1. Use safeTransfer/safeTransferFrom consistently instead of transfer/transferFrom
It is good to add a require() statement that checks the return value of token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silent failures of transfers and affect token accounting in contract.
1. Use safeTransfer/safeTransferFrom consistently instead of transfer/transferFrom
It is good to add a require() statement that checks the return value of token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silent failures of transfers and affect token accounting in contract.
Instances:
Reference:
This similar medium-severity finding from Consensys Diligence Audit of Fei Protocol.
Recommended Mitigation Steps:
Consider using safeTransfer/safeTransferFrom or require() consistently.
2. USE OF FLOATING PRAGMA
Recommend using fixed solidity version
Instances
All contracts in scope contains floating pragma: https://github.com/code-423n4/2022-08-fiatdao#files-in-scope