QA Report

[code423n4]

1. Common practice in Solidity is to prefix internal and private functions with an underscore (e.g. _internalFunction()). Usage of underscore naming was unconventional and inconsistent throughout the codebase. For example, in Comptroller.sol functions prefixed with underscores included:
   • _setPriceOracle - public function
   • _setCloseFactor - external function
   • _addMarketInternal - internal function It is recommended that a consistent naming pattern is used for functions to improve with readability and communicate clearly what the visibility of the function should be.
2. Parts of the codebase were still a work in progress. Several TODO comments (e.g. 1 and unused variables (e.g. 2) were found throughout the codebase, which made it difficult to establish what was and wasn’t intended functionality.
3. The following typos were identified:
   • canceled → cancelled for proposal type. This should be changed in the struct, as well as the comments and events that reference it https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoInterfaces.sol#L102 and in events and comments
   • arity → parity https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoDelegate.sol#L45

[GalloDaSballo]

_internalFunction

R

TODO

NC

The following typos were identified:

Both are invalid

canceled is fine arity means amount of inputs in nerd-speak

1 R 1 NC