Skip to content

Racks-Community/EivissaProject_ClassicAuction

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

78 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

EIVISSA PROJECT OPTIMIZATION

Gas Report Comparation

Previous Improved

Static Analisys with Slither

npx run slither

Reporte:

Red

        Auction.bid(uint256,uint256) (contracts/Auction.sol#31-39) ignores return value by usd.transferFrom(msg.sender,address(this),price) (contracts/Auction.sol#36)
        Auction.addBidder(address,uint256,uint256) (contracts/Auction.sol#63-89) ignores return value by usd.transfer(tmp.wallet,tmp.amount) (contracts/Auction.sol#82)
        EivissaProject.withdraw() (contracts/EivissaProject.sol#175-179) ignores return value by usd.transfer(owner(),usd.balanceOf(address(this))) (contracts/EivissaProject.sol#176)
        Sale.buy(uint256) (contracts/Sale.sol#30-41) ignores return value by usd.transferFrom(msg.sender,address(eivissa),minPrices[id]) (contracts/Sale.sol#35)
        System.finish() (contracts/System.sol#69-72) ignores return value by usd.transfer(address(eivissa),usd.balanceOf(address(this))) (contracts/System.sol#71)
        // Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer

Yellow

        System.onlyHolder() (contracts/System.sol#40-44) uses a dangerous strict equality:
        - mrc.balanceOf(msg.sender) == 0 && isAdmin[msg.sender] == false 
		(contracts/System.sol#41)
        // Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities

        Reentrancy in Auction.bid(uint256,uint256) (contracts/Auction.sol#31-39):
 
                External calls:
                - usd.transferFrom(msg.sender,address(this),price) (contracts/Auction.sol#36)
                - addBidder(msg.sender,price,id) (contracts/Auction.sol#37)
                        - usd.transfer(tmp.wallet,tmp.amount) (contracts/Auction.sol#82)
                State variables written after the call(s):
                - addBidder(msg.sender,price,id) (contracts/Auction.sol#37)
                        - minPrices[id] = bidders[id][bidders[id].length - 1].amount + increment (contracts/Auction.sol#87)
        
        Reentrancy in Sale.buy(uint256) (contracts/Sale.sol#30-41):
        
                External calls:
                - usd.transferFrom(msg.sender,address(eivissa),minPrices[id]) (contracts/Sale.sol#35)
                State variables written after the call(s):
                - ++ (currentSupply[id]) (contracts/Sale.sol#36)
                - userMints[msg.sender] = true (contracts/Sale.sol#38)
        
        Reentrancy in MRCRYPTO.reservedMint(uint256) (contracts/mock/MRC.sol#96-118):
        
                External calls:
                - _safeMint(msg.sender,supply + 1) (contracts/mock/MRC.sol#109)
                        - IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,data) (node_modules/@openzeppelin/contracts/token/ERC721/ERC721.sol#401-412)
                State variables written after the call(s):
                - reservedMints[_tokenId] = true (contracts/mock/MRC.sol#110)
        
        Reentrancy in MRCRYPTO.reservedMint(uint256) (contracts/mock/MRC.sol#96-118):
        
                External calls:
                - _safeMint(msg.sender,supply + 1) (contracts/mock/MRC.sol#115)
                        - IERC721Receiver(to).onERC721Received(_msgSender(),from,tokenId,data) (node_modules/@openzeppelin/contracts/token/ERC721/ERC721.sol#401-412)
                State variables written after the call(s):
                - reservedMints[_tokenId] = true (contracts/mock/MRC.sol#116)
        //Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1

Green

        EivissaProject.setBaseURI(string)._uri (contracts/EivissaProject.sol#149) shadows:
 
        - ERC1155._uri (node_modules/@openzeppelin/contracts/token/ERC1155/ERC1155.sol#30) (state variable)
 
        EivissaProject.setRoyaltyInfo(uint256[3],address).royaltyWallet_ (contracts/EivissaProject.sol#170) lacks a zero-check on :
        
                        - royaltyWallet = royaltyWallet_ (contracts/EivissaProject.sol#172)
        
        Reentrancy in Auction.addBidder(address,uint256,uint256) (contracts/Auction.sol#63-89):
        
                External calls:
                - usd.transfer(tmp.wallet,tmp.amount) (contracts/Auction.sol#82)
                State variables written after the call(s):
                - minPrices[id] = bidders[id][bidders[id].length - 1].amount + increment (contracts/Auction.sol#87)
        // Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2
        
        Reentrancy in Auction.bid(uint256,uint256) (contracts/Auction.sol#31-39):
        
                External calls:
                - usd.transferFrom(msg.sender,address(this),price) (contracts/Auction.sol#36)
                - addBidder(msg.sender,price,id) (contracts/Auction.sol#37)
                        - usd.transfer(tmp.wallet,tmp.amount) (contracts/Auction.sol#82)
                Event emitted after the call(s):
                - auctionEvent(msg.sender,id,price) (contracts/Auction.sol#38)
        
        Reentrancy in Sale.buy(uint256) (contracts/Sale.sol#30-41):
        
                External calls:
                - usd.transferFrom(msg.sender,address(eivissa),minPrices[id]) (contracts/Sale.sol#35)
                - eivissa.mint(msg.sender,id,1) (contracts/Sale.sol#39)
                Event emitted after the call(s):
                - saleEvent(msg.sender,id) (contracts/Sale.sol#40)
        // Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3

        
        Auction.bid(uint256,uint256) (contracts/Auction.sol#31-39) compares to a boolean constant:
                -require(bool,string)(finished == false,Has finished) (contracts/Auction.sol#32)
        Auction.claim(uint256) (contracts/Auction.sol#52-59) compares to a boolean constant:
                -require(bool,string)(finished == true,Not finished) (contracts/Auction.sol#55)
        Auction.addBidder(address,uint256,uint256) (contracts/Auction.sol#63-89) compares to a boolean constant:
                -(newEntered == false && tmp.amount > bidders[id][i].amount) || (newEntered == true && tmp.amount >= bidders[id][i].amount) (contracts/Auction.sol#69-70)
        EivissaProject.isNotPaused() (contracts/EivissaProject.sol#43-46) compares to a boolean constant:
                -isAdmin[msg.sender] == false && paused == true (contracts/EivissaProject.sol#44)
        EivissaProject.isWhitelisted() (contracts/EivissaProject.sol#48-51) compares to a boolean constant:
                -whitelist[msg.sender] == false (contracts/EivissaProject.sol#49)
        EivissaProject.isTransferible() (contracts/EivissaProject.sol#53-56) compares to a boolean constant:
                -transferible == false || isCollab[msg.sender] == true (contracts/EivissaProject.sol#54)
        EivissaProject.onlyAdmin() (contracts/EivissaProject.sol#58-61) compares to a boolean constant:
                -isAdmin[msg.sender] == false (contracts/EivissaProject.sol#59)
        Sale.buy(uint256) (contracts/Sale.sol#30-41) compares to a boolean constant:
                -require(bool)(userMints[msg.sender] == false) (contracts/Sale.sol#33)
        System.isNotPaused() (contracts/System.sol#22-26) compares to a boolean constant:
                -isAdmin[msg.sender] == false && paused == true (contracts/System.sol#23)
        System.onlyAdmin() (contracts/System.sol#28-32) compares to a boolean constant:
                -isAdmin[msg.sender] == false (contracts/System.sol#29)
        System.isWhitelisted() (contracts/System.sol#34-38) compares to a boolean constant:
                -whitelistEnabled == true && whitelist[msg.sender] == false (contracts/System.sol#35)
        System.onlyHolder() (contracts/System.sol#40-44) compares to a boolean constant:
                -mrc.balanceOf(msg.sender) == 0 && isAdmin[msg.sender] == false (contracts/System.sol#41)
        MRCRYPTO.reservedMint(uint256) (contracts/mock/MRC.sol#96-118) compares to a boolean constant:
                -require(bool,string)(reservedMints[_tokenId] == false,Token alredy used to mint at reserved price) (contracts/mock/MRC.sol#103)
        MRCRYPTO.tokenURI(uint256) (contracts/mock/MRC.sol#150-156) compares to a boolean constant:
                -revealed == false && tokenId > previousMaxSupply (contracts/mock/MRC.sol#153)
        //Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#boolean-equality

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Solidity 52.7%
  • JavaScript 47.2%
  • Shell 0.1%