Omniscia rain protocol Audit

RedeemableERC20 Manual Review Findings

RER-01M: Inexplicable Status Restriction

Type	Severity	Location
Logical Fault		RedeemableERC20.sol:L111

Description:

The RedeemableERC20 contract enforces the SENDER status to imply RECEIVER as well, however, this may not be true in case the transfers are frozen at a later date at which an address may possess a balance that was sent prior to the freeze operation.

Example:

contracts/redeemableERC20/RedeemableERC20.sol

109/// Bits for a receiver.
110uint256 private constant RECEIVER = 0x1;
111/// Bits for a sender. Sender is also receiver.
112uint256 private constant SENDER = 0x3;

Recommendation:

We advise this trait of the system to be re-evaluated and potentially to only use the 10 bit flag as the SENDER of assets.

Alleviation:

The 10 bit is now utilized by the SENDER representation (0x2) thereby alleviating this exhibit.

Omniscia rain protocol Audit

RedeemableERC20 Manual Review Findings

RedeemableERC20 Manual Review Findings

RER-01M: Inexplicable Status Restriction

Description:

Example:

Recommendation:

Alleviation:

RainVM.sol (RVM-M)

RedeemableERC20ClaimEscrow.sol (REE-M)

On this page