QA Report #205
Labels
bug
Something isn't working
grade-b
Q-42
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
QA Issues found
[L-01] Unspecific Compiler Version Pragma
Impact
A known vulnerable compiler version may accidentally be selected or security tools might fall-back to an older compiler version ending up checking a different EVM compilation that is ultimately deployed on the blockchain.
Findings:
Recommendation
Avoid floating pragmas for non-library contracts. It is recommended to pin to a concrete compiler version.
[L-02]
_safeMint()
should be used rather than_mint()
wherever possible.Impact
_mint()
is discouraged in favor of_safeMint()
which ensures that the recipient is either an EOA or implementsIERC721Receiver
.Findings:
Recommendation
Use either OpenZeppelin's or solmate's version of this function.
The text was updated successfully, but these errors were encountered: