Platform: Code4rena
Start Date: 20/09/2022
Pot Size: $100,000 USDC
Total HM: 4
Participants: 109
Period: 7 days
Judge: GalloDaSballo
Id: 163
League: ETH
Rank: 74/109
Findings: 1
Award: $55.20
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0x52, 0x5rings, 0xNazgul, 0xRobocop, 0xSmartContract, 0xdeadbeef, 0xsanson, 8olidity, Amithuddar, Aymen0909, B2, B353N, CertoraInc, Ch_301, Chom, CodingNameKiki, Deivitto, ElKu, Funen, JC, JohnnyTime, Kresh, Lambda, Noah3o6, RaymondFam, ReyAdmirado, RockingMiles, Rolezn, Sm4rty, SuldaanBeegsi, Tadashi, TomJ, Tomio, V_B, Waze, __141345__, a12jmx, ak1, arcoun, asutorufos, aviggiano, berndartmueller, bharg4v, bin2chen, brgltd, bulej93, c3phas, catchup, cccz, ch0bu, cryptonue, cryptphi, csanuragjain, delfin454000, devtooligan, djxploit, durianSausage, eighty, erictee, exd0tpy, fatherOfBlocks, giovannidisiena, hansfriese, ignacio, joestakey, ladboy233, lukris02, m9800, malinariy, martin, minhtrng, obront, oyc_109, pedr02b2, pedroais, pfapostol, philogy, prasantgupta52, rbserver, ronnyx2017, rotcivegaf, rvierdiiev, sach1r0, shung, simon135, throttle, tnevler, tonisives, wagmi, yixxas, zkhorse, zzykxx, zzzitron
55.1985 USDC - $55.20
_mint() is discouraged in favor of _safeMint() which ensures that the recipient is either an EOA or implements IERC721Receiver. Both open OpenZeppelin and solmate have versions of this function so that NFTs aren’t lost if they’re minted to contracts that cannot transfer them back out.
src/Goo.sol:102: _mint(to, amount); src/ArtGobblers.sol:356: _mint(msg.sender, gobblerId); src/ArtGobblers.sol:389: _mint(msg.sender, gobblerId); src/ArtGobblers.sol:469: _mint(msg.sender, gobblerId); src/Pages.sol:211: _mint(msg.sender, pageId); src/Pages.sol:251: for (uint256 i = 0; i < numPages; i++) _mint(community, ++lastMintedPageId); lib/solmate/src/tokens/ERC721.sol:194: _mint(to, id); lib/solmate/src/tokens/ERC721.sol:209: _mint(to, id);
Use _safeMint() instead of _mint().
Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.
src/Goo.sol:2:pragma solidity >=0.8.0; src/utils/rand/ChainlinkV1RandProvider.sol:2:pragma solidity >=0.8.0; src/utils/GobblerReserve.sol:2:pragma solidity >=0.8.0; src/utils/token/GobblersERC721.sol:2:pragma solidity >=0.8.0; src/utils/token/GobblersERC1155B.sol:2:pragma solidity >=0.8.0; src/utils/token/PagesERC721.sol:2:pragma solidity >=0.8.0; src/ArtGobblers.sol:2:pragma solidity >=0.8.0; src/Pages.sol:2:pragma solidity >=0.8.0; script/deploy/DeployRinkeby.s.sol:2:pragma solidity >=0.8.0; script/deploy/DeployBase.s.sol:2:pragma solidity >=0.8.0; lib/goo-issuance/src/LibGOO.sol:2:pragma solidity >=0.8.0; lib/solmate/src/utils/LibString.sol:2:pragma solidity >=0.8.0; lib/solmate/src/utils/FixedPointMathLib.sol:2:pragma solidity >=0.8.0; lib/solmate/src/utils/SignedWadMath.sol:2:pragma solidity >=0.8.0; lib/solmate/src/utils/MerkleProofLib.sol:2:pragma solidity >=0.8.0; lib/solmate/src/auth/Owned.sol:2:pragma solidity >=0.8.0; lib/solmate/src/tokens/ERC721.sol:2:pragma solidity >=0.8.0; lib/VRGDAs/src/LogisticToLinearVRGDA.sol:2:pragma solidity >=0.8.0; lib/VRGDAs/src/LinearVRGDA.sol:2:pragma solidity >=0.8.0; lib/VRGDAs/src/VRGDA.sol:2:pragma solidity >=0.8.0; lib/VRGDAs/src/LogisticVRGDA.sol:2:pragma solidity >=0.8.0;
Recommend using fixed solidity version
https://code4rena.com/reports/2022-04-phuture#g-20-use-a-more-recent-version-of-solidity
#0 - GalloDaSballo
2022-10-06T18:53:24Z
_safeMint() should be used rather than _mint() wherever possible 1L
Avoid using Floating Pragma: NC
Would 100% close with new rules