Omniscia LOC Game Audit

NFT Implementation Security Audit

We were tasked with auditing the NFT codebase of the LOC Game company implementing a minter-controlled supply of NFTs each belonging to a particular collection.

Over the course of the audit, we were unable to observe any severe vulnerability, however, we did observe two security malpractices that can be solved rendering the codebase up to date with the latest security standards.

Additionally, we identified multiple optimizations that can be applied which we urge the LOC Game team to consider integrating in the codebase.

Files in Scope	Repository	Commit(s)
LOCAccess.sol (LOC)	erc721-loc-test-token	67f890b5dc, ee4d6b6567
LOCGamePlayNFT.sol (LOG)	erc721-loc-test-token	67f890b5dc, ee4d6b6567
LOCOZExtension.sol (LOO)	erc721-loc-test-token	67f890b5dc, ee4d6b6567

During the audit, we filtered and validated a total of 1 findings utilizing static analysis tools as well as identified a total of 7 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.

The list below covers each segment of the audit in depth and links to the respective chapter of the report:

NFT Implementation Security Audit

Compilation