QA Report #199
Comments
code423n4
added
bug
Fair feedback -- for natspec we aim for complete coverage of the public interfaces but for internal/private/libraries we have some gaps in order to reduce redundancy, for those we aim to include comments where things are unclear or not obvious from the function and variable names.
Agree but won't fix at this time. We have already started emitting this event on mainnet, to simplify integrations such as subgraph we are going to continue with this event as is. However it's a good catch and I agree that buyReferrer ideally would have been indexed here.
Fair feedback but going to leave as is. These are library functions which do the same thing, just operating on different types.
Invalid - these instances have those params due to inheritance requirements.
Invalid. Unchecked is a gas optimization that can be used when math is known to be safe. |
#1 Missing natspec comment supply
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/collections/SequentialMintCollection.sol#L113
A function has a natspec comment to explain utility about function or parameter but natspec comment supply is missing.
So i suggest to add natspec comment for parameter supply.
#2 Missing natspec comment treasury
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/shared/FoundationTreasuryNode.sol#L47
A function has a natspec comment to explain utility about function or parameter but natspec comment treasury is missing.
So i suggest to add natspec comment for parameter treasury.
#3 Missing natspec comment all param in distributeFunds()
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/shared/MarketFees.sol#L98
A function has a natspec comment to explain utility about function or parameter but all natspec comment params is missing.
So i suggest to add natspec comment for all parameter.
#4 Missing natspec comment all param in getFees()
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/shared/MarketFees.sol#L385
A function has a natspec comment to explain utility about function or parameter but all natspec comment params is missing.
So i suggest to add natspec comment for all parameter.
#5 Missing indexed field
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/shared/MarketFees.sol#L71
Each event should use three indexed fields if there are three or more fields. add indexed in buyReferrer..
#6 Similiar name function()
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/libraries/ArrayLibrary.sol#L13-L28
there have two same function with similiar param, so we suggest to choose one of the function anda remove unused one.
#7 Remove unused code
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/nftDropMarket/NFTDropMarketFixedPriceSale.sol#L303
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/NFTDropCollection.sol#L253
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/mixins/collections/SequentialMintCollection.sol#L108
remove all unused code in contract before deploy the contract to increase readibility and saving gas fee.
#8 Unnecessary unchecked for 0.8.0 above
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/NFTDropCollection.sol#L174
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/NFTDropCollection.sol#L183
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/NFTDropCollection.sol#L276
https://github.com/code-423n4/2022-08-foundation/blob/792e00df429b0df9ee5d909a0a5a6e72bd07cf79/contracts/NFTCollection.sol#L265
According to Solidity documentation:
Prior to Solidity 0.8.0, arithmetic operations would always wrap in case of under- or overflow leading to widespread use of libraries that introduce additional checks. Since Solidity 0.8.0, all arithmetic operations revert on over- and underflow by default, thus making the use of these libraries unnecessary.
The text was updated successfully, but these errors were encountered: