search

code-423n4 / 2022-06-notional-coop-findings

1 stars 1 forks source link

QA Report #190

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

QA Report

[L-01] Inconsistent and outdated compiler versions

Using a floating pragma might result in contracts being deployed with a version they were not tested with and might result in bugs that affect the contracts system negatively. In addition, older compilers might be susceptible to some bugs. A list of known compiler bugs and their severity can be found here: https://etherscan.io/solcbuginfo

Locking the pragma helps ensuring that contracts do not accidentally get deployed using an outdated compiler version or a version it was not tested with. We recommend changing the solidity version pragma to the latest version to enforce the use of an up-to-date compiler.

Outdated - https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/index-coop-notional-trade-module/contracts/protocol/modules/v1/NotionalTradeModule.sol#L19 Floating pragma - https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/wfCashERC4626.sol#L2 Inconsistent - https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/wfCashBase.sol#L2

[L-02] Missing zero address check

If parameter is accidentally set to zero the contract will have to be redeployed

https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/proxy/WrappedfCashFactory.sol#L18 https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/index-coop-notional-trade-module/contracts/protocol/modules/v1/NotionalTradeModule.sol#L140-L141