{"componentChunkName":"component---node-modules-rocketseat-gatsby-theme-docs-core-src-templates-docs-query-js","path":"/manual-review/BosonVoucher-BVR","result":{"data":{"mdx":{"id":"8e24d03e-b57e-52cb-976c-276ecb8dadef","excerpt":"BVR-01M: Inexistent Restriction of Approval for Owner Type Severity Location Logical Fault BosonVoucher.sol:L558 ,  L561 Description: The Boson Protocol  PR#57…","fields":{"slug":"/manual-review/BosonVoucher-BVR/"},"frontmatter":{"title":"BosonVoucher Manual Review Findings","description":"Contains all the findings that relate to manual review on the contract codebase","image":null,"disableTableOfContents":null},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n  \"title\": \"BosonVoucher Manual Review Findings\",\n  \"description\": \"Contains all the findings that relate to manual review on the contract codebase\"\n};\nvar layoutProps = {\n  _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n  var components = _ref.components,\n      props = _objectWithoutProperties(_ref, _excluded);\n\n  return mdx(MDXLayout, _extends({}, layoutProps, props, {\n    components: components,\n    mdxType: \"MDXLayout\"\n  }), mdx(\"h2\", {\n    \"id\": \"span-idbvr-01mbvr-01m-inexistent-restriction-of-approval-for-ownerspan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-01mbvr-01m-inexistent-restriction-of-approval-for-ownerspan\",\n    \"aria-label\": \"span idbvr 01mbvr 01m inexistent restriction of approval for ownerspan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-01M\"\n  }, \"BVR-01M: Inexistent Restriction of Approval for Owner\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#logical-fault\"\n  }, \"Logical Fault\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-unknown\",\n    \"src\": \"https://omniscia.io/report-assets/unknown.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L558\"\n  }, \"BosonVoucher.sol:L558\"), \", \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L561\"\n  }, \"L561\"))))), mdx(\"h3\", {\n    \"id\": \"description\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description\",\n    \"aria-label\": \"description permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The Boson Protocol \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/pull/571\"\n  }, \"PR#571\"), \" and specifically \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/pull/571#discussion_r1128748253\"\n  }, \"this thread\"), \" indicates that the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_operator\"), \" being approved should not be the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"OwnableUpgradeable::owner\"), \", however, the function reverts solely if the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_operator\"), \" is the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"address(this)\"), \" value.\"), mdx(\"h3\", {\n    \"id\": \"example\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example\",\n    \"aria-label\": \"example permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={1,4} lineNumbers=true lineOffset=557\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{1,4}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"557\"\n  }, \"function setApprovalForAllToContract(address _operator, bool _approved) external onlyOwner {\\n    require(_operator != address(0), INVALID_ADDRESS);\\n\\n    _setApprovalForAll(address(this), _operator, _approved);\\n}\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation\",\n    \"aria-label\": \"recommendation permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise the Boson Protocol to revisit this particular change and ensure that the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"owner\"), \" of the referenced comment refers to the \\\"owner\\\" of the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-721\"\n  }, \"EIP-721\"), \" vouchers rather than the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"OwnableUpgradeable::owner\"), \".\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c\",\n    \"aria-label\": \"alleviation 2b9f60b6c3323fd234b570089ceff924cdb5851c permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):\"), mdx(\"p\", null, \"The Boson Protocol team clarified that the owner in question is the voucher's owner and as such, the code behaves as expected rendering this exhibit nullified.\"), mdx(\"h2\", {\n    \"id\": \"span-idbvr-02mbvr-02m-potentially-malformed-contract-storage-spacespan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-02mbvr-02m-potentially-malformed-contract-storage-spacespan\",\n    \"aria-label\": \"span idbvr 02mbvr 02m potentially malformed contract storage spacespan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-02M\"\n  }, \"BVR-02M: Potentially Malformed Contract Storage Space\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#language-specific\"\n  }, \"Language Specific\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-unknown\",\n    \"src\": \"https://omniscia.io/report-assets/unknown.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L833\"\n  }, \"BosonVoucher.sol:L833\"))))), mdx(\"h3\", {\n    \"id\": \"description-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description-1\",\n    \"aria-label\": \"description 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC2771ContextUpgradeable\"), \" contract implementation used to reserve one storage slot in its original \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"v4.0.0\"), \" OpenZeppelin implementation and up to \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"v4.4.0\"), \", however, it was updated to make use of \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"immutable\"), \" variables in \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"v4.5.0\"), \" and up thus causing it to no longer require a storage space.\"), mdx(\"p\", null, \"While the dependency itself maintains a proper storage structure due to the usage of a \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"__gap\"), \" value that was updated, the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" does not have such a gap and adjusts its storage space between implementations.\"), mdx(\"h3\", {\n    \"id\": \"impact\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#impact\",\n    \"aria-label\": \"impact permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Impact:\"), mdx(\"p\", null, \"Given that this vulnerability would solely arise if \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC2771ContextUpgradeable\"), \" was updated by OpenZeppelin to make use of storage slots and / or if the Boson Protocol inherits implementations that make use of storage space for the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \", its severity is indeterminate as it may never manifest in practice.\"), mdx(\"h3\", {\n    \"id\": \"example-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example-1\",\n    \"aria-label\": \"example 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={7,8} lineNumbers=true lineOffset=782\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{7,8}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"782\"\n  }, \"/*\\n * Returns storage pointer to location of private variables\\n * 0x99 is location of _owners\\n * 0x9a is location of _balances\\n *\\n * Since ERC721UpgradeableStorage slot is 0x99\\n * _owners slot is ERC721UpgradeableStorage + 0\\n * _balances slot is ERC721UpgradeableStorage + 1\\n */\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation-1\",\n    \"aria-label\": \"recommendation 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"__gap\"), \" value that was removed from \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \" to be relocated to the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" implementation, ensuring the storage space of \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \" is unaffected between upgrades of the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" dependency.\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-1\",\n    \"aria-label\": \"alleviation 2b9f60b6c3323fd234b570089ceff924cdb5851c 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):\"), mdx(\"p\", null, \"The \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" already possessed a \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"__gap\"), \" variable, rendering this exhibit nullified.\"), mdx(\"h2\", {\n    \"id\": \"span-idbvr-03mbvr-03m-inexistent-access-control-of-protocol-withdrawalsspan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-03mbvr-03m-inexistent-access-control-of-protocol-withdrawalsspan\",\n    \"aria-label\": \"span idbvr 03mbvr 03m inexistent access control of protocol withdrawalsspan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-03M\"\n  }, \"BVR-03M: Inexistent Access Control of Protocol Withdrawals\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#logical-fault\"\n  }, \"Logical Fault\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-minor\",\n    \"src\": \"https://omniscia.io/report-assets/minor.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L766\"\n  }, \"BosonVoucher.sol:L766\"))))), mdx(\"h3\", {\n    \"id\": \"description-2\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description-2\",\n    \"aria-label\": \"description 2 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L766-L781\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::withdrawToProtocol\")), \" function does not apply any access control to its caller, permitting anyone to invoke it and thus cause funds from the contract to be deposited to the protocol.\"), mdx(\"p\", null, \"While the funds will still be owned by the correct \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"sellerId\"), \", the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" contract is capable of being the \\\"purchaser\\\" of a conditional offer in the Boson Protocol system. These conditional offers can impose restrictions based on \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-20\"\n  }, \"EIP-20\"), \" asset balances that can be compromised by this function in an on-chain race condition.\"), mdx(\"h3\", {\n    \"id\": \"impact-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#impact-1\",\n    \"aria-label\": \"impact 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Impact:\"), mdx(\"p\", null, \"It is presently possible to hijack threshold-based commit authorizations that are performed by the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" by invoking its \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L766-L781\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::withdrawToProtocol\")), \" function.\"), mdx(\"h3\", {\n    \"id\": \"example-2\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example-2\",\n    \"aria-label\": \"example 2 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={1} lineNumbers=true lineOffset=765\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{1}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"765\"\n  }, \"function withdrawToProtocol(address[] calldata _tokenList) external {\\n    address protocolDiamond = IClientExternalAddresses(BeaconClientLib._beacon()).getProtocolAddress();\\n    uint256 sellerId = getSellerId();\\n\\n    for (uint256 i = 0; i < _tokenList.length; i++) {\\n        address token = _tokenList[i];\\n        if (token == address(0)) {\\n            uint256 balance = address(this).balance;\\n            IBosonFundsHandler(protocolDiamond).depositFunds{ value: balance }(sellerId, token, balance);\\n        } else {\\n            uint256 balance = IERC20(token).balanceOf(address(this));\\n            IERC20(token).approve(protocolDiamond, balance);\\n            IBosonFundsHandler(protocolDiamond).depositFunds(sellerId, token, balance);\\n        }\\n    }\\n}\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation-2\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation-2\",\n    \"aria-label\": \"recommendation 2 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise the code to apply proper access control and ensure that the function can only be called by the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"OwnableUpgradeable::owner\"), \" of the contract.\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-2\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-2\",\n    \"aria-label\": \"alleviation 2b9f60b6c3323fd234b570089ceff924cdb5851c 2 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):\"), mdx(\"p\", null, \"The Boson Protocol team evaluated this exhibit and acknowledged that it is an edge condition, however, they do not plan to remediate it as they wish withdrawals to be flexible.\"), mdx(ViewDiffButton, {\n    repoUrl: \"https://github.com/bosonprotocol/boson-protocol-contracts\",\n    mainHash: \"02a4d2ff04832a4607674ba37708d4f52cdac4fa\",\n    fixHash: \"2b9f60b6c3323fd234b570089ceff924cdb5851c\",\n    gitHubIssue: \"742\",\n    mdxType: \"ViewDiffButton\"\n  }), mdx(\"h2\", {\n    \"id\": \"span-idbvr-04mbvr-04m-inexistent-legacy-compatibility-of-boson-voucher-premintsspan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-04mbvr-04m-inexistent-legacy-compatibility-of-boson-voucher-premintsspan\",\n    \"aria-label\": \"span idbvr 04mbvr 04m inexistent legacy compatibility of boson voucher premintsspan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-04M\"\n  }, \"BVR-04M: Inexistent Legacy Compatibility of Boson Voucher Premints\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#logical-fault\"\n  }, \"Logical Fault\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-medium\",\n    \"src\": \"https://omniscia.io/report-assets/medium.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L452\"\n  }, \"BosonVoucher.sol:L452\"), \", \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L706\"\n  }, \"L706\"), \", \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L736\"\n  }, \"L736\"))))), mdx(\"h3\", {\n    \"id\": \"description-3\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description-3\",\n    \"aria-label\": \"description 3 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The updated \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \" implementation utilizes a new identification system for tokens whereby they are composed of the offer ID as well as exchange ID in the upper and lower halves of the 256 bit number respectively.\"), mdx(\"p\", null, \"Preminted vouchers that had been issued before the update, however, will misbehave as they will not be able to be committed properly and will yield incorrect \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L443-L460\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucher::tokenURI\")), \" values.\"), mdx(\"h3\", {\n    \"id\": \"impact-2\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#impact-2\",\n    \"aria-label\": \"impact 2 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Impact:\"), mdx(\"p\", null, \"Any \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \" beacon implementations that were upgraded and had lingering preminted vouchers will fail to function as expected after the upgrade.\"), mdx(\"h3\", {\n    \"id\": \"example-3\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example-3\",\n    \"aria-label\": \"example 3 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={14} lineNumbers=true lineOffset=692\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{14}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"692\"\n  }, \"function _beforeTokenTransfer(address _from, address _to, uint256 _tokenId, uint256) internal override {\\n    // Derive the exchange id\\n    uint256 exchangeId = _tokenId & type(uint128).max;\\n    if (_isCommitable) {\\n        // If is committable, invoke commitToPreMintedOffer on the protocol\\n\\n        // Set _isCommitable to false\\n        _isCommitable = false;\\n\\n        // Set the preminted token as committed\\n        _committed[_tokenId] = true;\\n\\n        // Derive the offer id\\n        uint256 offerId = _tokenId >> 128;\\n\\n        // If this is a transfer of preminted token, treat it differently\\n        address protocolDiamond = IClientExternalAddresses(BeaconClientLib._beacon()).getProtocolAddress();\\n        IBosonExchangeHandler(protocolDiamond).commitToPreMintedOffer(payable(_to), offerId, exchangeId);\\n    } else if (_from != address(0) && _to != address(0) && _from != _to) {\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation-3\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation-3\",\n    \"aria-label\": \"recommendation 3 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \" system to either \\\"delete\\\" all previously issued premints as part of its upgrade or to support them properly, the latter of which we advise given that preminted offers are closely intertwined with offers and the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"OrchestrationHandlerFacet1\"), \".\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3\",\n    \"aria-label\": \"alleviation 2b9f60b6c3 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3):\"), mdx(\"p\", null, \"The Boson Protocol team stated that they deem this exhibit incorrect as the new identification system was introduced in tandem with the premint functionality of vouchers.\"), mdx(\"p\", null, \"We consider this to be incorrect as the audit we performed of \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/releases/tag/v2.2.0-rc.2\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"v2.2.0-rc.2\")), \" contained a preminted system without the new identification system in place.\"), mdx(\"p\", null, \"We advise the Boson Protocol team to re-evaluate this exhibit and specify what version of \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"v2.2.0\"), \" was actively deployed and will be replaced by the currently-audited version.\"), mdx(\"h3\", {\n    \"id\": \"alleviation-584e7d054c\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-584e7d054c\",\n    \"aria-label\": \"alleviation 584e7d054c permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (584e7d054c):\"), mdx(\"p\", null, \"The Boson Protocol team clarified that the Polygon mainnet deployment has been upgraded from \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/tree/v2.2.0\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"v2.2.0\")), \" to \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/tree/v2.2.1\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"v2.2.1\")), \" with no intermediate steps and as such, no lingering legacy vouchers are present in the system.\"), mdx(\"p\", null, \"Based on this fact, we consider the exhibit nullified as it arose from a version that was never actively deployed.\"), mdx(ViewDiffButton, {\n    repoUrl: \"https://github.com/bosonprotocol/boson-protocol-contracts\",\n    mainHash: \"02a4d2ff04832a4607674ba37708d4f52cdac4fa\",\n    fixHash: \"584e7d054c1198ed4b95edbf970de0d6c47a3fcc\",\n    gitHubIssue: \"798\",\n    mdxType: \"ViewDiffButton\"\n  }), mdx(\"h2\", {\n    \"id\": \"span-idbvr-05mbvr-05m-inexistent-transfer-of-preminted-voucher-rangesspan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-05mbvr-05m-inexistent-transfer-of-preminted-voucher-rangesspan\",\n    \"aria-label\": \"span idbvr 05mbvr 05m inexistent transfer of preminted voucher rangesspan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-05M\"\n  }, \"BVR-05M: Inexistent Transfer of Preminted Voucher Ranges\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#logical-fault\"\n  }, \"Logical Fault\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-medium\",\n    \"src\": \"https://omniscia.io/report-assets/medium.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L175\"\n  }, \"BosonVoucher.sol:L175\"), \", \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L227\"\n  }, \"L227\"), \", \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L291\"\n  }, \"L291\"), \", \", mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L483-L489\"\n  }, \"L483-L489\"))))), mdx(\"h3\", {\n    \"id\": \"description-4\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description-4\",\n    \"aria-label\": \"description 4 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The process of issuing a range reservation within \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L152-L178\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::reserveRange\")), \" ensures that the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_to\"), \" address is either the contract itself or the contract's owner, however, this assumption may have been invalidated when \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L211-L244\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::preMint\")), \" has been invoked as the transfer of ownership of a voucher (\", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L483-L489\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::transferOwnership\")), \") does not update the range owner values.\"), mdx(\"h3\", {\n    \"id\": \"impact-3\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#impact-3\",\n    \"aria-label\": \"impact 3 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Impact:\"), mdx(\"p\", null, \"The current mechanism permits the owner of a voucher to reserve a large range and then transfer their voucher. When doing so, the new owner will be unable to utilize this reserved range for themselves as the owner would have been cached to the previous owner, a behaviour we consider incorrect.\"), mdx(\"h3\", {\n    \"id\": \"example-4\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example-4\",\n    \"aria-label\": \"example 4 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={24,76} lineNumbers=true lineOffset=151\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{24,76}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"151\"\n  }, \"function reserveRange(uint256 _offerId, uint256 _start, uint256 _length, address _to) external onlyRole(PROTOCOL) {\\n    // _to must be the contract address or the contract owner (operator)\\n    require(_to == address(this) || _to == owner(), INVALID_TO_ADDRESS);\\n\\n    // Prevent reservation of an empty range\\n    require(_length > 0, INVALID_RANGE_LENGTH);\\n\\n    // Adjust start id to include offer id\\n    require(_start > 0, INVALID_RANGE_START);\\n    _start += (_offerId << 128);\\n\\n    // Prevent overflow in issueVoucher and preMint\\n    require(_start <= type(uint256).max - _length, INVALID_RANGE_LENGTH);\\n\\n    // Get storage slot for the range\\n    Range storage range = _rangeByOfferId[_offerId];\\n\\n    // Revert if the offer id is already associated with a range\\n    require(range.length == 0, OFFER_RANGE_ALREADY_RESERVED);\\n\\n    // Store the reserved range\\n    range.start = _start;\\n    range.length = _length;\\n    range.owner = _to;\\n\\n    emit RangeReserved(_offerId, range);\\n}\\n\\n/**\\n * @notice Pre-mints all or part of an offer's reserved vouchers.\\n *\\n * For small offer quantities, this method may only need to be\\n * called once.\\n *\\n * But, if the range is large, e.g., 10k vouchers, block gas limit\\n * could cause the transaction to fail. Thus, in order to support\\n * a batched approach to pre-minting an offer's vouchers,\\n * this method can be called multiple times, until the whole\\n * range is minted.\\n *\\n * A benefit to the batched approach is that the entire reserved\\n * range for an offer need not be pre-minted at one time. A seller\\n * could just mint batches periodically, controlling the amount\\n * that are available on the market at any given time, e.g.,\\n * creating a pre-minted offer with a validity period of one year,\\n * causing the token range to be reserved, but only pre-minting\\n * a certain amount monthly.\\n *\\n * Caller must be contract owner (seller assistant address).\\n *\\n * Reverts if:\\n * - Offer id is not associated with a range\\n * - Amount to mint is more than remaining un-minted in range\\n * - Offer already expired\\n * - Offer is voided\\n *\\n * @param _offerId - the id of the offer\\n * @param _amount - the amount to mint\\n */\\nfunction preMint(uint256 _offerId, uint256 _amount) external onlyOwner {\\n    // Get the offer's range\\n    Range storage range = _rangeByOfferId[_offerId];\\n\\n    // Revert if id not associated with a range\\n    require(range.length != 0, NO_RESERVED_RANGE_FOR_OFFER);\\n\\n    // Revert if no more to mint in range\\n    require(range.length >= range.minted + _amount, INVALID_AMOUNT_TO_MINT);\\n\\n    // Make sure that offer is not expired or voided\\n    (Offer memory offer, OfferDates memory offerDates) = getBosonOffer(_offerId);\\n    require(!offer.voided && (block.timestamp <= offerDates.validUntil), OFFER_EXPIRED_OR_VOIDED);\\n\\n    // Get the first token to mint\\n    uint256 start = range.start + range.minted;\\n    address to = range.owner;\\n\\n    // Pre-mint the range\\n    uint256 tokenId;\\n    for (uint256 i = 0; i < _amount; i++) {\\n        tokenId = start + i;\\n\\n        emit Transfer(address(0), to, tokenId);\\n    }\\n\\n    // Bump the minted count\\n    range.minted += _amount;\\n\\n    // Update to total balance\\n    getERC721UpgradeableStorage()._balances[to] += _amount;\\n\\n    emit VouchersPreMinted(_offerId, start, tokenId);\\n}\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation-4\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation-4\",\n    \"aria-label\": \"recommendation 4 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"This issue is slightly complex to solve as preminted offer burns should be done on the address that was consumed during a \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L211-L244\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::preMint\")), \" call. As such, we propose a uniform range \\\"ownership\\\" mechanism as follows:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L152-L178\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::reserveRange\")), \" function will assign a \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"bool\"), \" value on the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"Range\"), \" struct that indicates whether it is a contract-or-owner ownership style range.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"BosonVoucherBase::preMint\"), \" function will evaluate either the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"address(this)\"), \" value or the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"OwnableUpgradeable::owner\"), \" of the contract depending on the aforementioned \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"bool\"), \" variable. The result will be the recipient of the premint and will additionally be stored on the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"Range\"), \" struct.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L270-L306\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::burnPremintedVouchers\")), \" will rely on the newly stored recipient of the premint in the previous step rather than a dynamic evaluation, ensuring that the preminted vouchers are burned from the correct party.\")), mdx(\"p\", null, \"These adjustments to the four premint-related functions are sufficient to alleviate the issue described.\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3-1\",\n    \"aria-label\": \"alleviation 2b9f60b6c3 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3):\"), mdx(\"p\", null, \"The Boson Protocol team stated that they wish to remain compatible with the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-721\"\n  }, \"EIP-721\"), \" standard in full and emit the correct \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"Transfer\"), \" events whenever a premint occurs. As such, they consider the current approach a deliberate choice and wish to acknowledge this exhibit.\"), mdx(\"p\", null, \"We would like to state that this issue should be re-visited by the Boson Protocol team and lead to a potential refactor in the way premints work in the codebase as we consider it a flaw worthy of being remediated due to the potential user-experience hinderances it may cause.\"), mdx(\"h3\", {\n    \"id\": \"alleviation-584e7d054c-1\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-584e7d054c-1\",\n    \"aria-label\": \"alleviation 584e7d054c 1 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (584e7d054c):\"), mdx(\"p\", null, \"After re-evaluating the exhibit, the Boson Protocol has retained their decision to proceed with the current approach for premint operations.\"), mdx(\"p\", null, \"To ensure users of the range functionality are aware of how it behaves, extensive documentation and warnings will be placed in the codebase to note the feature is experimental and detail the caveats that arise from utilizing it.\"), mdx(\"p\", null, \"Based on these actions, we consider this exhibit acknowledged and advise it to be monitored by the Boson Protocol team in future releases of the protocol.\"), mdx(ViewDiffButton, {\n    repoUrl: \"https://github.com/bosonprotocol/boson-protocol-contracts\",\n    mainHash: \"02a4d2ff04832a4607674ba37708d4f52cdac4fa\",\n    fixHash: \"584e7d054c1198ed4b95edbf970de0d6c47a3fcc\",\n    gitHubIssue: \"797\",\n    mdxType: \"ViewDiffButton\"\n  }), mdx(\"h2\", {\n    \"id\": \"span-idbvr-06mbvr-06m-insufficient-protection-of-contract-assetsspan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-06mbvr-06m-insufficient-protection-of-contract-assetsspan\",\n    \"aria-label\": \"span idbvr 06mbvr 06m insufficient protection of contract assetsspan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-06M\"\n  }, \"BVR-06M: Insufficient Protection of Contract Assets\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#logical-fault\"\n  }, \"Logical Fault\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-major\",\n    \"src\": \"https://omniscia.io/report-assets/major.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L536-L543\"\n  }, \"BosonVoucher.sol:L536-L543\"))))), mdx(\"h3\", {\n    \"id\": \"description-5\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description-5\",\n    \"aria-label\": \"description 5 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L531-L546\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::callExternalContract\")), \" is insecure as it permits the contract to perform arbitrary calls, potentially compromising the assets it is in possession of. A short list of disallowed \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"selector\"), \" values has been specified, however, it is insufficient if the contract is expected to not reduce its balance in any way.\"), mdx(\"h3\", {\n    \"id\": \"impact-4\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#impact-4\",\n    \"aria-label\": \"impact 4 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Impact:\"), mdx(\"p\", null, \"It is presently possible to compromise funds held within the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucher\"), \" despite the security measures in place within \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L531-L546\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::callExternalContract\")), \".\"), mdx(\"h3\", {\n    \"id\": \"example-5\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example-5\",\n    \"aria-label\": \"example 5 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={6,7,8,9,10,11,12,13} lineNumbers=true lineOffset=530\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{6,7,8,9,10,11,12,13}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"530\"\n  }, \"function callExternalContract(address _to, bytes calldata _data) external payable onlyOwner returns (bytes memory) {\\n    require(_to != address(0), INVALID_ADDRESS);\\n\\n    // Prevent invocation of functions that would allow transfer of tokens from this contract\\n    bytes4 selector = bytes4(_data[:4]);\\n    require(\\n        selector != IERC20.transfer.selector &&\\n            selector != IERC20.approve.selector &&\\n            selector != IERC20.transferFrom.selector &&\\n            selector != DAI.push.selector &&\\n            selector != DAI.move.selector,\\n        FUNCTION_NOT_ALLOWLISTED\\n    );\\n\\n    return _to.functionCallWithValue(_data, msg.value, FUNCTION_CALL_NOT_SUCCESSFUL);\\n}\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation-5\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation-5\",\n    \"aria-label\": \"recommendation 5 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise either the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"selector\"), \" list to be made a \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"mapping\"), \" that can be maintained by the Boson Protocol team as the current solution is insufficient in preventing token transfers.\"), mdx(\"p\", null, \"As tangible examples, an \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC20::burn\"), \" call can be made on the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"DAI\"), \" token, an \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC20Like::increaseAllowance\"), \" call can be made on the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"USDC\"), \" token, and \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC20Like::increaseApproval\"), \" as well as \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC20Like::increaseAllowance\"), \" functions exist on multiple tokens.\"), mdx(\"p\", null, \"Depending on the intended purpose of the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L531-L546\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"BosonVoucherBase::callExternalContract\")), \" function, multiple robust solutions can be employed. We will detail a few approaches in brief that the Boson Protocol can follow below:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Implement a \\\"target\\\" whitelist in case \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"BosonVoucher\"), \" instances are expected to interact with a small subset of contracts (i.e. \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/pull/571\"\n  }, \"Seaport based on the PR of the changes\"), \").\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Implement a blanket asset protection measure by evaluating whether the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"_to\"), \" address supports the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"ERC20::balanceOf\"), \" function. As almost all \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-20\"\n  }, \"EIP-20\"), \" tokens require direct interaction to transfer tokens or approve, a successful \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"ERC20::balanceOf\"), \" invocation would indicate the target \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"_to\"), \" address is a token and should not be interacted with.\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Maintain a protocol-wide \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"selector\"), \" blacklist that uses a \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"mapping\"), \" entry that can be updated in the future as more signatures need to be blacklisted.\")), mdx(\"p\", null, \"To note, the contract seems to solely protect \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-20\"\n  }, \"EIP-20\"), \" assets. If \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-721\"\n  }, \"EIP-721\"), \" or \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-1155\"\n  }, \"EIP-1155\"), \" assets need to be protected as well (which we believe to be the case), all the aforementioned solutions would need to be adapted accordingly to support those two standards on top (i.e. \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC721::ownerOf\"), \" instead of \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"ERC20::balanceOf\"), \").\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-3\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-3\",\n    \"aria-label\": \"alleviation 2b9f60b6c3323fd234b570089ceff924cdb5851c 3 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):\"), mdx(\"p\", null, \"The Boson Protocol proceeded with applying the second approach we detailed whereby an \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"IERC20::balanceOf\"), \" invocation is attempted on the target \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_to\"), \" address and if it succeeds the interaction is prohibited.\"), mdx(\"p\", null, \"The Boson Protocol team stated that they do not wish to support \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-721\"\n  }, \"EIP-721\"), \" / \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-1155\"\n  }, \"EIP-1155\"), \" asset protection at this stage, however, it is something that they will keep track of for a potential future implementation.\"), mdx(\"p\", null, \"Given that \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://eips.ethereum.org/EIPS/eip-20\"\n  }, \"EIP-20\"), \" assets are adequately protected via the remediation introduced, we consider this exhibit to be fully alleviated.\"), mdx(ViewDiffButton, {\n    repoUrl: \"https://github.com/bosonprotocol/boson-protocol-contracts\",\n    mainHash: \"02a4d2ff04832a4607674ba37708d4f52cdac4fa\",\n    fixHash: \"2b9f60b6c3323fd234b570089ceff924cdb5851c\",\n    gitHubIssue: \"743\",\n    mdxType: \"ViewDiffButton\"\n  }), mdx(\"h2\", {\n    \"id\": \"span-idbvr-07mbvr-07m-storage-conflict-of-beacon-implementationspan\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#span-idbvr-07mbvr-07m-storage-conflict-of-beacon-implementationspan\",\n    \"aria-label\": \"span idbvr 07mbvr 07m storage conflict of beacon implementationspan permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), mdx(\"span\", {\n    id: \"BVR-07M\"\n  }, \"BVR-07M: Storage Conflict of Beacon Implementation\")), mdx(\"table\", null, mdx(\"thead\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"thead\"\n  }, mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Type\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Severity\"), mdx(\"th\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, \"Location\"))), mdx(\"tbody\", {\n    parentName: \"table\"\n  }, mdx(\"tr\", {\n    parentName: \"tbody\"\n  }, mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"/reports/boson-protocol-version-2.3-64c3b2cf1570d80014096fc3/appendix/finding-types#language-specific\"\n  }, \"Language Specific\")), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"img\", {\n    parentName: \"td\",\n    \"className\": \"o-severity o-major\",\n    \"src\": \"https://omniscia.io/report-assets/major.png\"\n  })), mdx(\"td\", {\n    parentName: \"tr\",\n    \"align\": null\n  }, mdx(\"a\", {\n    parentName: \"td\",\n    \"href\": \"https://github.com/bosonprotocol/boson-protocol-contracts/blob/02a4d2ff04832a4607674ba37708d4f52cdac4fa/contracts/protocol/clients/voucher/BosonVoucher.sol#L51-L54\"\n  }, \"BosonVoucher.sol:L51-L54\"))))), mdx(\"h3\", {\n    \"id\": \"description-6\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#description-6\",\n    \"aria-label\": \"description 6 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Description:\"), mdx(\"p\", null, \"The \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" contract is meant to be the logic target of beacon implementations per its documentation as well as the project's code structure, however, in the latest update the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_rangeOfferIds\"), \" entry was omitted thereby shifting its storage space upwards by one 32-byte slot and thus rendering the contract an incompatible upgrade for existing beacons.\"), mdx(\"h3\", {\n    \"id\": \"impact-5\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#impact-5\",\n    \"aria-label\": \"impact 5 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Impact:\"), mdx(\"p\", null, \"If the updated \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"BosonVoucherBase\"), \" was utilized as a beacon upgrade of the existing Boson Protocol, the storage space of all deployed vouchers would be corrupted causing significant unintended side effects.\"), mdx(\"h3\", {\n    \"id\": \"example-6\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#example-6\",\n    \"aria-label\": \"example 6 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-sol\",\n    \"metastring\": \"title=contracts/protocol/clients/voucher/BosonVoucher.sol highlight={3} lineNumbers=true lineOffset=49\",\n    \"title\": \"contracts/protocol/clients/voucher/BosonVoucher.sol\",\n    \"highlight\": \"{3}\",\n    \"lineNumbers\": \"true\",\n    \"lineOffset\": \"49\"\n  }, \"// Map an offerId to a Range for pre-minted offers\\nmapping(uint256 => Range) private _rangeByOfferId;\\n\\n// Premint status, used only temporarly in transfers\\nbool private _isCommitable;\\n\")), mdx(\"h3\", {\n    \"id\": \"recommendation-6\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#recommendation-6\",\n    \"aria-label\": \"recommendation 6 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise the code to retain the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_rangeOfferIds\"), \" as a \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"private\"), \" variable that is aptly renamed to \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_rangeOfferIds_deprecated\"), \" so as to indicate that it solely exists to retain the storage offset of the overall system.\"), mdx(\"h3\", {\n    \"id\": \"alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-4\",\n    \"style\": {\n      \"position\": \"relative\"\n    }\n  }, mdx(\"a\", {\n    parentName: \"h3\",\n    \"href\": \"#alleviation-2b9f60b6c3323fd234b570089ceff924cdb5851c-4\",\n    \"aria-label\": \"alleviation 2b9f60b6c3323fd234b570089ceff924cdb5851c 4 permalink\",\n    \"className\": \"anchor before\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):\"), mdx(\"p\", null, \"The Boson Protocol team stated that the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"_rangeOfferIds\"), \" variable was present in a release candidate that never made it to production.\"), mdx(\"p\", null, \"As such, we consider this exhibit nullified given that the storage layout of the live contracts is unaffected by the referenced discrepancy.\"));\n}\n;\nMDXContent.isMDXComponent = true;","headings":[{"depth":2,"value":"<span id=\"BVR-01M\">BVR-01M: Inexistent Restriction of Approval for Owner</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):"},{"depth":2,"value":"<span id=\"BVR-02M\">BVR-02M: Potentially Malformed Contract Storage Space</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):"},{"depth":2,"value":"<span id=\"BVR-03M\">BVR-03M: Inexistent Access Control of Protocol Withdrawals</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):"},{"depth":2,"value":"<span id=\"BVR-04M\">BVR-04M: Inexistent Legacy Compatibility of Boson Voucher Premints</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3):"},{"depth":3,"value":"Alleviation (584e7d054c):"},{"depth":2,"value":"<span id=\"BVR-05M\">BVR-05M: Inexistent Transfer of Preminted Voucher Ranges</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3):"},{"depth":3,"value":"Alleviation (584e7d054c):"},{"depth":2,"value":"<span id=\"BVR-06M\">BVR-06M: Insufficient Protection of Contract Assets</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):"},{"depth":2,"value":"<span id=\"BVR-07M\">BVR-07M: Storage Conflict of Beacon Implementation</span>"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (2b9f60b6c3323fd234b570089ceff924cdb5851c):"}]}},"pageContext":{"slug":"/manual-review/BosonVoucher-BVR/","prev":{"label":"OfferBase.sol (OBE-S)","link":"/static-analysis/OfferBase-OBE"},"next":{"label":"BundleBase.sol (BBS-M)","link":"/manual-review/BundleBase-BBS"}}},"staticQueryHashes":["1954253342","2328931024","2501019404","973074209"]}