Closed code423n4 closed 1 year ago
Lack of Event
Disagree - AdminRole
and MinterRole
both are just convenience wrappers for the OZ AccessControl implementation. That dependency already emits the required events.
Use fixed pragma
Disagree. We intentionally use a floating pragma in order to make integrating with contracts easier. Other contract developers are looking to interact with our contracts and they may be on a different version than we use. The pragma selected for our contracts is the minimum required in order to correctly compile and function. This way integration is easier if they lag a few versions behind, or if they use the latest but we don't bump our packages frequently enough, and when we do upgrade versions unless there was a breaking solidity change -- it should just swap in by incrementing our npm package version.
See the markdown file with the details of this report here.