Open code423n4 opened 2 years ago
this can be bumped to medium severity: [L01] Define MAX_FEE: https://github.com/code-423n4/2022-05-cally-findings/issues/48
Per the C4 guidance "part of auditing is demonstrating proper theory of how an issue could be exploited" and that does not seem to be explored here as it was in the primary report.
Low Critical
[L01] Define
MAX_FEE
:Use
MAX_FEE
to ensure users that protocol won't use100%
exercise fee.Recommended Mitigation Steps:
Define preferable
MAX_FEE
in contract:and use it in
setFee()
:Non Critical
[N01]
durationDays
isuint8
so it supports days up to255
:If a user wants more duration than 255 days, she can't set it.
Recommended Mitigation Steps:
Use bigger
uint
fordurationDays
.[N02] Typos in comments:
Change
OVVERIDES
toOVERRIDES
: