harsh
@harsh
100 USDC for running your .sol files through our new tool (swarm.0xmacro.com) to find vulnerabilities, and classify which ones were accurate and which were false positives / irrelevant. @bountybot
11 replies
0 recast
6 reactions
datadanne
@datadanne.eth
I ran a set of contracts (~2500 LOC) that are already deployed through it. It reported 3 medium risk issues, 18 low risk issues, 51 code quality issues and 37 gas optimizations. All three medium risk issues were false positives/irrelevant imo, will reply below with details
2 replies
0 recast
1 reaction
datadanne
@datadanne.eth
1) Centralization issue caused by admin privileges This one feels irrelevant to me, I made an active choice to use an ownable contract. I guess it makes sense that it is a medium risk for users of the project though
1 reply
0 recast
1 reaction
datadanne
@datadanne.eth
2) It's possible to mint to address(0) This is a false positive, there is no mint function that accepts a to argument, it always mints to msg.sender
1 reply
0 recast
1 reaction
datadanne
@datadanne.eth
3) Dangerous use of mint instead of safeMint This is a false positive, the contract has a private function called _mint that is called in two places which is what's reported, but the _mint function calls safeMint.
1 reply
0 recast
1 reaction