Skip to content

Latest commit

 

History

History
93 lines (57 loc) · 5.85 KB

nogo-Q.md

File metadata and controls

93 lines (57 loc) · 5.85 KB
Raw

QA

[L-01] Documentation and code mismatch

The documentation is stating that a borrower can take up to 5 loans against the same NFT, but the code is not limiting the borrower. Considering adding a check to limit the number of loans or update the documentation.

[L-02] init method is callable multiple times

Upgradable contracts should be initialized only once. Consider adding a check to prevent multiple calls to the init method. Even if the method is technically not callable by anyone and it is setting the delegate address and the allow list. It is still a good practice to add a check to prevent multiple calls.

[L-03] Open TODOs

Code architecture, incentives, and error handling/reporting questions/issues should be resolved before deployment.

// check for rounding error since we round down in previewRedeem.

[L-04] Useless casting

ERC20 tokenContract = ERC20(tokenAddress);

[L-05] Prefer external over public for function not called internally by the contract

[L-06] Follow the order layout in contract

As mentioned in solidity documention, it is recommended to follow the order layout in contract.

  1. Type declarations
  2. State variables
  3. Events
  4. Modifiers
  5. Functions

[N-01] NATSPEC IS MISSING

NatSpec is missing for some functions.

[N-02] Using switch statement instead of if-else

Considering the number of conditions, it is recommended to use switch statement instead of if-else.

[N-03] Use pure instead of view for functions that do not read from storage

[N-04] Remove functions that are not used

[N-05] Pragma experimental abiencoderV2 is deprecated

Use pragma abicoder v2 instead

[N-06] require()/revert() statements should have descriptive reason strings