Platform: Code4rena
Start Date: 10/02/2022
Pot Size: $100,000 USDC
Total HM: 13
Participants: 21
Period: 7 days
Judge: leastwood
Total Solo HM: 10
Id: 85
League: ETH
Rank: 17/21
Findings: 1
Award: $330.21
🌟 Selected for report: 0
🚀 Solo Findings: 0
I. Missing comments
@param _profileIdByHandleHash.The other parameters have the relevant comments attached to them.Therefore, consider adding for the aforementioned as well.
II. Zero address checks
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/CollectNFT.sol#L29
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/FollowNFT.sol#L48
To prevent accidental deployment to the zero address and the need to redeploy the contract,add a require statement within the constructor.
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/FollowNFT.sol#L69
Prevent tokenIds from being accounted.
#0 - Zer0dot
2022-03-18T17:17:06Z
First point valid, second point not valid, the standard ERC721 internal minting function checks the recipient address against the zero address.
#1 - Zer0dot
2022-03-18T18:03:05Z
First point, as mentioned, is valid, but this will be changed with the fix to #70
#2 - Zer0dot
2022-03-18T19:41:23Z
Resolved in https://github.com/aave/lens-protocol/pull/69