A community of activists, artists, entrepreneurs, and scholars committed to using mechanism design to inspire radical social change.
Scope
Contest Results
On what chains are the smart contracts going to be deployed?
Optimism, EVM-Compatible Chains
Which ERC20 tokens do you expect will interact with the smart contracts?
ETHx (Superfluid Super ETH) within the auction & beneficiary distribution
Which ERC721 tokens do you expect will interact with the smart contracts?
Any (via the wrapping functionality); A "PCOArt-modified" ERC721 token is created in minting and ownership (Stewardship) is controlled by the auction/PCO logic.
Do you plan to support ERC1155?
Any (via the wrapping functionality)--becomes a PCOArt-modified ERC721
Which ERC777 tokens do you expect will interact with the smart contracts?
None
Are there any FEE-ON-TRANSFER tokens interacting with the smart contracts?
No
Are there any REBASING tokens interacting with the smart contracts?
No
Are the admins of the protocols your contracts integrate with (if any) TRUSTED or RESTRICTED?
RESTRICTED
Is the admin/owner of the protocol/contracts TRUSTED or RESTRICTED?
TRUSTED - The collection owner (owner
in OwnableDiamond
) can swap out Diamond facet contracts resulting in changes to or entirely circumventing the core PCO functionality and flow of funds.
Are there any additional protocol roles? If yes, please explain in detail:
https://pco-art-docs.vercel.app/for-artists/admin-permissions
Is the code/contract expected to comply with any EIPs? Are there specific assumptions around adhering to those EIPs that Watsons should be aware of?
ERC-2535. N/A EIPs
Please list any known issues/acceptable risks that should not result in a valid finding.
ERC721/1155 tokens with alternative methods for changing the token owner aren't suitable for wrapping into PCOArt NFTs. If the artist chooses to maintain or grant the owner
role of the collection's OwnableDimond
, this address becomes TRUSTED and maintains broad abilities to alter the core functionality of the PCOArt collection.
Please provide links to previous audits (if any).
N/A
Are there any off-chain mechanisms or off-chain procedures for the protocol (keeper bots, input validation expectations, etc)?
No
In case of external protocol integrations, are the risks of external contracts pausing or executing an emergency withdrawal acceptable? If not, Watsons will submit issues related to these situations that can harm your protocol's functionality.
No
Do you expect to use any of the following tokens with non-standard behaviour with the smart contracts?
No
Add links to relevant protocol resources
Total Rewards
Contest Pool
Lead Senior Watson
Judging Pool
Lead Judge
12,000 USDC
3,000 USDC
400 USDC
600 USDC
Status
Scope
Start Time
End Time
Finished
592 nSLOC
Mar 19, 2024, 3:00 PM
Mar 22, 2024, 3:00 PM