Zer0dot
commented
2 years ago The last point is valid and appears to have been pointed out by a lot of folks. However, as it's the OZ audited ERC721 contract, we're leaving it as is.
Open code423n4 opened 2 years ago
Zer0dot
commented
2 years ago The last point is valid and appears to have been pointed out by a lot of folks. However, as it's the OZ audited ERC721 contract, we're leaving it as is.
Frontrun issue: You have a a small frontrun issue in LensHub.sol line 63 that worth mentioning. One can frontrun your init function and then stuck the system since you will not be able to use the function again:
Consider having two steps verification to change owner to avoid human mistakes: LensHub.sol
Recommendation: use one solidity version to avoid not desired code behaviors and more stability.
Fee validation iseue: The fee parameter should not exceed 100%: ModuleGlobals.setTreasuryFee (newTreasuryFee)
In ERC721Enumerable the function _addTokenToAllTokensEnumeration pushes the parameter tokenId to an array without validating if it's already there! (This cases easily leads to high risks scenarios)