Xland Audit - HackMD

# Xland Audit ## Info - Auditor: mohamed moualim - Commit hash: ... git repository (commit hash) ## Disclaimers ## Issues ### ***Missing Events for Significant Transactions*** ### [Informationnal] **Description** An event should be set for the signifiant transaction to track the call functions. **Files** * `contracts/xland.sol` (function L92,L97,L355,L376) **Recommendation** Put an event for every critical function that make signifiant transaction. ### ***Transfer unchecked***: ### [Medium] **Description** Cheking the result of the function will avoid the possibility of failure for the transaction. **Files** * `contracts/xland.sol` (function withdrawToken() L97:L100) **Recommendation** Ensure that the transfer's return value is checked or use SafeERC20. ### ***Missing address zero verification*** ### [Medium] **Description** if the address verification isn't set, it can result to a zero in the PTOKEN's variable. **Files** * `contracts/xland.sol` (function setPTOKENContract L499:L501) **Recommendations** Put verification of the variable _address before changing PTOKENA's value. ### ***Usage of block.timestamp*** ### [Informational] **Description** Block.timestamp is used in the contract. The variable block is a set of variables. The timestamp does not always reflect the current time and may be inaccurate. The value of a block can be influenced by miners. **Files** * `contracts/xland.sol` (function mint L135:L161 ) **Recommendation** Verify that a delay of 900 seconds will not harm the logic of the contract. ### ***Using external*** ### [Informationnal] **Description** Using the modifier external instead of public can reduce gas fees, but these function Cannot be accessed internally. **Files** * `contracts/xland.sol` (L92,L97,L232,L242) **Recommendation** Use external instead of public on the public function to reduce gas fees, these function Cannot be accessed internally and for this contract the public function are not used internally. ### ***Boolean equality*** ### [Best Practice] **Description** Comparaison between two boolean can be replaced by the boolean directly in the condition. **File(s)** * `contracts/xland.sol` (L186) **Recommendation** Remove the comparaison. You can use : require(! _exists(_ids[i]), "Lands were already minted" ) .