Upgradeable contract is missing a __gap[50] storage variable to allow for new storage variables in later versions
See this link for a description of this storage variable. While some contracts may not currently be sub-classed, adding the variable now protects against forgetting to add it in the future.
Use a solidity version of at least 0.8.4 to get bytes.concat() instead of abi.encodePacked(<bytes>,<bytes>)
Use a solidity version of at least 0.8.12 to get string.concat() instead of abi.encodePacked(<str>,<str>)
/// @dev Virtual function, should return the `payload` to use in {FlashEscrow}'s constructor
/// @param _idx The index of the NFT that's going to be sent to the {FlashEscrow} instance
function _encodeFlashEscrowPayload(uint256 _idx)
internal
view
virtual
returns (bytes memory);
/// @dev Normalizes `blockNumber` to fit within the bounds of an epoch.
/// This is done to ensure that no rewards are distributed for staking outside of an epoch without modifying the reward logic.
/// For example:
/// `blockNumber` is 1100, the epoch's `endBlock` is 1000. In this case the function would return 1000. If this value were to be used
/// in the {_updatePool} function, where the pool's `lastRewardBlock` is 990, only the rewards from block 990 to block 1000 would be distributed
/// @return Normalized `blockNumber`
function _normalizeBlockNumber(uint256 blockNumber)
internal
view
returns (uint256)
/// @dev Updates `msg.sender`'s claimable rewards by adding pending rewards from `_pid`
/// @param _pid The pool to withdraw rewards from
function _withdrawReward(uint256 _pid) internal returns (uint256) {
/// @dev The {transferPunk} function is used as the escrow's payload.
/// @param _idx The index of the punk that's going to be transferred using {NFTEscrow}
function _encodeFlashEscrowPayload(uint256 _idx)
internal
view
override
returns (bytes memory)
/// @dev The {giftRock} function is used as the escrow's payload.
/// @param _idx The index of the rock that's going to be transferred using {NFTEscrow}
function _encodeFlashEscrowPayload(uint256 _idx)
internal
view
override
returns (bytes memory)
Missing: @return
Event is missing indexed fields
Each event should use three indexed fields if there are three or more fields
/// This is an alternative to the classic "reservation" method, which requires users to call 3 functions in a specifc order (making the process non atomic)
Low Risk Issues
Missing checks for
address(0x0)
when assigning values toaddress
state variablesUpgradeable contract is missing a
__gap[50]
storage variable to allow for new storage variables in later versionsSee this link for a description of this storage variable. While some contracts may not currently be sub-classed, adding the variable now protects against forgetting to add it in the future.
Non-critical Issues
public
functions not called by the contract should be declaredexternal
insteadContracts are allowed to override their parents' functions and change the visibility from
external
topublic
.constant
s should be defined rather than using magic numbersUse a more recent version of solidity
Use a solidity version of at least 0.8.4 to get
bytes.concat()
instead ofabi.encodePacked(<bytes>,<bytes>)
Use a solidity version of at least 0.8.12 to getstring.concat()
instead ofabi.encodePacked(<str>,<str>)
Use scientific notation (e.g.
1e18
) rather than exponentiation (e.g.10**18
)Non-library/interface files should use fixed compiler versions, not floating ones
File is missing NatSpec
NatSpec is incomplete
File: contracts/escrow/NFTEscrow.sol (lines 56-62)
Missing:
@return
File: contracts/vaults/yVault/Controller.sol (lines 24-25)
Missing:
@param _jpeg
File: contracts/vaults/yVault/yVault.sol (lines 37-49)
Missing:
@param _availableTokensRate
File: contracts/farming/yVaultLPFarming.sol (lines 175-177)
Missing:
@return
File: contracts/farming/LPFarming.sol (lines 260-269)
Missing:
@param blockNumber
File: contracts/farming/LPFarming.sol (lines 313-315)
Missing:
@return
File: contracts/helpers/CryptoPunksHelper.sol (lines 94-100)
Missing:
@return
File: contracts/helpers/EtherRocksHelper.sol (lines 99-105)
Missing:
@return
Event is missing
indexed
fieldsEach
event
should use threeindexed
fields if there are three or more fieldsThe
nonReentrant
modifier
should occur before all other modifiersThis is a best-practice to protect against reentrancy in other modifiers
Typos
File: contracts/escrow/NFTEscrow.sol (line 30)
specifc
File: contracts/vaults/NFTVault.sol (line 117)
isntead
File: contracts/vaults/NFTVault.sol (line 625)
postition
File: contracts/vaults/NFTVault.sol (line 673)
Whereter
File: contracts/vaults/FungibleAssetVaultForDAO.sol (line 50)
everytime
File: contracts/vaults/yVault/Controller.sol (line 128)
constract