In this report, we considered the security of four pull requests for smart contracts of Sovryn
project without reviewing the project itself. We performed our audit according to the procedure described in the full version of the report
The initial audit of 4 pull requests showed a vulnerability (critical issue) and a few code style issues.
In the latest pull requests, the vulnerability and two code style issues were fixed.
However, the project includes contracts of enormous size, up to a point where it causes out of gas and stack too deep issues. This affects how new changes are implemented, complicates development, and creates a long-term risk for the project. General Recommendations:
We recommend refactoring the code. All large smart contracts should be split into smaller parts, their logic should be simple and transparent. We also recommend using linters and static code analyzers