NFTonPulse
Summary
The NFTonPulse contracts provide a decentralized auction house for NFTs that allows users to put their NFTs on auction, bid on an ongoing auction, or post an offer for an NFT. The protocol allows users to list and offer NFTs in exchange for either the blockchain's native assets or ERC20 tokens as well as allowing the listing of both ERC721 and ERC1155 NFTs. Furthermore, the protocol allows users to mint vouchers that can be later redeemed for ERC721 or ERC1155 tokens. The most significant issues found in this audit involved possibly receiving NFTs without payment (NFT-1), a replay attack (NFT-2), as well as a way for a malicious actor to launch a DoS attack on an auction (NFT-3). Overall, the documentation is of high quality, the tests are robust, and the code is well-written and clear. UPDATE: The NFTonPulse team has fixed the vast majority of our issues and acknowledged or mitigated the rest of them.
Issues (25)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 5 | 3 | 1 | - | 9 |
Fixed | 12 | 3 | 1 | - | 16 |
| Total | 17 | 6 | 2 | 0 | 25 |