# Tamago contract code review Contract: https://github.com/tamago-finance/tamago-finance/blob/main/contracts/NFTLuckBoxUpgradeable.sol ## 1. Unused variable Severity: Low Description: Unused variable `uint256 test = 1;`(L425) Recommendation: Remove unused variable ## 2. No check for deposit of ERC721 and ERC1155 Severity: Low Description: Anyone can call `depositERC721` and `depositERC1155` Recommendation: Add check for `who` can deposit to which `event` and `project` ## 3. No check for function `finalizeEvent` Severity: High Description: Anyone can call `finalizeEvent` Recommendation: Should have some check for previliged functions Status: Fixed in commit https://github.com/tamago-finance/tamago-finance/pull/120/commits/4db1f57f00f50de526cb85907fb142a8bc2764e9 ## 4. Use `external` for external functions to save gas Severity: Low Description: Some functions are only call by external parties, better use `external` instead of `public` to save gas Recommendation: Use `external` for external functions
Last changed by  
Harry
126

Read more

CKB Provider JavaScript API

摘要 这个 RFC 定义了 CKB Provider JavaScript API,让不同的应用使用同样的 API 通过 Provider 与 CKB 节点进行交互。 名词解释 Wallet 用来管理用户的公钥和私钥,为交易签名。 Provider Provider 可以看做是一组 API,用来方便应用与区块链进行交互。一方面可以代替应用向 CKB 节点发送 RPC 请求,就好像互联网服务提供商(Provider)一样,为应用提供了访问互联网的能力,而区块链的 Provider 为应用提供了访问区块链的能力。另一方面,除了访问区块链,Provider 本身还可以提供额外的功能,比如返回用户的钱包地址、签名等。通常 Provider 会内置在 Wallet 中,也可以是一个单独的库。

11/3/2020
Read more from Harry
Published on HackMD