Professional Documents
Culture Documents
NFTIZ Smart Contract Audit
NFTIZ Smart Contract Audit
Contract address:
https://polygonscan.com/address/0x2f26b3c3177be1df032c65b9e5a1a716c64333ae
Contract details
Number of lines: 173 (+ 189 in dependencies
Issue
Recomendations
Use ReentrancyGuard library to prevent reentrancy vulnerabilities in addBudget(),
Contract Audit
Detailed issues:
## unchecked-transfer
Impact: High
Confidence: Medium
(contracts/Affiliate.sol#L52)
(contracts/Affiliate.sol#L47)
## reentrancy-no-eth
Impact: Medium
Confidence: Medium
Reentrancy in [Affiliate.withdrawProfit(string,uint256)](contracts/Affiliate.sol#L156-L172):
External calls:
- [withdrawERC20Tokens(msg.sender,offers[_offerId].token,_amount)](contracts/Affiliate.sol#L167)
- [tkn.transfer(_wallet,_amount)](contracts/Affiliate.sol#L52)
- [profit[_offerId][msg.sender].balance -= _amount](contracts/Affiliate.sol#L169)
Reentrancy in [Affiliate.addBudget(string,uint256)](contracts/Affiliate.sol#L77-L84):
External calls:
- [getERC20Tokens(offers[_offerId].token,_amount)](contracts/Affiliate.sol#L80)
- [tkn.transferFrom(msg.sender,address(this),_amount)](contracts/Affiliate.sol#L47)
- [offers[_offerId].budget += _amount](contracts/Affiliate.sol#L82)
- [offers[_offerId].balance += _amount](contracts/Affiliate.sol#L83)
Reentrancy in [Affiliate.createOffer(string,address,uint256,uint256)](contracts/Affiliate.sol#L55-L75):
External calls:
- [getERC20Tokens(_token,_amount)](contracts/Affiliate.sol#L71)
- [tkn.transferFrom(msg.sender,address(this),_amount)](contracts/Affiliate.sol#L47)
- [offers[_offerId] = newOffer](contracts/Affiliate.sol#L72)
Reentrancy in [Affiliate.withdrawBudget(string,uint256,address)](contracts/Affiliate.sol#L86-L100):
External calls:
- [withdrawERC20Tokens(_wallet,offers[_offerId].token,_amount)](contracts/Affiliate.sol#L97)
- [tkn.transfer(_wallet,_amount)](contracts/Affiliate.sol#L52)
- [offers[_offerId].withdrawable -= _amount](contracts/Affiliate.sol#L99)
Reentrancy in [Affiliate.withdrawFee(address,address,uint256)](contracts/Affiliate.sol#L120-L126):
External calls:
- [withdrawERC20Tokens(_wallet,_token,_amount)](contracts/Affiliate.sol#L123)
- [tkn.transfer(_wallet,_amount)](contracts/Affiliate.sol#L52)
- [projectFee[_token] -= _amount](contracts/Affiliate.sol#L125)
## tautology
Impact: Medium
Confidence: High
Contract Audit
Detailed issues:
## reentrancy-events
Impact: Low
Confidence: Medium
Reentrancy in [Affiliate.createOffer(string,address,uint256,uint256)](contracts/Affiliate.sol#L55-L75):
External calls:
- [getERC20Tokens(_token,_amount)](contracts/Affiliate.sol#L71)
- [tkn.transferFrom(msg.sender,address(this),_amount)](contracts/Affiliate.sol#L47)
- [CreateOffer(_offerId)](contracts/Affiliate.sol#L74)
Reentrancy in [Affiliate.withdrawProfit(string,uint256)](contracts/Affiliate.sol#L156-L172):
External calls:
- [withdrawERC20Tokens(msg.sender,offers[_offerId].token,_amount)](contracts/Affiliate.sol#L167)
- [tkn.transfer(_wallet,_amount)](contracts/Affiliate.sol#L52)
- [WithdrawProfit(_offerId,msg.sender,_amount)](contracts/Affiliate.sol#L171)
## timestamp
Impact: Low
Confidence: Medium
Dangerous comparisons:
Dangerous comparisons:
## pragma
Impact: Informational
Confidence: High
- [^0.8.0](node_modules/@openzeppelin/contracts/access/Ownable.sol#L4)
- [^0.8.0](node_modules/@openzeppelin/contracts/token/ERC20/IERC20.sol#L4)
- [^0.8.0](node_modules/@openzeppelin/contracts/utils/Context.sol#L4)
- [^0.8.7](contracts/Affiliate.sol#L2)
## solc-version
Impact: Informational
Confidence: High
Detailed issues:
## naming-convention
Impact: Informational
Confidence: High