2 Lock pragmas to specific compiler version. Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.
2022-04-phuture
1 missing validation for array lengths in initialize. The length of the input _assets and _capitalizations must be the same.
https://github.com/code-423n4/2022-04-phuture/blob/main/contracts/TrackedIndex.sol#L25-L27
You can add the following require statement.
require(_assets.length == _capitalizations.length, “error message”);
2 Lock pragmas to specific compiler version. Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.
pragma solidity 0.8.7;
3 missing validation for _amount in transfer.
https://github.com/code-423n4/2022-04-phuture/blob/main/contracts/libraries/NAV.sol#L22
require(_amount != 0, “error message”);