Content
@
https://www.bountycaster.xyz
0 reply
0 recast
0 reaction
Devin Conley
@dcon.eth
Bug bounty for a single solidity contract that handles receiving (buying) and reselling 721s and 1155s via dutch auction in shuffled bundles Payout: 100 usdc for any logical bug or significant gas optimization Deadline: 2023/12/22 Repo: https://github.com/devinaconley/garage-sale @bountybot
6 replies
0 recast
2 reactions
Daniel - Bountycaster
@pirosb3
Disclaimer: Not a smart contract engineer. A few observations on this contract: 1/n
1 reply
0 recast
1 reaction
Daniel - Bountycaster
@pirosb3
Currently, the contract hard codes several important parameters (auction price range, duration) that are hardcoded. Good practice is to pass these in as constructor arguments. Also consider adding functions to potentially change these parameters after they are set
3 replies
0 recast
1 reaction
Daniel - Bountycaster
@pirosb3
The buy function processes tokens based on TokenType, but will not raise an exception if tokenType is unknown, and this codepath leads to incorrect/invalid event emissions. Suggestion is to raise an error if type_ is unknown
2 replies
0 recast
1 reaction
Daniel - Bountycaster
@pirosb3
While you have a withdraw function for ETH, it could be ideal to have equivalent withdraw functions for tokens - in case there is a need to upgrade the contract or a bug that causes the funds to be stuck
2 replies
0 recast
1 reaction
Devin Conley
@dcon.eth
Thanks for the review! Those hardcoded values are just reasonable defaults. They actually can all be updated by privileged setter methods! (e.g. setBundle)
0 reply
0 recast
0 reaction
