PlaySwoops

Off-Chain (Private)

Audited on 2022/05/17

No active critical issues

Summary

In the course of the audit we identified 11 issues: one high, two medium, four low, two informational, and two undetermined severity issues. The identified re-entrancy vulnerability (high severity) can enable an attacker to circumvent the mint limits. Improper input validations on critical parameters makes it possible for the contract to be configured into a faulty state (medium severity). The owner is given the privilege to mint tokens with no restrictions (medium severity). Furthermore, the reviewed contracts do not follow the standard implementation of the proxy pattern.

Project

PlaySwoops

Ethereum

Issues (12)

	Low	Medium	High	Critical	Total
Not fixed	4	2	-	-	6
Fixed	5	-	1	-	6
Total	9	2	1	0	12

Contracts (3)

#	File Name
1	contracts/SwoopsMint.sol
2	contracts/OwnershipClaimable.sol
3	contracts/SwoopsERC721.sol

#	File Name
1	contracts/SwoopsMint.sol
2	contracts/OwnershipClaimable.sol
3	contracts/SwoopsERC721.sol

PlaySwoops

Summary

Issues (12)

Missing Input Validationnot_fixed/medium

Unrestricted Mint for Ownersnot_fixed/medium

Incompatible With Proxiesnot_fixed/low

High Royalty Fees Can be Imposed Without Users’ Consentnot_fixed/low

Surplus ETH Not Refunded not_fixed/low

Contracts (3)