chore: rename token security benchmark to token risk classification (#4)

.github/pull_request_template.md

@@ -6,7 +6,7 @@ Fixes #
 
 **What type of PR is this?**
 
-Please check [contributing guideline](https://cryptousersecurity.github.io/token-security-benchmark/contributing/) for more details.
+Please check [contributing guideline](https://cryptousersecurity.github.io/token-risk-classification/contributing/) for more details.
 - [ ] Add a new risk type
 - [ ] Add a new risk sample
 - [ ] Documentation update

CONTRIBUTING.md

@@ -1,10 +1,10 @@
 # Contribution Guidelines
 
-This document describes the contribution guidelines for the Token Security Benchmark project. We welcome any contributions including adding new risk types, adding new risk samples, and updating the documentation, etc.
+This document describes the contribution guidelines for the Token Risk Classification project. We welcome any contributions including adding new risk types, adding new risk samples, and updating the documentation, etc.
 
 ## Risk Type Format
 
-All risk types are defined under [src](https://github.com/cryptousersecurity/token-security-benchmark/tree/main/src) folder with the name of the risk type ID. For example, `TSB-001`. The folder should contain the following folders and files:
+All risk types are defined under [src](https://github.com/cryptousersecurity/token-risk-classification/tree/main/src) folder with the name of the risk type ID. For example, `TRC-001`. The folder should contain the following folders and files:
 
 `metadata.json`: This file contains the metadata of the risk type. The metadata should be in the following format:
 ```json
@@ -42,29 +42,29 @@ The fields in the metadata are:
 
 ### Add New Risk Samples to samples Folder
 
-If you want to add new risk samples to an existing risk type, you can add the new risk samples to the `samples` folder of the risk type folder under [src](https://github.com/cryptousersecurity/token-security-benchmark/tree/main/src). The sample contracts should be named as `NN.sol`, e.g., `01.sol`, `02.sol`, `03.sol`, etc.
+If you want to add new risk samples to an existing risk type, you can add the new risk samples to the `samples` folder of the risk type folder under [src](https://github.com/cryptousersecurity/token-risk-classification/tree/main/src). The sample contracts should be named as `NN.sol`, e.g., `01.sol`, `02.sol`, `03.sol`, etc.
 
 ### Update metadata.json
 
-Update the `samples` field in the `metadata.json` file of the risk type folder under [src](https://github.com/cryptousersecurity/token-security-benchmark/tree/main/src).
+Update the `samples` field in the `metadata.json` file of the risk type folder under [src](https://github.com/cryptousersecurity/token-risk-classification/tree/main/src).
 
 ## Contribute New Risk Types
 
 ### Request a Risk Type ID
 
-Risk Type ID is defined in format `TSB-NNN` where `NNN` is the number of the risk type in that year. For example, `TSB-001`.
-Before adding a new risk type, please check if the risk type ID is already taken. If not, please request a new risk type ID by creating an issue in this repository. You can check the taken risk type IDs in under [src](https://github.com/cryptousersecurity/token-security-benchmark/tree/main/src) folder.
+Risk Type ID is defined in format `TRC-NNN` where `NNN` is the number of the risk type in that year. For example, `TRC-001`.
+Before adding a new risk type, please check if the risk type ID is already taken. If not, please request a new risk type ID by creating an issue in this repository. You can check the taken risk type IDs in under [src](https://github.com/cryptousersecurity/token-risk-classification/tree/main/src) folder.
 
 ### Create a new Risk Type Folder
 
-Create a folder under [src](https://github.com/cryptousersecurity/token-security-benchmark/tree/main/src) folder with the name of the risk type ID. Add folders and files based on the [Risk Type Format](#risk-type-format) section.
+Create a folder under [src](https://github.com/cryptousersecurity/token-risk-classification/tree/main/src) folder with the name of the risk type ID. Add folders and files based on the [Risk Type Format](#risk-type-format) section.
 
 ## Update Documentation
 Everytime you add a new risk type or add new risk samples to an existing risk type, please update the documentation by executing the following command:
 ```bash
 make generate-docs
 ```
-This command will generate the documentation in [docs](https://github.com/cryptousersecurity/token-security-benchmark/tree/main/docs) folder.
+This command will generate the documentation in [docs](https://github.com/cryptousersecurity/token-risk-classification/tree/main/docs) folder.
 You can also preview the change by serving the documentation locally:
 ```bash
 mkdocs serve

README.md

@@ -1,10 +1,10 @@
-# Token Security Benchmark
+# Token Risk Classification
 
-Token Security Benchmark(TSB) aims at identifying and cataloging scams like honeypots, and intentional backdoors that may be present in token smart contracts within the crypto ecosystem. This benchmark serves as:
+Token Risk Classification(TRC) aims at identifying and cataloging scams like honeypots, and intentional backdoors that may be present in token smart contracts within the crypto ecosystem. This classification serves as:
 
 - **A Shield against Malicious Contracts:** By showcasing a defined list of malicious token contract patterns, it empowers users and project teams to recognize and steer clear of contracts with hidden intents, thereby ensuring safer interactions within the decentralized space.
 
-- **A Testing Ground for Developers:** With a clear classification of malicious patterns and real-world examples, developers creating tools to detect these malicious token smart contracts can effectively evaluate their systems against a standardized benchmark.
+- **A Testing Ground for Developers:** With a clear classification of malicious patterns and real-world examples, developers creating tools to detect these malicious token smart contracts can effectively evaluate their systems against a standardized classification.
 
 - **A Catalyst for Research:** By elucidating the deceitful practices adopted in token smart contracts, we aspire to drive more research towards crypto user safety, encouraging the community to devise strategies that deter such behaviors.
 

docs/TRC-001.md

@@ -0,0 +1,13 @@
+
+# TRC-001 Honeypot
+## Description
+
+This is a honeypot smart contract sample demonstrating unpredictable behavior when storing a value that exceeds integer limitations.
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-001/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-001/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-001/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-001/samples/04.sol) 
+- [05.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-001/samples/05.sol)

docs/TRC-002.md

@@ -0,0 +1,20 @@
+
+# TRC-002 Mintable
+## Description
+
+Changing the percentage of a position by increasing the balance at a specific address.
+
+## Risk Pattern
+
+```solidity
+function mint(unit256 amount) external onlyowner {
+  _balances[_msgSender()] += amount;
+}
+```
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-002/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-002/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-002/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-002/samples/04.sol)

docs/TRC-003.md

@@ -0,0 +1,26 @@
+
+# TRC-003 OwnershipRetrieval
+## Description
+
+When Owner permissions are set to a black hole address, it is still possible to fetch owner permissions back to an actionable address.
+
+## Risk Pattern
+
+```solidity
+function lock(uint256 time) public virtual onlyOwner {
+  _previousOwner = _owner;
+  _owner = address(0);
+}
+ 
+function unlock() public virtual {
+  require(_previousOwner == msg.sender, );
+  _owner = _previousOwner;
+}
+```
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-003/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-003/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-003/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-003/samples/04.sol)

docs/TRC-004.md

@@ -0,0 +1,21 @@
+
+# TRC-004 BalanceManipulation
+## Description
+
+Changes can be made to the user's balance without the user's allowance to achieve a reduction in the percentage of the user's position.
+
+## Risk Pattern
+
+```solidity
+function setBalance(address user, uint256 value) public onlyOwner returns (bool) {
+  _balances[user] = value
+  return true;
+}
+```
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-004/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-004/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-004/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-004/samples/04.sol)

docs/TRC-005.md

@@ -0,0 +1,20 @@
+
+# TRC-005 HiddenOwnership
+## Description
+
+To hide the status of a privileged address, set it to an unreadable address, or to name it using a non-standard method.
+
+## Risk Pattern
+
+```solidity
+modifier superman() {
+  require(superman == _msgSender(), );
+}
+```
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-005/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-005/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-005/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-005/samples/04.sol)

docs/TRC-006.md

@@ -0,0 +1,20 @@
+
+# TRC-006 SelfDestruction
+## Description
+
+The contract can be destroyed, resulting in the loss of all functionality and zeroing of assets.
+
+## Risk Pattern
+
+```solidity
+function close(address payable to) external onlyOwner { 
+  selfdestruct(to); 
+}
+```
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-006/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-006/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-006/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-006/samples/04.sol)

docs/TRC-007.md

@@ -0,0 +1,25 @@
+
+# TRC-007 ExternalInvocation
+## Description
+
+Certain functions or logic judgments within the contract rely on external contracts.
+
+## Risk Pattern
+
+```solidity
+function _transfer(address from, address recipient, uint256 amount) internal virtual override returns (bool) {
+  require(_balances[_msgSender()] >= amount, );
+  _balances[_msgSender()] -= amount;
+  _balances[recipient] += amount;
+  address1.transfer(amount);
+  emit Transfer(_msgSender(), recipient, amount);
+  return true;
+}
+```
+
+## Risk Samples
+
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-007/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-007/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-007/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-007/samples/04.sol)

docs/TSB-008.md → docs/TRC-008.md

@@ -1,5 +1,5 @@
 
-# TSB-008 BlackListFunction
+# TRC-008 BlackListFunction
 ## Description
 
 Restrict trading to specific addresses, preventing them from buying/selling, or selling only at a high loss
@@ -19,7 +19,7 @@ function _transfer(address from, address recipient, uint256 amount) internal vir
 
 ## Risk Samples
 
-- [01.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-008/samples/01.sol) 
-- [02.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-008/samples/02.sol) 
-- [03.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-008/samples/03.sol) 
-- [04.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-008/samples/04.sol)
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-008/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-008/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-008/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-008/samples/04.sol)

docs/TSB-009.md → docs/TRC-009.md

@@ -1,5 +1,5 @@
 
-# TSB-009 FullSaleRestriction
+# TRC-009 FullSaleRestriction
 ## Description
 
 Users are unable to sell their entire position all at once. They can only trade a portion as a percentage or retain a certain amount of holdings.
@@ -19,7 +19,7 @@ function _transfer(address from, address recipient, uint256 amount) internal vir
 
 ## Risk Samples
 
-- [01.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-009/samples/01.sol) 
-- [02.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-009/samples/02.sol) 
-- [03.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-009/samples/03.sol) 
-- [04.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-009/samples/04.sol)
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-009/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-009/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-009/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-009/samples/04.sol)

docs/TSB-010.md → docs/TRC-010.md

@@ -1,5 +1,5 @@
 
-# TSB-010 SlippageModification
+# TRC-010 SlippageModification
 ## Description
 
 The transaction tax rate is subject to modification.
@@ -23,7 +23,7 @@ function setFee(uint256 _fee) external onlyOwner{
 
 ## Risk Samples
 
-- [01.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-010/samples/01.sol) 
-- [02.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-010/samples/02.sol) 
-- [03.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-010/samples/03.sol) 
-- [04.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-010/samples/04.sol)
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-010/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-010/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-010/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-010/samples/04.sol)

docs/TSB-011.md → docs/TRC-011.md

@@ -1,5 +1,5 @@
 
-# TSB-011 TransferPausable
+# TRC-011 TransferPausable
 ## Description
 
 There is a toggle for trading. When the toggle is turned off, trading is restricted for non-designated addresses.
@@ -23,7 +23,7 @@ function setTradeEnabled(bool _enabled) external onlyOwner {
 
 ## Risk Samples
 
-- [01.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-011/samples/01.sol) 
-- [02.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-011/samples/02.sol) 
-- [03.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-011/samples/03.sol) 
-- [04.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-011/samples/04.sol)
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-011/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-011/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-011/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-011/samples/04.sol)

docs/TSB-012.md → docs/TRC-012.md

@@ -1,5 +1,5 @@
 
-# TSB-012 PersonalSlippageModification
+# TRC-012 PersonalSlippageModification
 ## Description
 
 Individual transaction taxes can be set for each address.
@@ -25,7 +25,7 @@ function setFee(address _address, uint256 _fee) external onlyOwner{
 
 ## Risk Samples
 
-- [01.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-012/samples/01.sol) 
-- [02.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-012/samples/02.sol) 
-- [03.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-012/samples/03.sol) 
-- [04.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-012/samples/04.sol)
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-012/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-012/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-012/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-012/samples/04.sol)

docs/TSB-013.md → docs/TRC-013.md

@@ -1,5 +1,5 @@
 
-# TSB-013 TransactionWhitelisting
+# TRC-013 TransactionWhitelisting
 ## Description
 
 There are certain privileged addresses that are not affected by trading restrictions or the need to pay transaction taxes.
@@ -21,7 +21,7 @@ function _transfer(address from, address recipient, uint256 amount) internal vir
 
 ## Risk Samples
 
-- [01.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-013/samples/01.sol) 
-- [02.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-013/samples/02.sol) 
-- [03.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-013/samples/03.sol) 
-- [04.sol](https://github.com/cryptousersecurity/token-security-benchmark/blob/main/src/TSB-013/samples/04.sol)
+- [01.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-013/samples/01.sol) 
+- [02.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-013/samples/02.sol) 
+- [03.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-013/samples/03.sol) 
+- [04.sol](https://github.com/cryptousersecurity/token-risk-classification/blob/main/src/TRC-013/samples/04.sol)