Omniscia Nexera Audit

MultipleStateReceiveFacetStorage Code Style Findings

MSF-01C: Inexistent Documentation of Storage Slot

Type	Severity	Location
Code Style		MultipleStateReceiveFacetStorage.sol:L27

Description:

The referenced STORAGE_SLOT does not have its actual result specified in its in-line documentation as it remains a TO-DO.

Example:

packages/contracts/contracts/internalFacets/receivePhaseFacets/receiveStateFacets/multipleState/MultipleStateReceiveFacetStorage.sol

25/** ================================================== STORAGE =================================================
26 * @dev Unique identifier for the storage slot where the Layout struct is stored. Derived from the ERC7201 formula.
27 * STORAGE_SLOT: TO-DO
28 */
29bytes32 internal constant STORAGE_SLOT =
30    keccak256(abi.encode(uint256(keccak256("Evergonlabs.Tmi-Tokenizer.storage.MultipleStateReceiveFacetStorage")) - 1)) &
31        ~bytes32(uint256(0xff));

Recommendation:

We advise the 0xd8f41c5fdb38b25be9f2a711b1c595293e82594c0f24cbb564d81c8f67648e00 storage slot to be properly specified in its comments, aiding in debugging of the contract's structure.

Alleviation (d682057ecb0e254069773d64f32c068cedb71e2a):

The correct storage slot has been specified as advised.

MSF-02C: Inexistent Duplicate Prevention

Type	Severity	Location
Logical Fault		MultipleStateReceiveFacetStorage.sol:L62, L69

Description:

The MultipleStateReceiveFacetStorage::initReceiveStateFacet function does not prevent duplicate receive states from being defined, resulting in inconsistent events being emitted by the MultipleStateReceiveFacet::initReceiveStateFacet function.

Impact:

As the impact is solely limited to event emissions and the call is performed by a trusted ADMIN_ROLE, the severity of this exhibit has been considered informational.

Example:

packages/contracts/contracts/internalFacets/receivePhaseFacets/receiveStateFacets/multipleState/MultipleStateReceiveFacetStorage.sol

50function initReceiveStateFacet(Layout storage l, bytes calldata initReceiveStateData) internal returns (uint256[] memory) {
51    if (l.isInitialized) revert AlreadyInitialized();
52    l.isInitialized = true;
53
54    uint256[] memory supportedReceiveStates = abi.decode(initReceiveStateData, (uint256[]));
55
56    uint256 length = supportedReceiveStates.length;
57
58    if (length == 0) revert InvalidZeroLengthForReceiveStates();
59
60    for (uint256 i; i < length; ) {
61        if (supportedReceiveStates[i] == 0) revert InvalidReceiveStateZero();
62        l.isReceiveState[supportedReceiveStates[i]] = true;
63
64        unchecked {
65            i += 1;
66        }
67    }
68
69    return supportedReceiveStates;
70}

Recommendation:

We advise duplicate states to be prevented, yielding an appropriate error in such a case.

Alleviation (d682057ecb0e254069773d64f32c068cedb71e2a):

The code was updated to prevent the re-assignment of a receive state, preventing misleading event emissions from ever manifesting.

Omniscia Nexera Audit

MultipleStateReceiveFacetStorage Code Style Findings

MultipleStateReceiveFacetStorage Code Style Findings

MSF-01C: Inexistent Documentation of Storage Slot

Description:

Example:

Recommendation:

Alleviation (d682057ecb0e254069773d64f32c068cedb71e2a):

MSF-02C: Inexistent Duplicate Prevention

Description:

Impact:

Example:

Recommendation:

Alleviation (d682057ecb0e254069773d64f32c068cedb71e2a):

LostAccountRoleEligibilityFacetStorage.sol (LAE-C)

PerpetuallyReceiveFundsFacet.sol (PRF-C)

On this page