HardlyDifficult
commented
2 years ago Nice improvements to consider.
Open code423n4 opened 2 years ago
HardlyDifficult
commented
2 years ago Nice improvements to consider.
L01 - Lack of event emitting after sensitive actions
Contracts do not emit relevant events after setting sensitive variables. Consider emitting events after sensitive changes take place, to facilitate tracking and notify off-chain clients following the contract’s activity in following functions:
https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L485-L488
https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L106-L110
https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L130-L134
https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L148-L152
https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L165-169
N01 - No needed import of SafeMath
N02 - Typos
contracts/NibblVault.sol:125 ///@notice reenterancy guard contracts/NibblVault.sol:152 /// @dev pausablity implemented in factory contracts/NibblVault.sol:200 //curator fee is proportional to the secondary reserve ratio/primaryReseveRatio i.e. initial liquidity added by curator contracts/NibblVault.sol:263 /// @dev Valuation = If current supply is on seconday curve we use secondaryReserveBalance and secondaryReserveRatio to calculate valuation else we use primary reserve ratio and balance contracts/NibblVault.sol:512 /// @notice ERC20s can be accumulated by the underlying ERC721 in the vault as royalty or airdops contracts/Proxy/ProxyBasket.sol:26 This function does not return to its internall call site, it will return directly to the external caller. contracts/Proxy/ProxyVault.sol:26 This function does not return to its internall call site, it will return directly to the external caller.
N03 - Constant naming
Constants should be named with all capital letters with underscores separating words.