do not send tokens to smart-contract address using usual transfer. One must use two-step transfer only: “approve” function inside of SUN Token and “invest” function inside of SUNexWorld.
Note: that is the only third part of the TRONex project from their original team. Do not confuse with a lot of fakes.

CRITICAL ISSUES (critical, high severity): 0
Bugs and vulnerabilities that enable theft of funds, lock access to funds without possibility to restore it, or lead to any other loss of funds to be transferred to any party; high priority unacceptable bugs for deployment at mainnet; critical warnings for owners, customers or investors.

ERRORS, BUGS AND WARNINGS (medium, low severity): 0
Bugs that can trigger a contract failure, with further recovery only possible through manual modification of the contract state or contract replacement altogether; Lack of necessary security precautions; other warnings for owners and users.

Possibilities to decrease cost of transactions and data storage of Smart-Contracts.

NOTES AND RECOMMENDATIONS (very low severity): 2
Tips and tricks, all other issues and recommendations, as well as errors that do not affect the functionality of the Smart-Contract.


Optimization possibilities:

1. Recording statistical parameters in the blockchain (very low severity):
List of statistical parameters that also increase the cost of transactions and increase the amount of data stored in the blockchain:
uint public totalDeposits; uint public totalInvested; uint public totalWithdrawn; uint128 refback; uint128 bonus; uint24[5] refs;
Recommendation: use events and log this information instead of writing it to the blockchain.
Note: this comment doesn’t affect the main functionality of the smart-contract.

2. Transfers inside of referral program (very low severity):
There is five-level referral program and all bonuses (including refback) is transferred directly to the recipients inside of ‘invest’ function. That actions (up to 6 extra transfers) increase total transaction fee.
Recommendation: that is optimally to use ‘pull payment system’ instead, when user withdraws his available referral bonuses himself.


3. Loops over dynamic variables (very low severity):
In the withdraw, getUserDividends, getUserAvailable, getUserTotalDeposits, and getUserTotalWithdrawn functions, cycles unrestrictedly grow as the number of deposits increases. If one creates a large number of parallel deposits from a single wallet, this can lead to an excessive increase in the transaction cost.
Note: maximum amount of deposits from single account — 100.

4. Closing the last payment (very low severity).
If the last user who leaves the project has a payout greater than the smart-contract balance, he will receive the entire available balance, but it will be recorded that the entire payout was closed.
Note: this comment is not critical, since after the smart contract balance is empty, it is unlikely that the contract will be used again. So it makes sense for last user to get at least something.

Independent description of the smart-contract functionality:

The SUNexWorld contract provides the opportunity to invest any amount in SUN TRC20 Token (from 1 SUN) in the contract and get a 200% return on investment, if the contract balance has enough funds for payment.
Dividends are paid from deposits of users (Ponzi scheme).
It is allowed to participate in the project only from usual wallet (not smart-contract nor externally owner address).
Note: SUN TRC20 Token smart contract —
Warning: do not send tokens to smart-contract address using usual transfer. Otherwise you will lost your tokens.
One must use only two-step transfer to create deposit:
1) “approve” function inside of SUN Token.
2) “invest” function inside of SUNexWorld. The minimum amount for deposit is 1 SUN.
That is because of standard critical problem of ERC20 called «event handling». More info at
Each subsequent Deposit is kept separately in the contract, in order to maintain the payment amount for each Deposit.
The daily percentage for user dividends starts from 1% and depends on the following factors:
— Every 3,000 SUN on the maximum smart contract balance +0.05% until 15%. This Contract Bonus cannot decrease.
— Every 12 hours of non-withdrawal of dividends from the smart contract +0.05% until 10% (when creating new deposits, the percent keeps growing).
Maximum daily percent is 26% (1+15+10).
All dividends are calculated at the moment of request and available for withdrawal at any time.
Withdrawal is performed by calling the “withdraw” function from the address the Deposit was made.
Contract owners fee: part of the invested funds is sent to two addresses:
(marketing address) — 5%.
(the platform address) — 5%.
There is five-level referral program: in the “invest” function, one can specify the address of the referrer.
As a result, the referrer (upline) will get direct transfer of share of the investor’s Deposit according to the following table:
Requirements for the referrer: you can not specify your own wallet as a referrer, as well as a wallet that does not have at least one contribution in the smart contract. If wrong referrer is provided, no referrer is set.
The referrer is specified once at the time of the first deposit and is assigned to the user without the possibility of changing. From each subsequent Deposit, the referrer will get his percents.
Any user that has at least one contribution in the project can specify his own ‘refBackPercent’ — share of the referral bonus that will be returned to his direct referral (only 1 referral level).
To set refBackPercent user must call ‘setRefBackPercent’ function with percent parameter with 2 decimals (means 1% = 100, 100% = 10000).

The contract contains statistical functions that do not require sending transactions:
1. getContractBalance – smart contract balance (with decimals, for SUN – 18 characters).
2. getUserPercentRate – the current percentage for the specified user.
3. getUserReferrer – the user’s referrer.
4. getUserAvailable — total available amount to withdraw.
5. isActive – whether the user has active deposits.
6. getUserAmountOfDeposits – the number of user deposits.
7. getUserTotalDeposits – the sum of each deposits of the user.
8. getUserTotalWithdrawn – user dividend withdrawal amount.
9. getUserDeposits — user specified deposits info.
10. getSiteStats — total invested value, total deposits, balance of the contract, current contract percent.
11. getUserStats — user percent, available to withdraw amount, total user invested, amount of deposits and total withdrawn value.
12. getUserReferralStats — user referrer, user refback percent, referrer refback percent and array of amounts of deposits of all-level referrals.

If you have any questions or are interested in developing/auditing of Smart-Contracts, please contact us and we will consult you.
Telegram: @gafagilm

Articles. Public audits

Tetherex Audit

Security Audit of Tetherex Project

Read more


Security audit of the INTERSMART project

Read more


Security audit of the SHIBADOUBLER project

Read more

TronCore Audit

Security Audit of TronCore project

Read more

TRONexPRO Security Audit

Audit of new TRONex project

Read more


Security audit of TRONexVIP smart-contract

Read more

Audit of Omeo Smart-Contract

Audit of part of Omeo project

Read more

APEMaster (Staking) Audit

Audit of APEMaster (Staking) smart-contract

Read more

TronMint Audit

Audit of TronMint Smart-Contract

Read more

SUNexWorld Audit

SUNexWorld smart-contract audit

Read more

FinyTron Audit

Audit of FinyTronDue smart-contract

Read more

TRONCapital Audit

Audit of TRONCapital smart-contract

Read more

ArgosNEX Audit

Audit of ArgosNEX Smart-Contract

Read more

TRONexWorld Audit

Audit of smart-contract from original TRONex team

Read more

Tronner Audit

Audit of the Tronner smart-contract

Read more

TronGuru AUDIT

Audit of the TronGuru Smart-Contract

Read more


Audit of the Trony Smart-Contract

Read more


Security audit of the TRONies smart-contract

Read more


Security audit of the TronEx3 smart-contract

Read more

TronMatrix AUDIT

Security audit of the TronMatrix smart-contract

Read more


Security audit of the TRONPROM smart-contract

Read more


Security audit of the TRX-IN-BANK smart-contract

Read more

TRONex Audit

Security audit of the TRONex smart-contract

Read more


Token is a certain unit of value in the blockchain...

Read more

ICO (CrowdSale)

ICO – Initial Coin Offering or initial coin placement, by...

Read more

ERC20 standard issues

Despite the widespread use, the standard of token ERC20 has...

Read more

ApproveAndCall function for ERC20

Due to one of the known problems of ERC20 EventHandling...

Read more

Example of Smart Contract operation

Since the idea of Smart Contracts was mostly spread in...

Read more

Application of Smart Contracts

Smart contract technologies are still new and it is possible...

Read more

Audit of «Neuromachine Eternal»

Public Audit of NRM Smart Contract

Read more
Load more
To close