Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QA Report #205

Open
code423n4 opened this issue Jun 14, 2022 · 0 comments
Open

QA Report #205

code423n4 opened this issue Jun 14, 2022 · 0 comments
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax

Comments

@code423n4
Copy link
Contributor

Natspec is incomplete

File: NotionalTradeModule.sol line 175

https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/index-coop-notional-trade-module/contracts/protocol/modules/v1/NotionalTradeModule.sol#L175-L196

Missing @return

File: NotionalTradeModule.sol line 352-358

https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/index-coop-notional-trade-module/contracts/protocol/modules/v1/NotionalTradeModule.sol#L352-L358

Missing @return

TYPOS

File: NotionalTradeModule.sol line 215

* @dev MANGER ONLY: Initialize given SetToken with initial list of registered fCash positions

MANGER instead of MANAGER

File: NotionalTradeModule.sol line 416

* @dev Alo adjust the components / position of the set token accordingly

Alo Instead of Also

File: NotionalTradeModule.sol line 455

     * @dev Alo adjust the components / position of the set token accordingly

Alo Instead of Also

File: NotionalTradeModule.sol line 111

    // Mapping for a set token, wether or not to redeem to underlying upon reaching maturity

wether instead of Whether

Lack of consistency in using uint256 and uint

some variables have been declared using uint while others are explicitly using uint256. I suggest sticking to one as they both mean the same thing
Function _getFCashPositions uses both uint and uint256 and also majority of the other variables in the contract are using uint256

line 602-603

        uint positionsLength = positions.length;
        uint numFCashPositions;

Then inside the loop within this function we use uint256

        for(uint256 i = 0; i < positionsLength; i++) {

Also outside this function most of the other variables are using uint256

Lock pragmas to specific compiler version

Contracts should be deployed with the same compiler version and flags that they have been tested the most with. Locking the pragma helps ensure that contracts do not accidentally get deployed using, for example, the latest compiler which may have higher risks of undiscovered bugs. Contracts may also be deployed by others and the pragma indicates the compiler version intended by the original authors.

File: wfCashERC4626.sol line 2

pragma solidity ^0.8.0;
@code423n4 code423n4 added bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax labels Jun 14, 2022
code423n4 added a commit that referenced this issue Jun 14, 2022
@code423n4
c3phas issue #205
101ebf3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@code423n4