Open code423n4 opened 2 years ago
Lack emit event after rescueERC20()
There is no problem because the Transfer Event of the specified ERC20 fires.
Typo error
Thank you for noticing the typo!
Consider using inheritance when using upgradeable contracts
We agree. We also think that if it can be inherited, and it should be inherited. For this time, the reason why we did not inherit FiatTokenV1 in FiatTokenV2 is because we want to add the "whitelist" check into the existing functions.
QA (Low and NC) report to JPYC by PeritoFlores
Transfer Ownership pattern incomplete implementation
In function
_transferOwnership#Ownable.sol
It seems that you tried to implement two-step ownership transfer to make it safer. It is a good idea to add the function
acceptOwnership()
to complete the pattern.Rescuer uninialitized at FiatTokenV2
In the function
initialize()#FiatTokenV2.sol
rescuer
in never initialized so it is zero at deployment time.Consider calling
updateRescuer()
insideinitialize()
Lack emit event after rescueERC20()
In
rescuer.sol
the functionrescueERC20()
lacks an event emit.Consider adding it
Typo error
At
EIP3009.sol#L227
there is a typo errorIt says "FEIP" instead of "EIP"
Consider using inheritance when using upgradeable contracts
When using upgradeable contracts it is recommended that the new version inherits from previous. One of the reason for that is that you avoid storage collision. A minimum error in the order of parameters on the new version could break the protocol.
Maybe you can consider for the next version something like
contract FiatTokenV3 is FiatTokenV2