ckoopmann
commented
2 years ago SetProtocol related issues are out of scope.
Closed code423n4 closed 2 years ago
ckoopmann
commented
2 years ago SetProtocol related issues are out of scope.
asutorufo
commented
2 years ago @gzeoneth Hello there quick question. Since one thing is out of scope. (Which is kind of confusing as it shows this: https://i.imgur.com/OMTUbrT.png) But taking a step back the whole submission is invalid? Because let's say my settoken.sol submission is out of scope. The first submission should be valid as it was submitted by another warden in the report that's similar. I'm just making sure to be more clearer through future contest.
gzeoneth
commented
2 years ago @gzeoneth Hello there quick question. Since one thing is out of scope. (Which is kind of confusing as it shows this: https://i.imgur.com/OMTUbrT.png) But taking a step back the whole submission is invalid? Because let's say my settoken.sol submission is out of scope. The first submission should be valid as it was submitted by another warden in the report that's similar. I'm just making sure to be more clearer through future contest.
Sorry you are correct that I should not have invalidated the whole report. I don't think we can change it now unfortunately but then the quality of the other findings is quite low that would score the report in the bottom tier anyway.
L-01 Unspecific Compiler Version Pragma wfCashERC4626.sol L#2 Best to avoid floating pragmas for non-library contracts. A known compiler vulnerability version could be selected.
L-02 Missing checks for
address(0x0)when assigning values to address state variables. SetToken.sol L#171L-03
safeApprove()is deprecated in favor ofsafeIncreasedAllowance()orsafeDecreaseAllowance()wfCashBase.sol L#68%3B)L-04 Unused receive() function will lock Ether in contract. The functions should clal another function otherwise it should revert. [SetToken.sol L#536](https://github.com/code-423n4/2022-06-notional-coop/blob/main/index-coop-notional-trade-module/contracts/protocol/SetToken.sol#:~:text=receive()%20external%20payable%20%7B%7D%20//%20solium%2Ddisable%2Dline%20quotes)
N-01 Event is missing indexed fields Each
eventshould use threeindexedfields if there are three or more fields. WrappedCashFactory.sol L#15 SetToken.sol L#65,75-76N-02
publicfunctions not called by the contract should be declaredexternalinstead. [wfCashBase.sol L#78,103](https://github.com/code-423n4/2022-06-notional-coop/blob/main/notional-wrapped-fcash/contracts/wfCashBase.sol#:~:text=function%20decimals()%20public%20pure%20override%20returns%20(uint8)%20%7B)