Security & Transparency – Complete Breakdown

The ClassicBirds contract is designed with robust security measures to protect users' funds and ensure fair, trustless operation. Here’s a deep dive into how it works:

Security Safeguards

🛡️ Reentrancy Protection

Problem: Hackers can exploit recursive calls to drain funds (like the infamous DAO hack).
Solution: The contract uses OpenZeppelin’s ReentrancyGuard, which blocks nested calls to critical functions.

Applied in:

function mintNFT() external payable nonReentrant  
function burnNFT(uint256 tokenId) external nonReentrant

💾 Immutable Core Parameters

Locked variables (cannot be changed after deployment):
- TOTAL_SUPPLY (500 NFTs max)
- BASE_PRICE (0.10 ETC starting price)
- BURN_PERCENTAGE (70% of mint revenue goes to burn rewards)
Why? Prevents rug pulls or sudden rule changes.

👑 Restricted Admin Controls

The Ownable modifier limits sensitive actions to the contract owner:

Allowed:
- setTreasuryWallet() (can update where 30% of mint fees go)
- setBaseURI() (for future metadata updates)
Blocked for everyone (including owner):
- Withdrawing locked ETC (funds only leave via burns)
- Changing mint/burn rules

Fund Safety Mechanisms

💰 Where Does the Money Go?

Action

ETC Flow

Minting

70% → Burn pool, 30% → Treasury

Burning

Burner gets (totalLockedValue) / (remaining NFTs)

Direct Donations

100% → Burn pool (receive() function)

🔐 No Emergency Withdrawals

Unlike many projects, there’s no withdraw() function for the owner.
Funds can only move in two ways:
1. Burns (users voluntarily trigger rewards)
2. Treasury fees (automatic 30% cut during minting)

📉 Last Burner Guarantee

If only 1 NFT remains, burning it sends 100% of totalLockedValue to the owner.
Ensures the final NFT holder isn’t stuck with worthless assets.

Transparency Features

📡 On-Chain Event Logging

Key actions emit events for public verification:

event Burned(address indexed from, uint256 indexed tokenId, uint256 amount);  
event LockedValueUpdated(uint256 newLockedValue);

Use Case: Track burns, rewards, and fund growth via Etherscan.

📊 Real-Time Data Visibility

Anyone can verify:

Remaining NFTs: TOTAL_SUPPLY - currentTokenId + 1
ETC in burn pool: totalLockedValue
Burned tokens: tokenIdToBurned(tokenId)

Audit Considerations

✔️ Key Invariants (Should Never Break)

totalLockedValue ≤ contract balance
totalBurned ≤ currentTokenId - 1
currentTokenId never exceeds 500

5.5 Why Users Can Trust This

No hidden admin functions – Everything is transparent.
Funds are programmatically locked – Not even the owner can steal them.
Progressive decentralization – The more NFTs burned, the more control shifts to holders.

This makes ClassicBirds anti-rug and anti-exploit by design.

PreviousDynamic Mint Pricing NextClassicBirds NFT Whitepaper

Last updated 11 months ago

hashtagSecurity Safeguards

hashtag🛡️ Reentrancy Protection

hashtag💾 Immutable Core Parameters

hashtag👑 Restricted Admin Controls

hashtagFund Safety Mechanisms

hashtag💰 Where Does the Money Go?

hashtag🔐 No Emergency Withdrawals

hashtag📉 Last Burner Guarantee

hashtag📡 On-Chain Event Logging

hashtag📊 Real-Time Data Visibility

hashtagAudit Considerations

hashtag✔️ Key Invariants (Should Never Break)

hashtag5.5 Why Users Can Trust This