QA Report

[code423n4]

See the markdown file with the details of this report here.

[GalloDaSballo]

[01] Emit events before external calls

NC

[02] gasLimit should be uint64 instead of uint256

R

[03] Unsafe casts

Disagree for those instances, feel free to send an instance to me or sponsor if you can prove eit

[04] Pragma float

NC

[05] Avoid hardcoding OpenZeppelin contracts

R

[06] Lack of checks-effects-interactions in MsgValueSimulator.fallback()

R because implementation is knwon

[07] Prevent immutableDataStorage from receiving address zero

L

[08] ContractDeployer.forceDeployOnAddress() could be private instead of external with onlySelf

[09] v == 27 && v == 28 check is no longer needed:

R

[10] Add and event for functions involving parameter changes

NC

[11] Check for stale values on setter functions that emit an event

R

[12] Lack of old and new value for events related to parameter updates

NC

[13] Replace assert with require or custom error

NC

[14] Usage of return named variables and explicit values

R

[15] Missing NATSPEC

NC

[16] Order of functions

NC

[17] Add a limit for the maximum number of characters per line

NC

[18] Repeated validation statements

R

[19] Replace exponentiation with type(uint).max for multiples of 2

NC

[20] Named imports can be used

NC

[21] Imports can be group together

NC

[22] Contract can be renamed

NC

[23] Can use ternary

R

[24] Downcasting can be reused

R

[GalloDaSballo]

1L 9R 12 NC

[c4-judge]

GalloDaSballo marked the issue as grade-a