# NFT Market Audit Report ## Scope of the audit - https://github.com/Meta-Force-Space/market/tree/exchange_gate/contracts ## Severity Criteria - Critical: Bugs leading to assets theft, fund access locking, or any other loss of funds. - High: Bugs that break contract core logic. - Medium: Bugs leading to partial failure of the contract minor logic under specific conditions. - Informational: Bugs, suggestions, optimizations that do not have a significant immediate impact. # High ## Lack of receive function ### Description The `createOrder` and`closeOrder` functions in the `market` contract sends eth to the `ExchangeGate` contract, which does not have a receive function. This leads to unexpected function revert. Also, the receive functions for tokens used in contracts are currently commented out. This is incorrect, since the `ExchangeGate` contract receives tokens from the `market` contract ### Recommendation - Add a receive function to the `ExchangeGate` contract. - Uncomment token receiving functions. ## DOS due to Commission Send ### Description The `ExchangeGate` contract contains a `_transferCommission` function that distributes funds to `_commissionAddrs`. However, if any of these recipients have a fallback function that rejects incoming funds, the entire transaction will be cancelled. This poses a significant risk because it can be used to create DOS: ```solidity function _transferCommission( address to, Tokens memory tokens, uint256[] memory orderCommission, address from ) internal returns (uint256) { // ... if (tokens.tokenAddress == address(0)) { for (uint256 i = 0; i < commission.length; i++) { // ... (bool sentComm, ) = _commissionAddrs[i].call{value: comm}(""); require(sentComm, "Failed to send commission"); // <-- If the commission receiver's fallback function rejects, the transaction will always be reverted. } (bool sent, ) = to.call{value: sum}(""); require(sent, "Failed to send sum"); } else { // ... } return sum; } ``` ### Recommendation It is recommended to either: 1. Completely remove the check for a successful transaction, placing the responsibility on the commission recipient to ensure the ability to receive funds at their address. 2.Consider implementing a separate mechanism for receiving commissions, where recipients actively claim their commissions instead of having funds sent to them directly. # Informational ## Incorrect logic when orderType is incorrect ### Description The `cancelOrder` and `closeOrder` functions of `market` contract involve processing two order types - `OrderType.Sell` and `OrderType.Buy`. But these functions do not take into account the transmission of incorrect order type. This leads to any incorrect order type being processed as `OrderType.Buy`: ```solidity function cancelOrder(OrderType orderType, uint256 order_id) public { if (orderType == OrderType.Sell) { // ... } else { // <-- Processing any incorrect orderType // ... } emit OrderCancelled(orderType, order_id); } ``` ### Recommendation Add a simple orderType check, like in the `createOrder` function. ## Unused constant variable ### Description The `market` contract has a constant variable `FRACTION` which is never used. Moreover, this contract imports `ExchangeGate.sol` in which the same variable is defined. ### Recommendation It is recommended to remove the unused variable.