Serveral functions of the contracts does not emit relevant events after executing the sensitive actions of changing various critical parameters, includes:
Factory.sol
setMinLicenseFee()
setAuctionDecrement()
setAuctionMultiplier()
setBondPercentDiv()
setOwnerSplit()
Auction.sol
killAuction()
Basket.sol
publishNewIndex() for new pendingWeights
changeLicenseFee() for new pendingLicenseFee
changePublisher() for new pendingPublisher
Recommended Mitigation Steps
Consider emitting events after sensitive changes take place, to facilitate tracking and notify off-chain clients following the contract’s activity.
GalloDaSballo
commented
2 years ago
Handle
WatchPug
Vulnerability details
Serveral functions of the contracts does not emit relevant events after executing the sensitive actions of changing various critical parameters, includes:
Factory.solAuction.solBasket.solRecommended Mitigation Steps
Consider emitting events after sensitive changes take place, to facilitate tracking and notify off-chain clients following the contract’s activity.