QA Report #214
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
1. Use safeTransfer/safeTransferFrom consistently instead of transfer/transferFrom
It is good to add a require() statement that checks the return value of token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silent failures of transfers and affect token accounting in contract.
Instances:
Reference:
This similar medium-severity finding from Consensys Diligence Audit of Fei Protocol.
Recommended Mitigation Steps:
Consider using safeTransfer/safeTransferFrom or require() consistently.
2. USE OF FLOATING PRAGMA
Recommend using fixed solidity version
Instances
All contracts in scope contains floating pragma:
https://github.com/code-423n4/2022-08-fiatdao#files-in-scope
The text was updated successfully, but these errors were encountered: