QA Report

[howlbot-integration[bot]]

See the markdown file with the details of this report here.

[c4-judge]

Picodes marked the issue as grade-b

[0xSorryNotSorry]

Dear Sir @Picodes,

Thank you for the time to check on this.

With all due respect, I believe this report should be considered to deserve Grade-A when compared to the other A graded reports below which of their items are invalid, inflated(should be NC) or Out Of Scope

For https://github.com/code-423n4/2024-05-arbitrum-foundation-findings/issues/68

Low-1-2-3-6-12-13-20-23-24: Should be deemed as NC as they´re either comments or error messages Low-4-8-24 : Covered in 4naly3er report Low-11-14-16 : Invalid Low-18-19-22: OOS as there is no Gas Pot Non-Criticals - which are not subject to points as per new C4 rules - are submitted and included in the summary without labeling them as "Only Informational"

For https://github.com/code-423n4/2024-05-arbitrum-foundation-findings/issues/66

L-1: Invalid L-3: Invalid as this is enforced by the devs specifically: https://github.com/code-423n4/2024-05-arbitrum-foundation/blob/6f861c85b281a29f04daacfe17a2099d7dad5f8f/src/challengeV2/EdgeChallengeManager.sol#L372-L373 L-4-17: Invalid as this is an admin function and should be treated as safe L-5-9-15: Invalid as this is the intended logic. L-6-8-12-19: Should be deemed as NC as these are based on comments L-7-10-13-14-16-20-22: Invalid L-21: OOS as per the contest readme. it´s always assumed that there will be an honest party

For https://github.com/code-423n4/2024-05-arbitrum-foundation-findings/issues/65

L-2-3: Future Code Speculation which is deemed to be OOS as per the C4 Rubrick L-4: Should be invalid since it's not the protocol's responsibility/interest L-5: Should be deemed as NC as there´s no issue pointed out. L-7: Invalid as Ethereum is the main point of calcs for everything, hence there can be no re-org issue L-9: Invalid as required fees forwarded only L-10: Invalid as this is enforced by the devs specifically: https://github.com/code-423n4/2024-05-arbitrum-foundation/blob/6f861c85b281a29f04daacfe17a2099d7dad5f8f/src/challengeV2/EdgeChallengeManager.sol#L372-L373 L-11: Should be deemed as NC as pausing means a bold upcoming admin action like upgrading

For https://github.com/code-423n4/2024-05-arbitrum-foundation-findings/issues/64

L-01: Invalid as the input is provided here by the admin: https://github.com/code-423n4/2024-05-arbitrum-foundation/blob/6f861c85b281a29f04daacfe17a2099d7dad5f8f/src/rollup/BOLDUpgradeAction.sol#L464-L466 L-02: OOS as there is no Gas Pot L-05-21: Invalid as these are admin functions and should be treated as safe L-06: Invalid as the target is Eth L-04 - 07 - 08 - 09 - 11 - 13 - 15 - 16 - 23 - 27 - 28: Covered in 4naly3er report L-10-20-30: Should be deemed as NC L-22 is duplicate of L-19 L-25 is almost duplicate of L-24 L-26: False Positive as per the context

[CrystallineButterfly]

Hello @0xSorryNotSorry

Respectfully I do not agree that the majority of my report (https://github.com//issues/68) is non critical. There's a lot more value in my suggestions than you are claiming. I claim the majority are useful, low and the grade A is valid. With more validity given the comparative reports. As I do not exaggerate my suggestions, or assert false potentials without sufficient proofs.

I of course have to defend my report, meanwhile; the other reports are good. And I just asked to see mine with more clarity.

[c4-judge]

Picodes marked the issue as grade-a

[Picodes]

@0xSorryNotSorry my main reason for giving grade-b to this report was that to me a lot of issues here are also NC (basically all issues suggesting to adding safety measures like address(0) checks, 2 step ownership, empty bytes, etc)

[0xSorryNotSorry]

Thank you for the consideration and for your time sir @Picodes,

I definitely understand your point. That's why I didn't try to invalidate fellow wardens' reports, with all respect, as they had the similar issues and sometimes more invalids then valids.