Open code423n4 opened 1 year ago
0xean marked the issue as grade-b
[L-01] Add constructor initializers
We have a call to initialize()
in the constructors in the contracts mentioned.
Disagree with this vuln
[L-02] initialize() function can be called by anybody
All functions listed are protected by the initializer
or reinitialize
modifier so that this function can only be called once or the n amount of times defined by the reinitialize
modifier
Disagree with this vuln
[L-03] Lack of Input Validation
This function is inteded to be called from the PluginSetupProcessor and has no state modifying implications. Thus no gas wasting validation is needed.
Disagree with this vuln
[L-04] Loss of precision due to rounding
Yeah the ceiling functions we want to ceil or floor the number. The bitmap thingy is copied from Uniswap and works as intended.
Disagree with this vuln.
[N-01] NatSpec comments should be increased in contracts
Our documentation is generated based on the natspec comments. Without proper examples (excluding the testing and example contracts) I don't see space to improve them.
[N-02] Function writing that does not comply with the Solidity Style Guide
Yep we didn't follow fully the solidity coding guide lines
[N-03] Include return parameters in NatSpec comments
Same as N-01
novaknole20 requested judge review
novaknole20 marked the issue as sponsor disputed
See the markdown file with the details of this report here.