Omniscia Evergon Labs Audit

OneBorderTimeFacetStorage Manual Review Findings

Type	Severity	Location
Logical Fault		OneBorderTimeFacetStorage.sol:L45

Description:

An unconfigured OneBorderTimeFacetStorage contract will have a fundsProvisionStartingTimestamp of 0 meaning that the OneBorderTimeFacetStorage::checkPurchaseTimes function would always succeed.

Impact:

An unconfigured OneBorderTimeFacetStorage contract will permit any purchase time even though it should revert by default.

Example:

packages/contracts/contracts/internalFacets/purchasePhaseFacets/purchaseTimeFacets/oneBorderTime/OneBorderTimeFacetStorage.sol

42function checkPurchaseTimes(Layout storage l, uint256 campaignId) internal view {
43    uint256 currentTimestamp = block.timestamp;
44
45    if (currentTimestamp < l.fundsProvisionStartingTimestamp[campaignId]) revert NonPurchaseTimeline();
46}

Recommendation:

We advise the code to also ensure that the fundsProvisionStartingTimestamp is non-zero, ensuring the contact has been properly configured.

Alleviation (71cda4ccfdcfa25fb96a4565f1f8143b350dd246):

The Evergon Labs team evaluated this exhibit and analyzed the call-flow via which the OneBorderTimeFacetStorage::checkPurchaseTimes function will be invoked. In their analysis, they deduced that the function will solely be invoked with a non-zero fundsProvisionStartingTimestamp data entry rendering further validation to be redundant.

We validated this analysis and thus consider this exhibit to be invalid as its recommendation is unnecessary.

Omniscia Evergon Labs Audit

OneBorderTimeFacetStorage Manual Review Findings

OneBorderTimeFacetStorage Manual Review Findings

OBF-01M: Inexistent Validation of Facet Configuration

Description:

Impact:

Example:

Recommendation:

Alleviation (71cda4ccfdcfa25fb96a4565f1f8143b350dd246):

MarginCallSubSkeletonNID.sol (MCN-M)

PostPurchaseStakeFacet.sol (PPS-M)

On this page