Omniscia Alliance Block Audit
WrappedERC721 Static Analysis Findings
WrappedERC721 Static Analysis Findings
WER-01S: Inexistent Application of CEI Pattern
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | WrappedERC721.sol:L45-L46 |
Description:
The linked code does not properly apply the Checks-Effects-Interactions (CEI) pattern and as such can result in an NFT being minted to a user and utilized with an inexistent tokenURI.
Example:
contracts/WrappedERC721.sol
34/**35 * @notice Mints a number of tokens at once36 * @param to_ Receiver address37 * @param tokenIds_ Array of token IDs38 * @param tokenURIs_ Array of corresponding token URIs39 */40function batchMint(address to_, uint256[] calldata tokenIds_, string[] calldata tokenURIs_)41 external onlyOwner42{43 require(tokenIds_.length == tokenURIs_.length, "WrappedERC721: wrong batchMint parameters");44 for (uint256 i = 0; i < tokenIds_.length; i++) {45 super._safeMint(to_, tokenIds_[i]);46 _tokenURIs[tokenIds_[i]] = tokenURIs_[i];47 }48}Recommendation:
We advise the pattern to be applied properly here by first setting the URI and then minting the NFT to the user to ensure a consistent contract state.
Alleviation:
The CEI pattern is now properly conformed to by minting the NFT after the URI has been set.
WER-02S: Unoptimized Function Visibilities
| Type | Severity | Location |
|---|---|---|
| Gas Optimization |  | WrappedERC721.sol:L82, L87 |
Description:
The linked functions can be declared as external since they are not utilized internally within the contract or any children that inherit from it.
Example:
contracts/WrappedERC721.sol
81/// @notice Pauses the contract82function pause() public onlyOwner {83 super._pause();84}85
86/// @notice Unpauses the contract87function unpause() public onlyOwner {88 super._unpause();89}Recommendation:
We advise them to be set so to optimize their gas cost.
Alleviation:
Both functions have been correctly set as external.