Adding a step prior to doing the generinc line-by-line review

[0xStalin-eth]

I've found out that reviewing the contracts based on their functionalities has helped me a lot rather than going directly to the line-by-line review.

What do I mean?

• After taking a glance at the contract's code and reading the documentation, the auditor has (or should) already identified some of the main functionalities of the contracts, such as, depositing, staking, withdrawing, borrowing, liquidating, you name it, now, the idea is to analyze how each of these functions is implemented, most of the times the functions have dependencies and interact with functions of different contracts, this approach will help a lot to confirm and or discard the current mental models about the system, plus it is quite less tedious and more digestive to understand functionalities than trying to connect the dots by reading code that is not necessary relevant to what you've just read (when reading line-by-line).