NFT Market (PresetHTC, Auction, Store)
Summary
During the audit we uncovered several issues covering all severity levels. The code came with little documentation, without a build environment and most importantly completely without tests. We strongly advise against deploying the project as it is in its current state. <br> <br> **Update:** Following the fix verification, we determined that most of the issues have been fixed or sufficiently acknowledged. However, high severity issue QSP-1 ("Missing Test Suite") was only mitigated by providing some tests, which however cover less than 60% of the code base. We strongly recommend adding additional tests to improve coverage and ensure correct basic functionality in accordance with the developers planned design. The second high severity issue QSP-2 ("Copy and Sell / Instantly Buy with Low Price"), while explained to be by design, still holds a certain risk and we also recommend to consider. **Adherence to Specification**: All specification-related findings have been fixed, however the corresponding documentation is (at the time of finalization of this report) not yet publicly accessible. **Code Documentation**: All points, except one (5. Adding additional inline code comments) have been addressed. **Adherence to Best Practices**: About half of the recommendations have been implemented, further improving the code base, compared to its original state.
Issues (17)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 7 | 2 | 2 | - | 11 |
Fixed | 4 | 2 | - | - | 6 |
| Total | 11 | 4 | 2 | 0 | 17 |