Skip to main content

NEAR Checklist

Release: Version 2.0

#ItemDescription
1As-of-yet Near blockchain unknown classes of vulnerabilitiesChecking for any other as-of-yet unknown classes of vulnerabilities arising from the structure of the Near blockchain.
2Near contract standards violationFT or NFT smart contracts meet to Near standards
3Missing Initializer AttributeInit function marked with init attribute does not exist or init attribute is missing on initializer function
4Missing "private" macro in cross-contract callbackUsually when a contract has to have a callback for a remote cross-contract call this callback method should only be called by the contract itself. It's to avoid someone else calling it and messing the state.
5Missing "paybable" macro on payable functionsWe can allow methods to accept token transfer together with the function call. This is done so that contracts can define a fee in tokens that needs to be payed when they are used. By the default the methods are not payable and they will panic if someone will attempt to transfer tokens to them during the invocation.
6Collection type is suitable for structure typeCheck if a suitable collection is used for declared structure and contract logic.
7Near-Sdk is up to dateCheck is near-sdk is up to date