Skip to content

Instantly share code, notes, and snippets.

@yuriy77k

yuriy77k/ETH_Taverns_report.md Secret

Forked from gorbunovperm/ETH_Taverns_report.md
Created July 5, 2019 19:19
Show Gist options
  • Save yuriy77k/6fa70469824d576623a2b54d9ea8f45f to your computer and use it in GitHub Desktop.
Save yuriy77k/6fa70469824d576623a2b54d9ea8f45f to your computer and use it in GitHub Desktop.
Download ZIP
Taverns security audit report
Raw
ETH_Taverns_report.md

Taverns security audit report

Summary

This is the report from a security audit performed on Taverns by gorbunovperm.

Tavern is a rare and specific digital asset in LORDLESS and it is an ERC-721 token. Most of the interactions in the virtual world are dependent on Tavern.

https://game.lordless.io/taverns

In scope

  1. IPower.sol
  2. ITavern.sol
  3. Power.sol
  4. Tavern.sol
  5. TavernBase.sol

Findings

In total, 1 issue were reported including:

  • 0 high severity issue.

  • 0 medium severity issues.

  • 1 low severity issues.

  • 0 owner privileges.

  • 0 note.

Security issues

1. The length of the input arrays should be compared

Severity: low

Description

Input arrays of functions may have different length by accidentally. This can lead to incorrect sending of funds to many recipients.

Code snippet

Recommendation

Use something like require(_tokenIds.length == _popularitys.length).

Conclusion

There are not serious vulnerabilities were discovered here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment