Open code423n4 opened 2 years ago
These parameters are set by the Foundation during voting so new value will be carefully verified.
Agree that lack of validation puts more than necessary trust in the CONSTANT_SETTER_ROLE
Informational in nature
Formatting was really off, would recommend the warden to use a Markdown preview tool
Time limit should be greater than >0
If limit is set to 0 then no delay between msgs sent. Or set a constant with a maximum time and then require(newTimeStamp<MAX_TIME)
https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/schain/CommunityLocker.sol#L197)l
Have either a maximum(and any values set should be less as mentioned above ) for values below or ensure that it is >0:
https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/mainnet/MessageProxyForMainnet.sol#L264
[https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/mainnet/MessageProxyForMainnet.sol#L276]
For the above mentioned line(276),it will have implications for :
[https://github.com/skalenetwork/ima-c4-audit/blob/main/contracts/mainnet/MessageProxyForMainnet.sol#L232-L233]
as no gas will be refunded to the user as we don't know whether additionalGasPerMessage is a non-zero value.
Also, here that uses the same variable :
https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/mainnet/MessageProxyForMainnet.sol#L252
Events:
Emit an event for when chains are connected or disconnected. See below :
https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/schain/TokenManagerLinker.sol#L144
[https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/schain/TokenManagerLinker.sol#L164]