Deployed Contract:

https://etherscan.io/address/0x160C404B2b49CBC3240055CEaEE026df1e8497A0#code

• Reentrancy 🟢

  No severity issues were found.

• Ownership Takeover 🟢

  No severity issues were found.

• Timestamp Dependence 🟡

  Although there is a signature validation on the mintDutchAuction function, the timestamp of the block can be manipulated by the miner to exploit the vulnerability.

  Line: # 121 - 178

  function mintDutchAuction(uint8 quantity, bytes calldata signature)
    public
    payable
    callerIsUser
  {
    .
    .
    require(
              block.timestamp >= DA_STARTING_TIMESTAMP,
              "DA has not started!"
    );
  

• Dos with (Unexpected) Revert 🟢

  No severity issues were found.

• Contract Interaction 🟢

  No severity issues

• mintWL, mintDutchAuction, teamMint and withdrawFunds should be external functions because they are only called externally.

• transfer() in withdrawFunds function should be avoided.

Overall the contract should be good and there are no critical severity issues were found.