Canvas that is not one can have reserveAuction flag#

Only canvases that are 1/1 can be put on reserve auction. However, in Create.sol there is a createCanvas function that receives a Schema.Canvas struct. This struct is then saved to storage as a new canvas. Therefore, someone can create a canvas with isOne marked false and reserveAuction marked true. This canvas will be unusable, because you can't make a bid on it (it reverts because it is not 1/1), and you can't buy it either.*

There is also another way to achieve such setup. In updateCanvas function, when changing reserveAuction property, it is checked if isOne is false. In that case it does not allow change of reserveAuction to true. But the opposite scenario is never considered. Canvas can have reserveAuction previously marked true, and then change isOne to false in the next update.

Recommendation#

Add a check in createCanvas if reserveAuction is true and isOne is false and revert. You can add this line for example: if(canvas.reserveAuction && !canvas.isOne) revert InvalidSetup();.

In updateCanvas you can check if reserveAuction is true where updating isOne property to false and revert like in the example bellow. It would be even better to place all revert cases at the top of the function. That way more gas would be returned when reverting.

157
158
159
160

if (canvas.isOne != update.isOne) {
    if(!update.isOne && canvas.reserveAuction) revert InvalidSetup();
    canvas.isOne = update.isOne;
}

*You actually can buy such canvas through metaMint, because of an issue that is described in ReserveAuction can be bypassed