QA Report

[code423n4]

1. Unbounded loops The following contains a for loop that can be unbounded. This would mean it could run out of gas and the function would revert

**Occurrences in: https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L594-L602 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L611-L613 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L627-L629 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L637-L639 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L647-L649 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L658-L660 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L670-L672 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L556-L558 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L742-L747 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L728-L733

**Some recommendations: pull over push strategy for external calls.

2. Missing input validation on array lengths The functions below fail to perform input validation on arrays to verify the lengths match. A mismatch could lead to an exception or undefined behavior.

https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L622-L630 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L657-L661

[HickupHH3]

(1) could have been a dup of #227, but doesn't dive deep enough into the implications of "function would revert".