HickupHH3
commented
2 years ago L02 - withdraw() may run out of gas if contracts code of underliying assets would changed in future Internal functions that withdraw assets _transferERC20sOut, _transferERC721sOut, _transferFloorsOut could only run through all transferring assets in one cycle. If some contracts of transferring assets were updated in future and their transfer would cost more gas, this could lead to inability to withdraw user assets.
Recommendation: Add functionality that allows withdrawing specific assets apart from a batch.
dup of #227
Judge has assessed an item in Issue #358 as Medium risk. The relevant finding follows: