From d5e88d5a62c39f9f875585da78251f25e0fc8a8f Mon Sep 17 00:00:00 2001 From: Gas One Cent <86567384+gas1cent@users.noreply.github.com> Date: Tue, 12 Nov 2024 19:39:20 +0400 Subject: [PATCH] feat: remove Aderyn report --- report.md | 918 ------------------------------------------------------ 1 file changed, 918 deletions(-) delete mode 100644 report.md diff --git a/report.md b/report.md deleted file mode 100644 index 2d1b983..0000000 --- a/report.md +++ /dev/null @@ -1,918 +0,0 @@ -# Aderyn Analysis Report - -This report was generated by [Aderyn](https://github.com/Cyfrin/aderyn), a static analysis tool built by [Cyfrin](https://cyfrin.io), a blockchain security company. This report is not a substitute for manual audit or security review. It should not be relied upon for any purpose other than to assist in the identification of potential security vulnerabilities. -# Table of Contents - -- [Summary](#summary) - - [Files Summary](#files-summary) - - [Files Details](#files-details) - - [Issue Summary](#issue-summary) -- [Low Issues](#low-issues) - - [L-1: Unsafe ERC20 Operations should not be used](#l-1-unsafe-erc20-operations-should-not-be-used) - - [L-2: Solidity pragma should be specific, not wide](#l-2-solidity-pragma-should-be-specific-not-wide) - - [L-3: PUSH0 is not supported by all chains](#l-3-push0-is-not-supported-by-all-chains) -- [NC Issues](#nc-issues) - - [NC-1: Missing checks for `address(0)` when assigning values to address state variables](#nc-1-missing-checks-for-address0-when-assigning-values-to-address-state-variables) - - [NC-2: Functions not used internally could be marked external](#nc-2-functions-not-used-internally-could-be-marked-external) - - [NC-3: Constants should be defined and used instead of literals](#nc-3-constants-should-be-defined-and-used-instead-of-literals) - - [NC-4: Event is missing `indexed` fields](#nc-4-event-is-missing-indexed-fields) - - -# Summary - -## Files Summary - -| Key | Value | -| --- | --- | -| .sol Files | 44 | -| Total nSLOC | 9385 | - - -## Files Details - -| Filepath | nSLOC | -| --- | --- | -| solidity/contracts/extensions/AccountingExtension.sol | 109 | -| solidity/contracts/extensions/BondEscalationAccounting.sol | 103 | -| solidity/contracts/modules/dispute/BondEscalationModule.sol | 256 | -| solidity/contracts/modules/dispute/BondedDisputeModule.sol | 95 | -| solidity/contracts/modules/dispute/CircuitResolverModule.sol | 76 | -| solidity/contracts/modules/dispute/RootVerificationModule.sol | 76 | -| solidity/contracts/modules/finality/CallbackModule.sol | 32 | -| solidity/contracts/modules/finality/MultipleCallbacksModule.sol | 50 | -| solidity/contracts/modules/request/ContractCallRequestModule.sol | 56 | -| solidity/contracts/modules/request/HttpRequestModule.sol | 56 | -| solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol | 57 | -| solidity/contracts/modules/resolution/ArbitratorModule.sol | 53 | -| solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol | 259 | -| solidity/contracts/modules/resolution/ERC20ResolutionModule.sol | 96 | -| solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol | 125 | -| solidity/contracts/modules/response/BondedResponseModule.sol | 93 | -| solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol | 29 | -| solidity/interfaces/IArbitrator.sol | 10 | -| solidity/interfaces/ITreeVerifier.sol | 7 | -| solidity/interfaces/extensions/IAccountingExtension.sol | 28 | -| solidity/interfaces/extensions/IBondEscalationAccounting.sol | 56 | -| solidity/interfaces/modules/dispute/IBondEscalationModule.sol | 70 | -| solidity/interfaces/modules/dispute/IBondedDisputeModule.sol | 25 | -| solidity/interfaces/modules/dispute/ICircuitResolverModule.sol | 28 | -| solidity/interfaces/modules/dispute/IRootVerificationModule.sol | 29 | -| solidity/interfaces/modules/finality/ICallbackModule.sol | 17 | -| solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol | 17 | -| solidity/interfaces/modules/request/IContractCallRequestModule.sol | 23 | -| solidity/interfaces/modules/request/IHttpRequestModule.sol | 27 | -| solidity/interfaces/modules/request/ISparseMerkleTreeRequestModule.sol | 24 | -| solidity/interfaces/modules/resolution/IArbitratorModule.sol | 31 | -| solidity/interfaces/modules/resolution/IBondEscalationResolutionModule.sol | 83 | -| solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol | 49 | -| solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol | 65 | -| solidity/interfaces/modules/response/IBondedResponseModule.sol | 29 | -| solidity/scripts/Deploy.sol | 77 | -| solidity/test/integration/IntegrationBase.sol | 171 | -| solidity/test/mocks/MockArbitrator.sol | 21 | -| solidity/test/mocks/MockAtomicArbitrator.sol | 25 | -| solidity/test/mocks/MockCallback.sol | 8 | -| solidity/test/mocks/MockVerifier.sol | 11 | -| solidity/test/utils/Helpers.sol | 43 | -| solidity/test/utils/TestConstants.sol | 7 | -| solidity/test/utils/external/IWETH9.sol | 6 | -| **Total** | **9385** | - - -## Issue Summary - -| Category | No. of Issues | -| --- | --- | -| Critical | 0 | -| High | 0 | -| Medium | 0 | -| Low | 3 | -| NC | 4 | - - -# Low Issues - -## L-1: Unsafe ERC20 Operations should not be used - -ERC20 functions may not behave as expected. For example: return values are not always meaningful. It is recommended to use OpenZeppelin's SafeERC20 library. - -- Found in solidity/test/integration/IntegrationBase.sol [Line: 246](solidity/test/integration/IntegrationBase.sol#L246) - - ```solidity - _token.approve(address(_accounting), _amount); - ``` - - - -## L-2: Solidity pragma should be specific, not wide - -Consider using a specific version of Solidity in your contracts instead of a wide version. For example, instead of `pragma solidity ^0.8.0;`, use `pragma solidity 0.8.0;` - -- Found in solidity/contracts/extensions/AccountingExtension.sol [Line: 2](solidity/contracts/extensions/AccountingExtension.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/extensions/BondEscalationAccounting.sol [Line: 2](solidity/contracts/extensions/BondEscalationAccounting.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 2](solidity/contracts/modules/dispute/BondEscalationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/BondedDisputeModule.sol [Line: 2](solidity/contracts/modules/dispute/BondedDisputeModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/CircuitResolverModule.sol [Line: 2](solidity/contracts/modules/dispute/CircuitResolverModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/RootVerificationModule.sol [Line: 2](solidity/contracts/modules/dispute/RootVerificationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/finality/CallbackModule.sol [Line: 2](solidity/contracts/modules/finality/CallbackModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/finality/MultipleCallbacksModule.sol [Line: 2](solidity/contracts/modules/finality/MultipleCallbacksModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/request/ContractCallRequestModule.sol [Line: 2](solidity/contracts/modules/request/ContractCallRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/request/HttpRequestModule.sol [Line: 2](solidity/contracts/modules/request/HttpRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol [Line: 2](solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/ArbitratorModule.sol [Line: 2](solidity/contracts/modules/resolution/ArbitratorModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol [Line: 2](solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/ERC20ResolutionModule.sol [Line: 2](solidity/contracts/modules/resolution/ERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol [Line: 2](solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/response/BondedResponseModule.sol [Line: 2](solidity/contracts/modules/response/BondedResponseModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol [Line: 2](solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/IArbitrator.sol [Line: 2](solidity/interfaces/IArbitrator.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/ITreeVerifier.sol [Line: 2](solidity/interfaces/ITreeVerifier.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/extensions/IAccountingExtension.sol [Line: 2](solidity/interfaces/extensions/IAccountingExtension.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/extensions/IBondEscalationAccounting.sol [Line: 2](solidity/interfaces/extensions/IBondEscalationAccounting.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/IBondEscalationModule.sol [Line: 2](solidity/interfaces/modules/dispute/IBondEscalationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/IBondedDisputeModule.sol [Line: 2](solidity/interfaces/modules/dispute/IBondedDisputeModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/ICircuitResolverModule.sol [Line: 2](solidity/interfaces/modules/dispute/ICircuitResolverModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/IRootVerificationModule.sol [Line: 2](solidity/interfaces/modules/dispute/IRootVerificationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/finality/ICallbackModule.sol [Line: 2](solidity/interfaces/modules/finality/ICallbackModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol [Line: 2](solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/request/IContractCallRequestModule.sol [Line: 2](solidity/interfaces/modules/request/IContractCallRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/request/IHttpRequestModule.sol [Line: 2](solidity/interfaces/modules/request/IHttpRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/request/ISparseMerkleTreeRequestModule.sol [Line: 2](solidity/interfaces/modules/request/ISparseMerkleTreeRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IArbitratorModule.sol [Line: 2](solidity/interfaces/modules/resolution/IArbitratorModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IBondEscalationResolutionModule.sol [Line: 2](solidity/interfaces/modules/resolution/IBondEscalationResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol [Line: 2](solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol [Line: 2](solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/response/IBondedResponseModule.sol [Line: 2](solidity/interfaces/modules/response/IBondedResponseModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/scripts/Deploy.sol [Line: 2](solidity/scripts/Deploy.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/integration/IntegrationBase.sol [Line: 2](solidity/test/integration/IntegrationBase.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockArbitrator.sol [Line: 2](solidity/test/mocks/MockArbitrator.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockAtomicArbitrator.sol [Line: 2](solidity/test/mocks/MockAtomicArbitrator.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockCallback.sol [Line: 2](solidity/test/mocks/MockCallback.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockVerifier.sol [Line: 2](solidity/test/mocks/MockVerifier.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/utils/Helpers.sol [Line: 2](solidity/test/utils/Helpers.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/utils/TestConstants.sol [Line: 2](solidity/test/utils/TestConstants.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/utils/external/IWETH9.sol [Line: 2](solidity/test/utils/external/IWETH9.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - - - -## L-3: PUSH0 is not supported by all chains - -Solc compiler version 0.8.20 switches the default target EVM version to Shanghai, which means that the generated bytecode will include PUSH0 opcodes. Be sure to select the appropriate EVM version in case you intend to deploy on a chain other than mainnet like L2 chains that may not support PUSH0, otherwise deployment of your contracts will fail. - -- Found in solidity/contracts/extensions/AccountingExtension.sol [Line: 2](solidity/contracts/extensions/AccountingExtension.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/extensions/BondEscalationAccounting.sol [Line: 2](solidity/contracts/extensions/BondEscalationAccounting.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 2](solidity/contracts/modules/dispute/BondEscalationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/BondedDisputeModule.sol [Line: 2](solidity/contracts/modules/dispute/BondedDisputeModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/CircuitResolverModule.sol [Line: 2](solidity/contracts/modules/dispute/CircuitResolverModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/dispute/RootVerificationModule.sol [Line: 2](solidity/contracts/modules/dispute/RootVerificationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/finality/CallbackModule.sol [Line: 2](solidity/contracts/modules/finality/CallbackModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/finality/MultipleCallbacksModule.sol [Line: 2](solidity/contracts/modules/finality/MultipleCallbacksModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/request/ContractCallRequestModule.sol [Line: 2](solidity/contracts/modules/request/ContractCallRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/request/HttpRequestModule.sol [Line: 2](solidity/contracts/modules/request/HttpRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol [Line: 2](solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/ArbitratorModule.sol [Line: 2](solidity/contracts/modules/resolution/ArbitratorModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol [Line: 2](solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/ERC20ResolutionModule.sol [Line: 2](solidity/contracts/modules/resolution/ERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol [Line: 2](solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/modules/response/BondedResponseModule.sol [Line: 2](solidity/contracts/modules/response/BondedResponseModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol [Line: 2](solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/IArbitrator.sol [Line: 2](solidity/interfaces/IArbitrator.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/ITreeVerifier.sol [Line: 2](solidity/interfaces/ITreeVerifier.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/extensions/IAccountingExtension.sol [Line: 2](solidity/interfaces/extensions/IAccountingExtension.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/extensions/IBondEscalationAccounting.sol [Line: 2](solidity/interfaces/extensions/IBondEscalationAccounting.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/IBondEscalationModule.sol [Line: 2](solidity/interfaces/modules/dispute/IBondEscalationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/IBondedDisputeModule.sol [Line: 2](solidity/interfaces/modules/dispute/IBondedDisputeModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/ICircuitResolverModule.sol [Line: 2](solidity/interfaces/modules/dispute/ICircuitResolverModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/dispute/IRootVerificationModule.sol [Line: 2](solidity/interfaces/modules/dispute/IRootVerificationModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/finality/ICallbackModule.sol [Line: 2](solidity/interfaces/modules/finality/ICallbackModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol [Line: 2](solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/request/IContractCallRequestModule.sol [Line: 2](solidity/interfaces/modules/request/IContractCallRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/request/IHttpRequestModule.sol [Line: 2](solidity/interfaces/modules/request/IHttpRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/request/ISparseMerkleTreeRequestModule.sol [Line: 2](solidity/interfaces/modules/request/ISparseMerkleTreeRequestModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IArbitratorModule.sol [Line: 2](solidity/interfaces/modules/resolution/IArbitratorModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IBondEscalationResolutionModule.sol [Line: 2](solidity/interfaces/modules/resolution/IBondEscalationResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol [Line: 2](solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol [Line: 2](solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/interfaces/modules/response/IBondedResponseModule.sol [Line: 2](solidity/interfaces/modules/response/IBondedResponseModule.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/scripts/Deploy.sol [Line: 2](solidity/scripts/Deploy.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/integration/IntegrationBase.sol [Line: 2](solidity/test/integration/IntegrationBase.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockArbitrator.sol [Line: 2](solidity/test/mocks/MockArbitrator.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockAtomicArbitrator.sol [Line: 2](solidity/test/mocks/MockAtomicArbitrator.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockCallback.sol [Line: 2](solidity/test/mocks/MockCallback.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/mocks/MockVerifier.sol [Line: 2](solidity/test/mocks/MockVerifier.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/utils/Helpers.sol [Line: 2](solidity/test/utils/Helpers.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/utils/TestConstants.sol [Line: 2](solidity/test/utils/TestConstants.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - -- Found in solidity/test/utils/external/IWETH9.sol [Line: 2](solidity/test/utils/external/IWETH9.sol#L2) - - ```solidity - pragma solidity ^0.8.19; - ``` - - - -# NC Issues - -## NC-1: Missing checks for `address(0)` when assigning values to address state variables - -Assigning values to address state variables without checking for `address(0)`. - -- Found in solidity/test/mocks/MockAtomicArbitrator.sol [Line: 12](solidity/test/mocks/MockAtomicArbitrator.sol#L12) - - ```solidity - oracle = _oracle; - ``` - - - -## NC-2: Functions not used internally could be marked external - - - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 335](solidity/contracts/modules/dispute/BondEscalationModule.sol#L335) - - ```solidity - function getEscalation(bytes32 _requestId) public view returns (BondEscalation memory _escalation) { - ``` - -- Found in solidity/contracts/modules/finality/CallbackModule.sol [Line: 14](solidity/contracts/modules/finality/CallbackModule.sol#L14) - - ```solidity - function moduleName() public pure returns (string memory _moduleName) { - ``` - -- Found in solidity/contracts/modules/finality/MultipleCallbacksModule.sol [Line: 19](solidity/contracts/modules/finality/MultipleCallbacksModule.sol#L19) - - ```solidity - function moduleName() public pure returns (string memory _moduleName) { - ``` - -- Found in solidity/contracts/modules/request/ContractCallRequestModule.sol [Line: 14](solidity/contracts/modules/request/ContractCallRequestModule.sol#L14) - - ```solidity - function moduleName() public pure returns (string memory _moduleName) { - ``` - -- Found in solidity/contracts/modules/request/HttpRequestModule.sol [Line: 14](solidity/contracts/modules/request/HttpRequestModule.sol#L14) - - ```solidity - function moduleName() public pure returns (string memory _moduleName) { - ``` - -- Found in solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol [Line: 14](solidity/contracts/modules/request/SparseMerkleTreeRequestModule.sol#L14) - - ```solidity - function moduleName() public pure returns (string memory _moduleName) { - ``` - -- Found in solidity/contracts/modules/resolution/ERC20ResolutionModule.sol [Line: 54](solidity/contracts/modules/resolution/ERC20ResolutionModule.sol#L54) - - ```solidity - function castVote( - ``` - -- Found in solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol [Line: 54](solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol#L54) - - ```solidity - function commitVote(IOracle.Request calldata _request, IOracle.Dispute calldata _dispute, bytes32 _commitment) public { - ``` - -- Found in solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol [Line: 75](solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol#L75) - - ```solidity - function revealVote( - ``` - -- Found in solidity/contracts/modules/response/BondedResponseModule.sol [Line: 13](solidity/contracts/modules/response/BondedResponseModule.sol#L13) - - ```solidity - function moduleName() public pure returns (string memory _moduleName) { - ``` - -- Found in solidity/scripts/Deploy.sol [Line: 63](solidity/scripts/Deploy.sol#L63) - - ```solidity - function run() public { - ``` - -- Found in solidity/test/integration/IntegrationBase.sol [Line: 80](solidity/test/integration/IntegrationBase.sol#L80) - - ```solidity - function setUp() public virtual { - ``` - - - -## NC-3: Constants should be defined and used instead of literals - - - -- Found in solidity/contracts/extensions/BondEscalationAccounting.sol [Line: 87](solidity/contracts/extensions/BondEscalationAccounting.sol#L87) - - ```solidity - _numberOfPledges = 1; - ``` - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 217](solidity/contracts/modules/dispute/BondEscalationModule.sol#L217) - - ```solidity - _escalations[_dispute.requestId].amountOfPledgesForDispute += 1; - ``` - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 218](solidity/contracts/modules/dispute/BondEscalationModule.sol#L218) - - ```solidity - pledgesForDispute[_dispute.requestId][msg.sender] += 1; - ``` - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 235](solidity/contracts/modules/dispute/BondEscalationModule.sol#L235) - - ```solidity - _escalations[_dispute.requestId].amountOfPledgesAgainstDispute += 1; - ``` - -- Found in solidity/contracts/modules/dispute/BondEscalationModule.sol [Line: 236](solidity/contracts/modules/dispute/BondEscalationModule.sol#L236) - - ```solidity - pledgesAgainstDispute[_dispute.requestId][msg.sender] += 1; - ``` - -- Found in solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol [Line: 283](solidity/contracts/modules/resolution/BondEscalationResolutionModule.sol#L283) - - ```solidity - int256 _scaledPercentageDiffAsInt = int256(_percentageDiff * BASE / 100); - ``` - -- Found in solidity/contracts/modules/resolution/ERC20ResolutionModule.sol [Line: 100](solidity/contracts/modules/resolution/ERC20ResolutionModule.sol#L100) - - ```solidity - uint256 _quorumReached = _escalation.totalVotes >= _params.minVotesForQuorum ? 1 : 0; - ``` - -- Found in solidity/contracts/modules/resolution/ERC20ResolutionModule.sol [Line: 103](solidity/contracts/modules/resolution/ERC20ResolutionModule.sol#L103) - - ```solidity - if (_quorumReached == 1) { - ``` - -- Found in solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol [Line: 133](solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol#L133) - - ```solidity - uint256 _quorumReached = _escalation.totalVotes >= _params.minVotesForQuorum ? 1 : 0; - ``` - -- Found in solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol [Line: 137](solidity/contracts/modules/resolution/PrivateERC20ResolutionModule.sol#L137) - - ```solidity - if (_quorumReached == 1) { - ``` - -- Found in solidity/contracts/modules/response/BondedResponseModule.sol [Line: 38](solidity/contracts/modules/response/BondedResponseModule.sol#L38) - - ```solidity - bytes32 _disputeId = ORACLE.disputeOf(_responseIds[_responsesLength - 1]); - ``` - -- Found in solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol [Line: 28](solidity/contracts/periphery/SparseMerkleTreeL32Verifier.sol#L28) - - ```solidity - (_treeBranches, _treeCount) = abi.decode(_treeData, (bytes32[32], uint256)); - ``` - -- Found in solidity/test/integration/IntegrationBase.sol [Line: 179](solidity/test/integration/IntegrationBase.sol#L179) - - ```solidity - _mineBlocks(1); - ``` - -- Found in solidity/test/utils/Helpers.sol [Line: 91](solidity/test/utils/Helpers.sol#L91) - - ```solidity - vm.etch(_contract, hex'69'); - ``` - - - -## NC-4: Event is missing `indexed` fields - -Index event fields make the field more quickly accessible to off-chain tools that parse events. However, note that each index field costs extra gas during emission, so it's not necessarily best to index the maximum allowed per event (three fields). Each event should use three indexed fields if there are three or more fields, and gas usage is not particularly of concern for the events in question. If there are fewer than three fields, all of the fields should be indexed. - -- Found in solidity/interfaces/extensions/IAccountingExtension.sol [Line: 23](solidity/interfaces/extensions/IAccountingExtension.sol#L23) - - ```solidity - event Deposited(address indexed _depositor, IERC20 indexed _token, uint256 _amount); - ``` - -- Found in solidity/interfaces/extensions/IAccountingExtension.sol [Line: 31](solidity/interfaces/extensions/IAccountingExtension.sol#L31) - - ```solidity - event Withdrew(address indexed _withdrawer, IERC20 indexed _token, uint256 _amount); - ``` - -- Found in solidity/interfaces/extensions/IBondEscalationAccounting.sol [Line: 56](solidity/interfaces/extensions/IBondEscalationAccounting.sol#L56) - - ```solidity - event BondEscalationSettled( - ``` - -- Found in solidity/interfaces/modules/dispute/IBondEscalationModule.sol [Line: 45](solidity/interfaces/modules/dispute/IBondEscalationModule.sol#L45) - - ```solidity - event BondEscalationStatusUpdated( - ``` - -- Found in solidity/interfaces/modules/finality/ICallbackModule.sol [Line: 24](solidity/interfaces/modules/finality/ICallbackModule.sol#L24) - - ```solidity - event Callback(bytes32 indexed _requestId, address indexed _target, bytes _data); - ``` - -- Found in solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol [Line: 24](solidity/interfaces/modules/finality/IMultipleCallbacksModule.sol#L24) - - ```solidity - event Callback(bytes32 indexed _requestId, address indexed _target, bytes _data); - ``` - -- Found in solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol [Line: 30](solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol#L30) - - ```solidity - event VoteCast(address _voter, bytes32 _disputeId, uint256 _numberOfVotes); - ``` - -- Found in solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol [Line: 37](solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol#L37) - - ```solidity - event VotingPhaseStarted(uint256 _startTime, bytes32 _disputeId); - ``` - -- Found in solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol [Line: 42](solidity/interfaces/modules/resolution/IERC20ResolutionModule.sol#L42) - - ```solidity - event VoteClaimed(address _voter, bytes32 _disputeId, uint256 _amount); - ``` - -- Found in solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol [Line: 26](solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol#L26) - - ```solidity - event VoteCommitted(address _voter, bytes32 _disputeId, bytes32 _commitment); - ``` - -- Found in solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol [Line: 35](solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol#L35) - - ```solidity - event VoteRevealed(address _voter, bytes32 _disputeId, uint256 _numberOfVotes); - ``` - -- Found in solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol [Line: 42](solidity/interfaces/modules/resolution/IPrivateERC20ResolutionModule.sol#L42) - - ```solidity - event CommittingPhaseStarted(uint256 _startTime, bytes32 _disputeId); - ``` - -- Found in solidity/interfaces/modules/response/IBondedResponseModule.sol [Line: 26](solidity/interfaces/modules/response/IBondedResponseModule.sol#L26) - - ```solidity - event ResponseProposed(bytes32 indexed _requestId, IOracle.Response _response, uint256 indexed _blockNumber); - ``` - -- Found in solidity/test/utils/Helpers.sol [Line: 23](solidity/test/utils/Helpers.sol#L23) - - ```solidity - event RequestFinalized(bytes32 indexed _requestId, IOracle.Response _response, address _finalizer); - ``` - - -