Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QA Report #24

Open
code423n4 opened this issue Feb 11, 2022 · 4 comments
Open

QA Report #24

code423n4 opened this issue Feb 11, 2022 · 4 comments
Assignees
@maximebrugel
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")

Comments

@code423n4
Copy link
Contributor

Gas fee improvement
https://github.com/code-423n4/2022-02-nested/blob/main/contracts/NestedFactory.sol#L100
there is no need to use extra variable operatorsCache to check if operator exists.

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/NestedFactory.sol#L111
In the removeOperator function, no need for this line uint256 operatorsLength = operators.length;
Use operators.length directly in the loop

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/NestedFactory.sol#L177
getAssetTokensLength() function is not called from the contract. If not needed it can removed or should be made external

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/NestedFactory.sol#L191
Function tokenHoldings() is not called from within the contract. If not needed it can be removed or should be made external

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/NestedAsset.sol#L52
Function originalOwner() is not called from within the contract. If not needed it can be removed or should be made external

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/OperatorResolver.sol#L16
Add empty string check for this function

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/OperatorResolver.sol#L57
If bith names.length and operatorsToImport.length == 0, this check passes. Consider adding empty check to both structures

https://github.com/code-423n4/2022-02-nested/blob/main/contracts/FeeSplitter.sol#L204
Nested _addShare
_sendFees calls _addShare
But in sendFeesWithRoyalties(), _addShare is called again after _sendFees. This can lead to nested executed.
Please consider refactoring this code.
@code423n4 code423n4 added QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax bug Something isn't working labels Feb 11, 2022
code423n4 added a commit that referenced this issue Feb 11, 2022
@code423n4
samruna issue #24
f4017c0
@maximebrugel
Copy link
Collaborator

"there is no need to use extra variable operatorsCache to check if operator exists." (Disputed)

Cheaper to read in local variable.

"Use operators.length directly in the loop" (Disputed)

Cheaper to read in local variable.

"getAssetTokensLength() function is not called from the contract (...)" (Confirmed)

"Function tokenHoldings() is not called from within the contract (...)" (Confirmed)

"Function originalOwner() is not called from within the contract" (Confirmed)

"Add empty string check for this function" (Disputed)

This is view, not needed.

"(...) Consider adding empty check to both structures" (Disputed)

Yes, but not an issue in this case.

"in sendFeesWithRoyalties(), _addShare is called again after _sendFees. (...)" (Disputed)

I feel it's better that way.

@maximebrugel maximebrugel added the sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") label Feb 15, 2022
@maximebrugel maximebrugel self-assigned this Feb 16, 2022
@maximebrugel maximebrugel mentioned this issue Feb 16, 2022
Merged
@harleythedogC4
Copy link
Collaborator

My personal judgements:

  1. "there is no need to use extra variable operatorsCache to check if operator exists" - agree with sponsor, this suggestion would increase gas usage and doesn't really help at all. Invalid.
  2. "Use operators.length directly in the loop". Same as 1. Invalid.
  3. "getAssetTokensLength() function is not called from the contract". Valid and non-critical.
  4. "Function tokenHoldings() is not called from within the contract". Valid and non-critical.
  5. "Function originalOwner() is not called from within the contract". Valid and non-critical.
  6. "Add empty string check for this function". Not enough explanation to see why this helps in any way. Invalid.
  7. Consider adding empty check to both structures. Perhaps the admin calls the function with zero length input by accident and does not notice, function will still pass. Valid and very-low-critical.
  8. "Nested _addShare". Not enough explanation to see why this helps in any way. Invalid.

@harleythedogC4
Copy link
Collaborator

Adding in the reduced severity #23:
9. "updateShareHolder logic does not seem correct". Just code consistency. Valid and non-critical.

@harleythedogC4 harleythedogC4 mentioned this issue Mar 3, 2022
Closed
@harleythedogC4
Copy link
Collaborator

Now, here is the methodology I used for calculating a score for each QA report. I first assigned each submission to be either non-critical (1 point), very-low-critical (5 points) or low-critical (10 points), depending on how severe/useful the issue is. The score of a QA report is the sum of these points, divided by the maximum number of points achieved by a QA report. This maximum number was 26 points, achieved by #66.

The number of points achieved by this report is 9 points.
Thus the final score of this QA report is (9/26)*100 = 35.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@maximebrugel maximebrugel

Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@maximebrugel @code423n4 @harleythedogC4