DESCRIPTION
Windranger facilitates the growth of mantle and web3 ecosystems by partnering with builders to architect extraordinary cultures globally. It provides long-term talent, recruitment, HR, and operations services for companies in the Web3 and Metaverse space - including DAOs. The core contract covered in this audit includes Auction contracts in the code repository. The iterative audit covers the code in the initial version, as well as subsequent versions to fix discovered issues, as detailed in our audit report. Please note that external dependencies are assumed reliable and are therefore excluded from the audit scope. Our audit methodology employs automated vulnerability scans, manual verification, and business logic analysis to uncover potential security issues coupled with gas and code quality optimization recommendations. In summary, we have found that the codebase contains two high-risk issues that require prompt attention. In addition, we have identified three non-critical issues as well as three recommendations that should be considered. The Windranger team has addressed these issues promptly. It is important to note that our audit covers only the final reported versions of the codebase. Any subsequent updates would require a re-evaluation.
KEY FINDINGS
In total, we find 5 potential issues in the smart contract. We also have 3 recommendations and 0 notes, as follows:
| ID | Severity | Description | Category | Status |
|---|---|---|---|---|
| 1 | Medium | Incorrect Check of Parameters for the selectWinner() Function |
Software Security | Fixed |
| 2 | High | Incorrect Initialization Pattern | Software Security | Fixed |
| 3 | High | Unsafe Signatures | Software Security | Fixed |
| 4 | Low | Potential Denial-of-Service Attack | Software Security | Fixed |
| 5 | Low | Inconsistent Auction Design | DeFi Security | Confirmed |
| 6 | - | Remove Unused State Variable | Recommendation | Fixed |
| 7 | - | Remove Unused receive() Function |
Recommendation | Fixed |
| 8 | - | Remove Unused Inherited Contract | Recommendation | Fixed |
More details are provided in the audit report.