Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release/v2.1.0 #871

Merged
merged 33 commits into from
Aug 30, 2024

v2.1.0

0b87627
Select commit
Loading
Failed to load commit list.
Merged

Release/v2.1.0 #871

v2.1.0
0b87627
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Slither succeeded Aug 30, 2024 in 8s

41 new alerts including 14 low severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 14 low

Other Alerts:

  • 27 warnings

See annotations below for details.

View all branch alerts.

Annotations

Check notice on line 39 in contracts/accesslists/AccessList.sol

See this annotation in the file changed.

Code scanning / Slither

Local variable shadowing Low

AccessList.constructor(string,string)._symbol shadows:
- ERC721._symbol (state variable)

Check notice on line 39 in contracts/accesslists/AccessList.sol

See this annotation in the file changed.

Code scanning / Slither

Local variable shadowing Low

AccessList.constructor(string,string)._name shadows:
- ERC721._name (state variable)

Check warning on line 77 in contracts/accesslists/AccessList.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter AccessList.mint(address,string)._tokenURI is not in mixedCase

Check warning on line 85 in contracts/accesslists/AccessList.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter AccessList.batchMint(address[],string[])._tokenURI is not in mixedCase

Check notice on line 25 in contracts/rewards/Booster.sol

See this annotation in the file changed.

Code scanning / Slither

Local variable shadowing Low

Booster.constructor(string,string,uint256)._symbol shadows:
- ERC721._symbol (state variable)

Check notice on line 25 in contracts/rewards/Booster.sol

See this annotation in the file changed.

Code scanning / Slither

Local variable shadowing Low

Booster.constructor(string,string,uint256)._name shadows:
- ERC721._name (state variable)

Check warning on line 62 in contracts/rewards/Booster.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter Booster.createBoost(address,string)._tokenURI is not in mixedCase

Check warning on line 70 in contracts/rewards/Booster.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter Booster.batchCreateBoosts(address[],string[])._tokenURI is not in mixedCase

Check warning on line 82 in contracts/rewards/Booster.sol

See this annotation in the file changed.

Code scanning / Slither

Dead-code Warning

Booster._burn(uint256) is never used and should be removed

Check warning on line 45 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Constant ERC20Template4._decimals is not in UPPER_CASE_WITH_UNDERSCORES

Check warning on line 64 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Struct ERC20Template4.fixedRate is not in CapWords

Check warning on line 77 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Struct ERC20Template4.providerFee is not in CapWords

Check warning on line 83 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Struct ERC20Template4.consumeMarketFee is not in CapWords

Check notice on line 346 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Check warning on line 358 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.createDispenser(address,uint256,uint256,bool,address)._dispenser is not in mixedCase

Check notice on line 525 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Reentrancy vulnerabilities Low

Reentrancy in ERC20Template4.startOrder(address,uint256,ERC20Template4.providerFee,ERC20Template4.consumeMarketFee):
External calls:
- _pullUnderlying(publishMarketFeeToken,msg.sender,publishMarketFeeAddress,publishMarketFeeAmount)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- _pullUnderlying(_consumeMarketFee.consumeMarketFeeToken,msg.sender,_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeAmount)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- _checkProviderFee(_providerFee)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- IERC20(_providerFee.providerFeeToken).safeTransfer(_providerFee.providerFeeAddress,providerCut)
- IERC20(_providerFee.providerFeeToken).safeTransfer(IFactoryRouter(router).getOPCCollector(),OPCcut)
External calls sending eth:
- _pullUnderlying(publishMarketFeeToken,msg.sender,publishMarketFeeAddress,publishMarketFeeAmount)
- (success,returndata) = target.call{value: value}(data)
- _pullUnderlying(_consumeMarketFee.consumeMarketFeeToken,msg.sender,_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeAmount)
- (success,returndata) = target.call{value: value}(data)
- _checkProviderFee(_providerFee)
- (success,returndata) = target.call{value: value}(data)
State variables written after the call(s):
- burn(amount)
- _totalSupply -= amount

Check notice on line 525 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Reentrancy vulnerabilities Low

Reentrancy in ERC20Template4.startOrder(address,uint256,ERC20Template4.providerFee,ERC20Template4.consumeMarketFee):
External calls:
- _pullUnderlying(publishMarketFeeToken,msg.sender,publishMarketFeeAddress,publishMarketFeeAmount)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- _pullUnderlying(_consumeMarketFee.consumeMarketFeeToken,msg.sender,_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeAmount)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- _checkProviderFee(_providerFee)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- IERC20(_providerFee.providerFeeToken).safeTransfer(_providerFee.providerFeeAddress,providerCut)
- IERC20(_providerFee.providerFeeToken).safeTransfer(IFactoryRouter(router).getOPCCollector(),OPCcut)
External calls sending eth:
- _pullUnderlying(publishMarketFeeToken,msg.sender,publishMarketFeeAddress,publishMarketFeeAmount)
- (success,returndata) = target.call{value: value}(data)
- _pullUnderlying(_consumeMarketFee.consumeMarketFeeToken,msg.sender,_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeAmount)
- (success,returndata) = target.call{value: value}(data)
- _checkProviderFee(_providerFee)
- (success,returndata) = target.call{value: value}(data)
Event emitted after the call(s):
- ProviderFee(_providerFee.providerFeeAddress,_providerFee.providerFeeToken,_providerFee.providerFeeAmount,_providerFee.providerData,_providerFee.v,_providerFee.r,_providerFee.s,_providerFee.validUntil)
- _checkProviderFee(_providerFee)
- Transfer(account,address(0),amount)
- burn(amount)

Check notice on line 525 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Check notice on line 525 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Reentrancy vulnerabilities Low

Reentrancy in ERC20Template4.startOrder(address,uint256,ERC20Template4.providerFee,ERC20Template4.consumeMarketFee):
External calls:
- _pullUnderlying(publishMarketFeeToken,msg.sender,publishMarketFeeAddress,publishMarketFeeAmount)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
- _pullUnderlying(_consumeMarketFee.consumeMarketFeeToken,msg.sender,_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeAmount)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed)
- IERC20(erc20).safeTransferFrom(from,to,amount)
- (success,returndata) = target.call{value: value}(data)
External calls sending eth:
- _pullUnderlying(publishMarketFeeToken,msg.sender,publishMarketFeeAddress,publishMarketFeeAmount)
- (success,returndata) = target.call{value: value}(data)
- _pullUnderlying(_consumeMarketFee.consumeMarketFeeToken,msg.sender,_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeAmount)
- (success,returndata) = target.call{value: value}(data)
Event emitted after the call(s):
- ConsumeMarketFee(_consumeMarketFee.consumeMarketFeeAddress,_consumeMarketFee.consumeMarketFeeToken,_consumeMarketFee.consumeMarketFeeAmount)

Check warning on line 467 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.startOrder(address,uint256,ERC20Template4.providerFee,ERC20Template4.consumeMarketFee)._providerFee is not in mixedCase

Check warning on line 468 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.startOrder(address,uint256,ERC20Template4.providerFee,ERC20Template4.consumeMarketFee)._consumeMarketFee is not in mixedCase

Check warning on line 537 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.reuseOrder(bytes32,ERC20Template4.providerFee)._providerFee is not in mixedCase

Check warning on line 555 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.addMinter(address)._minter is not in mixedCase

Check warning on line 566 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.removeMinter(address)._minter is not in mixedCase

Check warning on line 577 in contracts/templates/ERC20Template4.sol

See this annotation in the file changed.

Code scanning / Slither

Conformance to Solidity naming conventions Warning

Parameter ERC20Template4.addPaymentManager(address)._paymentManager is not in mixedCase