Virtual Topaz Beaver - [I-1] Licensing conflict on inherited dependencies

[sherlock-admin3]

Virtual Topaz Beaver

Low/Info

[I-1] Licensing conflict on inherited dependencies

Location: [File name and line numbers]

• https://github.com/transmissions11/solmate/blob/c892309933b25c03d32b1b0d674df7ae292ba925/src/utils/SafeTransferLib.sol#L1-L2
• https://github.com/sherlock-audit/2024-07-sense-points-marketplace/blob/main/point-tokenization-vault/contracts/PointTokenVault.sol#L1

Description

The version of Solmate contracts depended in the Point Tokenization Vault repository on are AGPL Licensed, making our repository adopt the same license. This license is incompatible with the currently UNLICENSED Rumpel related contracts.

Impact

Recommended mitigation

1. Consider the later versions of Solmate which have updated licensing.
2. Consider applying AGPL license to Rumpel.

[sherlock-admin2]

The protocol team fixed this issue in the following PRs/commits: https://github.com/sense-finance/point-tokenization-vault/pull/40 https://github.com/sense-finance/rumpel-wallet/pull/7

[sherlock-admin2]

The Lead Senior Watson signed off on the fix.