Omniscia Trustworks Audit
Multisig Code Style Findings
Multisig Code Style Findings
MUL-01C: Inexistent Error Messages
Type | Severity | Location |
---|---|---|
Code Style | Informational | Multisig.sol:L149, L150, L172 |
Description:
The linked require
checks are not accompanied by an error message rendering their debugging as well as audit validation illegible.
Example:
169function transferBNB(address payable _recipientForBNB, uint256 _amountToTransferBNB) external nonReentrant {170 require(msg.sender == owner1, "Only owner1 can transferToken");171 require(canTransferBNB, "Trnsfer is not initialized");172 require(recipientForBNB != address(0));173 require(recipientForBNB == _recipientForBNB, "Recptient is not the same as the in the initialized recipient");174 require(amountToTransferForBNB == _amountToTransferBNB, "amountToTransfer is not the same as the in the initialized amountToTransfer");175 canTransferBNB = false;176 amountToTransferForBNB = 0;177 recipientForBNB = address(0);178 _recipientForBNB.transfer(_amountToTransferBNB);179}
Recommendation:
We advise error messages to be introduced to these checks to ensure that they accurately represent the condition they are meant to evaluate.
Alleviation:
All require
checks contain an error message in the new version of the codebase.
MUL-02C: Redundant Reentrancy Protection
Type | Severity | Location |
---|---|---|
Gas Optimization | Informational | Multisig.sol:L138-L179 |
Description:
All contract functions fully comply with the Checks-Effects-Interactions pattern and disallow any form of re-entrancy to cause issues.
Example:
138function initializeTransferToken(address _recipientForToken, IBEP20 _tokenToTransfer,uint256 _amountToTransferToken) external nonReentrant {139 require(msg.sender == owner2, "Only owner2 can initializeTransfer");140 recipientForToken = _recipientForToken;141 tokenToTransfer = _tokenToTransfer;142 amountToTransferToken = _amountToTransferToken;143 canTransferToken = true;144}145146function transferToken(address _recipientForToken, IBEP20 _tokenToTransfer, uint256 _amountToTransferToken) external nonReentrant {147 require(msg.sender == owner1, "Only owner1 can transferToken");148 require(canTransferToken, "Trnsfer is not initialized");149 require(recipientForToken != address(0));150 require(tokenToTransfer != IBEP20(0));151 require(_recipientForToken == recipientForToken, "Recptient is not the same as the in the initialized recipient");152 require(_tokenToTransfer == tokenToTransfer, "tokenToTransfer is not the same as the in the initialized tokenToTransfer");153 require(_amountToTransferToken == amountToTransferToken, "amountToTransfer is not the same as the in the initialized amountToTransfer");154 canTransferToken = false;155 tokenToTransfer = IBEP20(0);156 amountToTransferToken = 0;157 recipientForToken = address(0);158 IBEP20(_tokenToTransfer).transfer(_recipientForToken, _amountToTransferToken);159}
Recommendation:
As a result, we advise the re-entrancy protection to be omitted from the codebase to optimize the gas cost involved in their execution unless more features are meant to be introduced to these functions.
Alleviation:
The re-entrancy protection was safely omitted from the linked functions to reduce the gas cost involved in interacting with them.