Description
Hi, we are a research group on programming languages and software engineering. We recently conducted a systematic study on the causes, effects, and fixes of the inconsistent state update vulnerability in solidity. We are attempting to build a tool to detect bugs about state updates based on our findings. We have tried our prototype tool on some popular Github solidity repositories, and for your repository, we found that there are status updates that may have been missed.
When we declare a state variable in a contract, if the variable is not reassigned throughout the project, then it may be a missing status update, including the balance, order number, counter, contract status flag, and so on.
For your repository, we found the following state variable that may need attention:
TokenERC1155.sol
State variable: saleRecipientForToken
mapping(uint256 => address) public saleRecipientForToken;Do you find our results useful? Your reply and invaluable suggestions would be greatly appreciated, and are vital for improving our tool. Thanks a lot for your time!