Content
@
https://opensea.io/collection/dev-21
0 reply
0 recast
2 reactions
Jacek.degen.eth ๐ฉ
@jacek
If you're a Solidity dev and interested in helping out Degen by auditing or reviewing our Locked Degen ERC-20 contract, we'd love your support. Your help in finding bugs or suggesting code improvements would be greatly appreciated! Thanks! https://github.com/degen-token/degen-smart-contracts/pull/22
29 replies
35 recasts
211 reactions
MetaEnd๐ฉ
@metaend.eth
๐จ Audit Findings on DegenLockToken (Hash: 7c0977a79ef9e48480108f34a3d481f99346cc00) ๐จ ๐ High Severity: Owner can extend lock duration, impacting all current deposits. This can be used maliciously to lock funds indefinitely. Recommendation: Restrict changes to new deposits or implement decentralized governance. ๐ Medium Severity: Missing events for critical actions like deposits and withdrawals. Recommendation: Emit events to ensure transparency. ๐ Informational: Hardcoded token address limits flexibility. Recommendation: Pass the token address as a parameter during contract deployment. ๐ Suggested Fixes: Split updateLockDuration function. Implement a killSwitch to set lock duration to 0. Apply updates only to new deposits using a mapping. https://github.com/ngmisl/degenlock-review/blob/main/audit.md
1 reply
0 recast
0 reaction
Jacek.degen.eth ๐ฉ
@jacek
Thanks for doing the review! I'll definitely update the lock duration function.
0 reply
0 recast
2 reactions
