Omniscia CloudFunding Audit
IOU2ERC20 Code Style Findings
IOU2ERC20 Code Style Findings
IOE-01C: Improper Import of Contract
| Type | Severity | Location |
|---|---|---|
| Language Specific |  | IOU2ERC20.sol:L8 |
Description:
The linked contract import is solely utilized for accessing certain functions declared within it, however, the compiler will load the full bytecode of the contract thus increasing the deployment cost of the IOU2ERC20 contract redundantly.
Example:
8import './CrowdFunding.sol';9
10contract IOU2ERC20 is Ownable {11 address public iouToken;12 address public projectToken;13
14 function initialize(address _iouToken, address _projectToken) external onlyOwner {15 require(iouToken == address(0), 'Already initialized');16 require(_iouToken != address(0) && _projectToken != address(0), 'Address Zero');17 iouToken = _iouToken;18 projectToken = _projectToken;19 require(20 IERC20(projectToken).balanceOf(address(this)) >= CrowdFunding(payable(iouToken)).totalOfferedIOU(),21 'Not enough tokens'22 );23 }Recommendation:
We advise an interface to be declared that is inherited and overridden by the CrowdFunding contract and that is imported in the codebase of IOU2ERC20 and used for invoking the relevant functions to avoid the increased bytecode size.
Alleviation:
The CloudFunding team has opted not to alleviate any informational or minor exhibits they disagree with, thus rendering this exhibit as acknowledged.
IOE-02C: Redundant payable Casting
| Type | Severity | Location |
|---|---|---|
| Code Style | | IOU2ERC20.sol:L20, L58 |
Description:
The linked casting operations of the iouToken to a payable address are redundant as the resulting type is also casted to the CrowdFunding contract.
Example:
20IERC20(projectToken).balanceOf(address(this)) >= CrowdFunding(payable(iouToken)).totalOfferedIOU(),Recommendation:
We advise the payable casting operations to be omitted optimizing the code's legibility
Alleviation:
The CloudFunding team has stated that the payable casting is mandatory as the variable is casted to a contract-type with a receive function defined. This in itself is not an advisable practice as an interface is desired here instead which would require no casting to occur. We advise the code to be properly structured with interface declarations in dedicated files that are imported and consequently utilized in places such as the referenced statement to avoid the payable casting operation and other similar caveats due to the unnecessary usage of a contract definition. In any case, the CloudFunding team has opted not to alleviate any informational or minor exhibits they disagree with, thus rendering this exhibit as acknowledged.