GalloDaSballo
commented
1 year ago [L-01] An authorized user can unauthorize other authorized users of the same sender L
[L-02] Lack of reasonable boundaries for cycle secs L
[L-03] Loading a drip configuration with assembly in _getConfig is unsafe I believe that because of the codebase, we'd need more proof to verify this statement From what I'm seeing the add will avoid reading that part of memory, making the operation safe
[L-04] Unused dripId of receiver config is used considered while sorting receivers L
[L-05] Collecting funds should be usable while the DripsHub contract is paused L (per judging of Admin Privilege)
[L-06] An immutable split is unable to collect funds if it has itself set as a split receiver L
[L-07] Precision issues caused by division before multiplication in Drips._drippedAmt Disputing because it will be recovered later
[NC-01] The NatSpec comment of the DripsConfigImpl.lt function neglects to sorting of dripId R
[NC-02] Unused amtPerCycle variable in Drips._drippedAmt calculation R
5L 2R
4L +3 from dups
9L 2R +3
c4-judge
See the markdown file with the details of this report here.