Updated as of block 16997094 at 4/7/2023, 10:06:35 AM ET
- ID: 195
- Proposer: 0x683a4F9915D6216f73d6Df50151725036bD26C02
- Start Block: 16970695 (4/3/2023, 3:55:11 PM ET)
- End Block: 16989895 (4/6/2023, 9:35:47 AM ET)
- Targets: 0x23A875eDe3F1030138701683e42E9b16A7F87768; 0x23A875eDe3F1030138701683e42E9b16A7F87768
- Executor: 0xEE56e2B3D491590B5b31738cC34d5232F378a8D5 (Short executor)
- Simulation: https://dashboard.tenderly.co/me/simulator/d954e7ac-6025-4c59-970c-3936bfa02634
Proposal text
A proposal to make parameter changes on Aave V2 AMM market.
These parameter updates aim to balance risk in the Aave V2 AMM market.
Given the low liquidity levels of G-UNI DAI/USDC and G-UNI USDC/USDT, we recommend freezing these assets out of an abundance of caution. We note that this pool is not particularly active or highly utilized.
This is a joint recommendation from Gauntlet, BGD Labs, Chaos Labs, and Aave Companies.
- Freeze G-UNI DAI/USDC
- Freeze G-UNI USDC/USDT
This proposal uses the freezeReserve method on the AMM Pool Configurator to freeze the two specified reserves.
Copyright and related rights waived via CC0.
By approving this proposal, you agree that any services provided by Gauntlet shall be governed by the terms of service available at gauntlet.network/tos. This message is for informational purposes only and does not constitute an offer to sell, a solicitation to buy, or a recommendation for any security, nor does it constitute an offer to provide investment advisory or other services by Gauntlet Networks Inc. No reference to any specific security constitutes a recommendation to buy, sell or hold that security or any other security. Nothing in this report shall be considered a solicitation or offer to buy or sell any security, future, option or other financial instrument or to offer or provide any investment advice or service to any person in any jurisdiction. Nothing contained in this report constitutes investment advice or offers any opinion with respect to the suitability of any security, and the views expressed in this report should not be taken as advice to buy, sell or hold any security. The information in this report should not be relied upon for the purpose of investing. In preparing the information contained in this report, we have not taken into account the investment needs, objectives and financial circumstances of any particular investor. This information has no regard to the specific investment objectives, financial situation and particular needs of any specific recipient of this information and investments discussed may not be suitable for all investors. Any views expressed in this report by us were prepared based upon the information available to us at the time such views were written. Changed or additional information could cause such views to change. All information is subject to possible correction. Information may quickly become unreliable for various reasons, including changes in market conditions or economic circumstances. The recommendations are provided as-is and without any guarantees or warranties. Gauntlet, BGD Labs, Chaos Labs, and Aave Companies do not assume any liability for the use of the recommendations or for any consequences that may arise from their implementation.
Info:
- State changes:
# KeeperRegistry at `0x02777053d6764996e594c3E88AF1D58D5363a2e6`
@@ Slot `0x0501829a2098dcd24ef0e30c5f88882a2714e55fb810652c8592bc4a0915fbaf` @@
- "0x0000001e11aa84bfc3215e659efa0a617c0552f1558c95993aa8b8a68b3e709c"
+ "0x0000001e424a799256f39c449efa0a617c0552f1558c95993aa8b8a68b3e709c"
@@ `s_upkeep` key `"95299183306293242919258731417449887125989356901836642522229237728515662948291"`.balance @@
- 35151203672615391926
+ 31647415452237518039
@@ `s_upkeep` key `"95299183306293242919258731417449887125989356901836642522229237728515662948291"`.executeGas @@
- 1516137802
+ 3996166953
# InitializableImmutableAdminUpgradeabilityProxy at `0x7937D4799803FbBe595ed57278Bc4cA21f3bFfCB` with implementation LendingPool at `0xaACA8859EFD9643B98C042691DA60b217C9CdD64`
@@ `_reserves` key `0x50379f632ca68d36e50cfbc8f78fe16bd1499d1e`.configuration.data @@
- 18446821247245752997744
+ 18446965362433828853616
# decoded configuration.data for key `0x50379f632ca68d36e50cfbc8f78fe16bd1499d1e` (symbol: G-UNI)
@@ configuration.data.frozen @@
- false
+ true
@@ `_reserves` key `0xd2eec91055f07fe24c9ccb25828ecfefd4be0c41`.configuration.data @@
- 18446821247245752997744
+ 18446965362433828853616
# decoded configuration.data for key `0xd2eec91055f07fe24c9ccb25828ecfefd4be0c41` (symbol: G-UNI)
@@ configuration.data.frozen @@
- false
+ true
Info:
- There is no SELFDESTRUCT inside of delegated call
Info:
- Events Emitted:
- InitializableImmutableAdminUpgradeabilityProxy at
0x23A875eDe3F1030138701683e42E9b16A7F87768with implementation LendingPoolConfigurator at0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4ReserveFrozen(asset: 0x50379f632ca68d36e50cfbc8f78fe16bd1499d1e)ReserveFrozen(asset: 0xd2eec91055f07fe24c9ccb25828ecfefd4be0c41)
- KeeperRegistry at
0x02777053d6764996e594c3E88AF1D58D5363a2e6UpkeepPerformed(id: 95299183306293242919258731417449887125989356901836642522229237728515662948291, success: true, from: 0x33512418380f170e5752fc233f1326f3e805ea62, payment: 3503788220377873887, performData: 0x0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000c30000000000000000000000000000000000000000000000000000000000000001)
- InitializableImmutableAdminUpgradeabilityProxy at
Info:
- Targets:
- 0x23A875eDe3F1030138701683e42E9b16A7F87768: Contract (verified) (InitializableImmutableAdminUpgradeabilityProxy)
Info:
- Touched address:
- 0x33512418380F170e5752Fc233F1326f3e805eA62: EOA (verification not applicable)
- 0x02777053d6764996e594c3E88AF1D58D5363a2e6: Contract (verified) (KeeperRegistry)
- 0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C: Contract (verified) (EACAggregatorProxy)
- 0x785433d8b06D77D68dF6be63944742130A4530d1: Contract (verified) (AccessControlledOffchainAggregator)
- 0xDC530D9457755926550b59e8ECcdaE7624181557: Contract (verified) (EACAggregatorProxy)
- 0xbba12740DE905707251525477bAD74985DeC46D2: Contract (verified) (AccessControlledOffchainAggregator)
- 0x943AcD0c93d7a8Bee7dA5Fd0DC3d0028237074d6: Contract (verified) (EthRobotKeeper)
- 0xEC568fffba86c094cf06b22134B23074DFE2252c: Contract (verified) (AaveGovernanceV2)
- 0xEE56e2B3D491590B5b31738cC34d5232F378a8D5: Contract (verified) (Executor)
- 0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e: Contract (verified) (GovernanceStrategy)
- 0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9: Contract (verified) (InitializableAdminUpgradeabilityProxy)
- 0x96F68837877fd0414B55050c9e794AECdBcfCA59: Contract (not verified)
- 0x23A875eDe3F1030138701683e42E9b16A7F87768: Contract (verified) (InitializableImmutableAdminUpgradeabilityProxy)
- 0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4: Contract (verified) (LendingPoolConfigurator)
- 0xAcc030EF66f9dFEAE9CbB0cd1B25654b82cFA8d5: Contract (verified) (LendingPoolAddressesProvider)
- 0x7937D4799803FbBe595ed57278Bc4cA21f3bFfCB: Contract (verified) (InitializableImmutableAdminUpgradeabilityProxy)
- 0xaACA8859EFD9643B98C042691DA60b217C9CdD64: Contract (verified) (LendingPool)
Info:
View Details
View warnings for EACAggregatorProxy at `0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C`
WARNING:CryticCompile:Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:283:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:273:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:284:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:274:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:285:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:275:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:286:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:276:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:331:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:321:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:332:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:322:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:333:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:323:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:334:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:324:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:513:5: Warning: This declaration shadows an existing declaration.
uint16 phaseId = uint16(_roundId >> PHASE_OFFSET);
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:525:7: Warning: This declaration shadows an existing declaration.
uint16 phaseId
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:495:3: Warning: Function state mutability can be restricted to pure
function addPhase(
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:506:3: Warning: Function state mutability can be restricted to pure
function parseIds(
^ (Relevant source part starts here and spans across multiple lines).
View warnings for InitializableImmutableAdminUpgradeabilityProxy at `0x23A875eDe3F1030138701683e42E9b16A7F87768` with implementation LendingPoolConfigurator at `0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4`
WARNING:CryticCompile:Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
View warnings for LendingPoolConfigurator at `0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4`
WARNING:CryticCompile:Warning: contracts/protocol/lendingpool/LendingPoolConfigurator.sol:70:25: Warning: This declaration shadows an existing declaration.
function _initReserve(ILendingPool pool, InitReserveInput calldata input) internal {
^---------------^
contracts/protocol/lendingpool/LendingPoolConfigurator.sol:34:3: The shadowed declaration is here:
ILendingPool internal pool;
^------------------------^
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
View warnings for AccessControlledOffchainAggregator at `0x785433d8b06D77D68dF6be63944742130A4530d1`
WARNING:CryticCompile:Warning: OffchainAggregator.sol:461:7: Warning: This declaration shadows an existing declaration.
int192 latestAnswer,
^-----------------^
OffchainAggregator.sol:653:3: The shadowed declaration is here:
function latestAnswer()
^ (Relevant source part starts here and spans across multiple lines).
Warning: OffchainAggregator.sol:462:7: Warning: This declaration shadows an existing declaration.
uint64 latestTimestamp
^--------------------^
OffchainAggregator.sol:666:3: The shadowed declaration is here:
function latestTimestamp()
^ (Relevant source part starts here and spans across multiple lines).
Warning: AccessControlledOffchainAggregator.sol:25:5: Warning: This declaration shadows an existing declaration.
string memory description
^-----------------------^
AccessControlledOffchainAggregator.sol:108:3: The shadowed declaration is here:
function description()
^ (Relevant source part starts here and spans across multiple lines).
View warnings for InitializableImmutableAdminUpgradeabilityProxy at `0x7937D4799803FbBe595ed57278Bc4cA21f3bFfCB` with implementation LendingPool at `0xaACA8859EFD9643B98C042691DA60b217C9CdD64`
WARNING:CryticCompile:Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
View warnings for InitializableAdminUpgradeabilityProxy at `0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9` with implementation unknown contract name at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`
WARNING:CryticCompile:Warning: contracts/open-zeppelin/Address.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/Proxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/SafeMath.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/UpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol:13:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, InitializableUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/utils/MockTransferHook.sol:9:25: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^----------^
Warning: contracts/utils/MockTransferHook.sol:9:39: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^--------^
Warning: contracts/utils/MockTransferHook.sol:9:51: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^------------^
View warnings for EthRobotKeeper at `0x943AcD0c93d7a8Bee7dA5Fd0DC3d0028237074d6`
ERROR:CryticCompile:ParserError: ParserError: Source "aave-address-book/AaveGovernanceV2.sol" not found: File not found. Searched the following locations: "".
--> src/contracts/EthRobotKeeper.sol:4:1:
|
4 | import {IAaveGovernanceV2} from 'aave-address-book/AaveGovernanceV2.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "solidity-utils/contracts/oz-common/Ownable.sol" not found: File not found. Searched the following locations: "".
--> src/contracts/EthRobotKeeper.sol:7:1:
|
7 | import {Ownable} from 'solidity-utils/contracts/oz-common/Ownable.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "chainlink-brownie-contracts/interfaces/AutomationCompatibleInterface.sol" not found: File not found. Searched the following locations: "".
--> src/interfaces/IGovernanceRobotKeeper.sol:4:1:
|
4 | import {AutomationCompatibleInterface} from 'chainlink-brownie-contracts/interfaces/AutomationCompatibleInterface.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "aave-address-book/AaveGovernanceV2.sol" not found: File not found. Searched the following locations: "".
--> src/interfaces/IProposalValidator.sol:5:1:
|
5 | import {IAaveGovernanceV2} from 'aave-address-book/AaveGovernanceV2.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
View warnings for LendingPool at `0xaACA8859EFD9643B98C042691DA60b217C9CdD64`
WARNING:CryticCompile:Warning: contracts/protocol/lendingpool/LendingPoolConfigurator.sol:70:25: Warning: This declaration shadows an existing declaration.
function _initReserve(ILendingPool pool, InitReserveInput calldata input) internal {
^---------------^
contracts/protocol/lendingpool/LendingPoolConfigurator.sol:34:3: The shadowed declaration is here:
ILendingPool internal pool;
^------------------------^
Warning: contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol:14:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/dependencies/openzeppelin/upgradeability/AdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract AdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, UpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
View warnings for LendingPoolAddressesProvider at `0xAcc030EF66f9dFEAE9CbB0cd1B25654b82cFA8d5`
WARNING:CryticCompile:Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
View warnings for AccessControlledOffchainAggregator at `0xbba12740DE905707251525477bAD74985DeC46D2`
WARNING:CryticCompile:Warning: OffchainAggregator.sol:461:7: Warning: This declaration shadows an existing declaration.
int192 latestAnswer,
^-----------------^
OffchainAggregator.sol:653:3: The shadowed declaration is here:
function latestAnswer()
^ (Relevant source part starts here and spans across multiple lines).
Warning: OffchainAggregator.sol:462:7: Warning: This declaration shadows an existing declaration.
uint64 latestTimestamp
^--------------------^
OffchainAggregator.sol:666:3: The shadowed declaration is here:
function latestTimestamp()
^ (Relevant source part starts here and spans across multiple lines).
Warning: AccessControlledOffchainAggregator.sol:25:5: Warning: This declaration shadows an existing declaration.
string memory description
^-----------------------^
AccessControlledOffchainAggregator.sol:108:3: The shadowed declaration is here:
function description()
^ (Relevant source part starts here and spans across multiple lines).
View warnings for EACAggregatorProxy at `0xDC530D9457755926550b59e8ECcdaE7624181557`
WARNING:CryticCompile:Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:283:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:273:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:284:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:274:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:285:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:275:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:286:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:276:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:331:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:321:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:332:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:322:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:333:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:323:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:334:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:324:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:513:5: Warning: This declaration shadows an existing declaration.
uint16 phaseId = uint16(_roundId >> PHASE_OFFSET);
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:525:7: Warning: This declaration shadows an existing declaration.
uint16 phaseId
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:495:3: Warning: Function state mutability can be restricted to pure
function addPhase(
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:506:3: Warning: Function state mutability can be restricted to pure
function parseIds(
^ (Relevant source part starts here and spans across multiple lines).
Info:
View Details
Slither report for KeeperRegistry at `0x02777053d6764996e594c3E88AF1D58D5363a2e6`
INFO:Detectors:
KeeperRegistry.addFunds(uint256,uint96) (contracts/v0.8/KeeperRegistry.sol#297-302) ignores return value by LINK.transferFrom(msg.sender,address(this),amount) (contracts/v0.8/KeeperRegistry.sol#300)
KeeperRegistry.withdrawFunds(uint256,address) (contracts/v0.8/KeeperRegistry.sol#331-355) ignores return value by LINK.transfer(to,amountToWithdraw) (contracts/v0.8/KeeperRegistry.sol#354)
KeeperRegistry.withdrawOwnerFunds() (contracts/v0.8/KeeperRegistry.sol#360-368) ignores return value by LINK.transfer(msg.sender,amount) (contracts/v0.8/KeeperRegistry.sol#367)
KeeperRegistry.recoverFunds() (contracts/v0.8/KeeperRegistry.sol#389-392) ignores return value by LINK.transfer(msg.sender,total - s_expectedLinkBalance) (contracts/v0.8/KeeperRegistry.sol#391)
KeeperRegistry.withdrawPayment(address,address) (contracts/v0.8/KeeperRegistry.sol#399-408) ignores return value by LINK.transfer(to,keeper.balance) (contracts/v0.8/KeeperRegistry.sol#407)
KeeperRegistry.migrateUpkeeps(uint256[],address) (contracts/v0.8/KeeperRegistry.sol#648-683) ignores return value by LINK.transfer(destination,totalBalanceRemaining) (contracts/v0.8/KeeperRegistry.sol#682)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer
INFO:Detectors:
KeeperBase.preventExecution() (contracts/v0.8/KeeperBase.sol#11-15) uses tx.origin for authorization: tx.origin != address(0) (contracts/v0.8/KeeperBase.sol#12)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-usage-of-txorigin
INFO:Detectors:
KeeperRegistry.cancelUpkeep(uint256) (contracts/v0.8/KeeperRegistry.sol#273-289) ignores return value by s_upkeepIDs.remove(id) (contracts/v0.8/KeeperRegistry.sol#286)
KeeperRegistry.migrateUpkeeps(uint256[],address) (contracts/v0.8/KeeperRegistry.sol#648-683) ignores return value by s_upkeepIDs.remove(id) (contracts/v0.8/KeeperRegistry.sol#670)
KeeperRegistry._createUpkeep(uint256,address,uint32,address,uint96,bytes) (contracts/v0.8/KeeperRegistry.sol#723-745) ignores return value by s_upkeepIDs.add(id) (contracts/v0.8/KeeperRegistry.sol#744)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return
INFO:Detectors:
Reentrancy in KeeperRegistry.addFunds(uint256,uint96) (contracts/v0.8/KeeperRegistry.sol#297-302):
External calls:
- LINK.transferFrom(msg.sender,address(this),amount) (contracts/v0.8/KeeperRegistry.sol#300)
Event emitted after the call(s):
- FundsAdded(id,msg.sender,amount) (contracts/v0.8/KeeperRegistry.sol#301)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
KeeperRegistry._getFeedData() (contracts/v0.8/KeeperRegistry.sol#753-771) uses timestamp for comparisons
Dangerous comparisons:
- (staleFallback && stalenessSeconds < block.timestamp - timestamp) || feedValue <= 0 (contracts/v0.8/KeeperRegistry.sol#759)
- (staleFallback && stalenessSeconds < block.timestamp - timestamp) || feedValue <= 0 (contracts/v0.8/KeeperRegistry.sol#765)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#201-221) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/Address.sol#213-216)
EnumerableSet.values(EnumerableSet.AddressSet) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#274-283) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#278-280)
EnumerableSet.values(EnumerableSet.UintSet) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#347-356) uses assembly
- INLINE ASM (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#351-353)
KeeperRegistry._callWithExactGas(uint256,address,bytes) (contracts/v0.8/KeeperRegistry.sol#792-817) uses assembly
- INLINE ASM (contracts/v0.8/KeeperRegistry.sol#797-815)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
KeeperRegistry.migrateUpkeeps(uint256[],address) (contracts/v0.8/KeeperRegistry.sol#648-683) has costly operations inside a loop:
- delete s_upkeep[id] (contracts/v0.8/KeeperRegistry.sol#668)
KeeperRegistry.migrateUpkeeps(uint256[],address) (contracts/v0.8/KeeperRegistry.sol#648-683) has costly operations inside a loop:
- delete s_checkData[id] (contracts/v0.8/KeeperRegistry.sol#669)
KeeperRegistry._createUpkeep(uint256,address,uint32,address,uint96,bytes) (contracts/v0.8/KeeperRegistry.sol#723-745) has costly operations inside a loop:
- s_expectedLinkBalance = s_expectedLinkBalance + balance (contracts/v0.8/KeeperRegistry.sol#742)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#costly-operations-inside-a-loop
INFO:Detectors:
Address.functionCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#85-87) is never used and should be removed
Address.functionCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#95-101) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (@openzeppelin/contracts/utils/Address.sol#114-120) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#128-139) is never used and should be removed
Address.functionDelegateCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#174-176) is never used and should be removed
Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#184-193) is never used and should be removed
Address.functionStaticCall(address,bytes) (@openzeppelin/contracts/utils/Address.sol#147-149) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#157-166) is never used and should be removed
Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#60-65) is never used and should be removed
Address.verifyCallResult(bool,bytes,string) (@openzeppelin/contracts/utils/Address.sol#201-221) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#21-23) is never used and should be removed
EnumerableSet._values(EnumerableSet.Set) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#142-144) is never used and should be removed
EnumerableSet.add(EnumerableSet.AddressSet,address) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#224-226) is never used and should be removed
EnumerableSet.add(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#158-160) is never used and should be removed
EnumerableSet.at(EnumerableSet.AddressSet,uint256) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#262-264) is never used and should be removed
EnumerableSet.at(EnumerableSet.Bytes32Set,uint256) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#196-198) is never used and should be removed
EnumerableSet.contains(EnumerableSet.AddressSet,address) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#241-243) is never used and should be removed
EnumerableSet.contains(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#175-177) is never used and should be removed
EnumerableSet.contains(EnumerableSet.UintSet,uint256) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#314-316) is never used and should be removed
EnumerableSet.length(EnumerableSet.AddressSet) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#248-250) is never used and should be removed
EnumerableSet.length(EnumerableSet.Bytes32Set) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#182-184) is never used and should be removed
EnumerableSet.remove(EnumerableSet.AddressSet,address) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#234-236) is never used and should be removed
EnumerableSet.remove(EnumerableSet.Bytes32Set,bytes32) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#168-170) is never used and should be removed
EnumerableSet.values(EnumerableSet.AddressSet) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#274-283) is never used and should be removed
EnumerableSet.values(EnumerableSet.Bytes32Set) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#208-210) is never used and should be removed
EnumerableSet.values(EnumerableSet.UintSet) (@openzeppelin/contracts/utils/structs/EnumerableSet.sol#347-356) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (@openzeppelin/contracts/utils/Address.sol#60-65):
- (success) = recipient.call{value: amount}() (@openzeppelin/contracts/utils/Address.sol#63)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (@openzeppelin/contracts/utils/Address.sol#128-139):
- (success,returndata) = target.call{value: value}(data) (@openzeppelin/contracts/utils/Address.sol#137)
Low level call in Address.functionStaticCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#157-166):
- (success,returndata) = target.staticcall(data) (@openzeppelin/contracts/utils/Address.sol#164)
Low level call in Address.functionDelegateCall(address,bytes,string) (@openzeppelin/contracts/utils/Address.sol#184-193):
- (success,returndata) = target.delegatecall(data) (@openzeppelin/contracts/utils/Address.sol#191)
Low level call in KeeperRegistry.checkUpkeep(uint256,address) (contracts/v0.8/KeeperRegistry.sol#226-252):
- (success,result) = upkeep.target.call{gas: s_storage.checkGasLimit}(callData) (contracts/v0.8/KeeperRegistry.sol#241)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Variable ConfirmedOwnerWithProposal.s_owner (contracts/v0.8/ConfirmedOwnerWithProposal.sol#11) is not in mixedCase
Variable ConfirmedOwnerWithProposal.s_pendingOwner (contracts/v0.8/ConfirmedOwnerWithProposal.sol#12) is not in mixedCase
Variable KeeperRegistry.s_keeperList (contracts/v0.8/KeeperRegistry.sol#48) is not in mixedCase
Variable KeeperRegistry.s_upkeepIDs (contracts/v0.8/KeeperRegistry.sol#49) is not in mixedCase
Variable KeeperRegistry.s_upkeep (contracts/v0.8/KeeperRegistry.sol#50) is not in mixedCase
Variable KeeperRegistry.s_keeperInfo (contracts/v0.8/KeeperRegistry.sol#51) is not in mixedCase
Variable KeeperRegistry.s_proposedPayee (contracts/v0.8/KeeperRegistry.sol#52) is not in mixedCase
Variable KeeperRegistry.s_checkData (contracts/v0.8/KeeperRegistry.sol#53) is not in mixedCase
Variable KeeperRegistry.s_peerRegistryMigrationPermission (contracts/v0.8/KeeperRegistry.sol#54) is not in mixedCase
Variable KeeperRegistry.s_storage (contracts/v0.8/KeeperRegistry.sol#55) is not in mixedCase
Variable KeeperRegistry.s_fallbackGasPrice (contracts/v0.8/KeeperRegistry.sol#56) is not in mixedCase
Variable KeeperRegistry.s_fallbackLinkPrice (contracts/v0.8/KeeperRegistry.sol#57) is not in mixedCase
Variable KeeperRegistry.s_ownerLinkBalance (contracts/v0.8/KeeperRegistry.sol#58) is not in mixedCase
Variable KeeperRegistry.s_expectedLinkBalance (contracts/v0.8/KeeperRegistry.sol#59) is not in mixedCase
Variable KeeperRegistry.s_transcoder (contracts/v0.8/KeeperRegistry.sol#60) is not in mixedCase
Variable KeeperRegistry.s_registrar (contracts/v0.8/KeeperRegistry.sol#61) is not in mixedCase
Variable KeeperRegistry.LINK (contracts/v0.8/KeeperRegistry.sol#63) is not in mixedCase
Variable KeeperRegistry.LINK_ETH_FEED (contracts/v0.8/KeeperRegistry.sol#64) is not in mixedCase
Variable KeeperRegistry.FAST_GAS_FEED (contracts/v0.8/KeeperRegistry.sol#65) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x02777053d6764996e594c3E88AF1D58D5363a2e6 analyzed (20 contracts with 79 detectors), 69 result(s) found
Slither report for EACAggregatorProxy at `0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C`
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:283:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:273:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:284:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:274:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:285:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:275:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:286:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:276:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:331:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:321:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:332:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:322:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:333:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:323:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:334:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:324:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:513:5: Warning: This declaration shadows an existing declaration.
uint16 phaseId = uint16(_roundId >> PHASE_OFFSET);
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:525:7: Warning: This declaration shadows an existing declaration.
uint16 phaseId
^------------^
crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:495:3: Warning: Function state mutability can be restricted to pure
function addPhase(
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol:506:3: Warning: Function state mutability can be restricted to pure
function parseIds(
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
AggregatorProxy.getRoundData(uint80).updatedAt_scope_3 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#286) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).answer_scope_1 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#284) is a local variable never initialized
AggregatorProxy.latestRoundData().startedAt_scope_2 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#333) is a local variable never initialized
AggregatorProxy.latestRoundData().roundId_scope_0 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#331) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).startedAt_scope_2 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#285) is a local variable never initialized
AggregatorProxy.latestRoundData().updatedAt_scope_3 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#334) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).roundId_scope_0 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#283) is a local variable never initialized
AggregatorProxy.latestRoundData().answer_scope_1 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#332) is a local variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Detectors:
AggregatorProxy.getAnswer(uint256).phaseId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#189) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.getAnswer(uint256).aggregator (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#190) shadows:
- AggregatorProxy.aggregator() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#399-405) (function)
AggregatorProxy.getTimestamp(uint256).phaseId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#214) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.getTimestamp(uint256).aggregator (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#215) shadows:
- AggregatorProxy.aggregator() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#399-405) (function)
AggregatorProxy.getRoundData(uint80).phaseId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#280) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.getRoundData(uint80).roundId_scope_0 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#283) shadows:
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#273) (return variable)
AggregatorProxy.getRoundData(uint80).answer_scope_1 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#284) shadows:
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#274) (return variable)
AggregatorProxy.getRoundData(uint80).startedAt_scope_2 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#285) shadows:
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#275) (return variable)
AggregatorProxy.getRoundData(uint80).updatedAt_scope_3 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#286) shadows:
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#276) (return variable)
AggregatorProxy.latestRoundData().roundId_scope_0 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#331) shadows:
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#321) (return variable)
AggregatorProxy.latestRoundData().answer_scope_1 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#332) shadows:
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#322) (return variable)
AggregatorProxy.latestRoundData().startedAt_scope_2 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#333) shadows:
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#323) (return variable)
AggregatorProxy.latestRoundData().updatedAt_scope_3 (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#334) shadows:
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#324) (return variable)
AggregatorProxy.parseIds(uint256).phaseId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#513) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.addPhaseIds(uint80,int256,uint256,uint256,uint80,uint16).phaseId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#525) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#410-416) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
Owned.transferOwnership(address)._to (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#30) lacks a zero-check on :
- pendingOwner = _to (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#34)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Parameter Owned.transferOwnership(address)._to (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#30) is not in mixedCase
Parameter AggregatorProxy.getAnswer(uint256)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#180) is not in mixedCase
Parameter AggregatorProxy.getTimestamp(uint256)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#205) is not in mixedCase
Parameter AggregatorProxy.getRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#267) is not in mixedCase
Parameter AggregatorProxy.proposedGetRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#353) is not in mixedCase
Parameter AggregatorProxy.proposeAggregator(address)._aggregator (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#459) is not in mixedCase
Parameter AggregatorProxy.confirmAggregator(address)._aggregator (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#473) is not in mixedCase
Parameter AggregatorProxy.setAggregator(address)._aggregator (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#487) is not in mixedCase
Parameter AggregatorProxy.addPhase(uint16,uint64)._phase (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#496) is not in mixedCase
Parameter AggregatorProxy.addPhase(uint16,uint64)._originalId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#497) is not in mixedCase
Parameter AggregatorProxy.parseIds(uint256)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#507) is not in mixedCase
Parameter EACAggregatorProxy.setController(address)._accessController (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#582) is not in mixedCase
Parameter EACAggregatorProxy.getAnswer(uint256)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#638) is not in mixedCase
Parameter EACAggregatorProxy.getTimestamp(uint256)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#658) is not in mixedCase
Parameter EACAggregatorProxy.getRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#710) is not in mixedCase
Parameter EACAggregatorProxy.proposedGetRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C-EACAggregatorProxy.sol#776) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x169E633A2D1E6c10dD91238Ba11c4A708dfEF37C analyzed (7 contracts with 79 detectors), 40 result(s) found
Slither report for InitializableImmutableAdminUpgradeabilityProxy at `0x23A875eDe3F1030138701683e42E9b16A7F87768` with implementation LendingPoolConfigurator at `0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4`
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
BaseImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#19) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
InitializableImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol#15) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseImmutableAdminUpgradeabilityProxy.ifAdmin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#23-29) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
Address.isContract(address) (contracts/dependencies/openzeppelin/contracts/Address.sol#25-36) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/contracts/Address.sol#32-34)
BaseUpgradeabilityProxy._implementation() (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#32-38) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#35-37)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#53-65) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#62-64)
Proxy._delegate(address) (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#31-55) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#33-54)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60):
- (success) = recipient.call{value: amount}() (contracts/dependencies/openzeppelin/contracts/Address.sol#58)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Low level call in BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63-71):
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable BaseImmutableAdminUpgradeabilityProxy.ADMIN (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#17) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x23A875eDe3F1030138701683e42E9b16A7F87768 analyzed (6 contracts with 79 detectors), 17 result(s) found
Slither report for LendingPoolConfigurator at `0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4`
Warning: contracts/protocol/lendingpool/LendingPoolConfigurator.sol:70:25: Warning: This declaration shadows an existing declaration.
function _initReserve(ILendingPool pool, InitReserveInput calldata input) internal {
^---------------^
contracts/protocol/lendingpool/LendingPoolConfigurator.sol:34:3: The shadowed declaration is here:
ILendingPool internal pool;
^------------------------^
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
LendingPoolConfigurator._checkNoLiquidity(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#477-486) uses a dangerous strict equality:
- require(bool,string)(availableLiquidity == 0 && reserveData.currentLiquidityRate == 0,Errors.LPC_RESERVE_LIQUIDITY_NOT_0) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#482-485)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput).pool (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70) shadows:
- LendingPoolConfigurator.pool (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#34) (state variable)
BaseImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#19) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
InitializableImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol#15) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseImmutableAdminUpgradeabilityProxy.ifAdmin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#23-29) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
LendingPoolConfigurator._initTokenWithProxy(address,bytes) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#454-464) has external calls inside a loop: proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142) has external calls inside a loop: pool.initReserve(input.underlyingAsset,aTokenProxyAddress,stableDebtTokenProxyAddress,variableDebtTokenProxyAddress,input.interestRateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#117-123)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142) has external calls inside a loop: currentConfig = pool.getConfiguration(input.underlyingAsset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#125-126)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142) has external calls inside a loop: pool.setConfiguration(input.underlyingAsset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#133)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/#calls-inside-a-loop
INFO:Detectors:
Reentrancy in LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142):
External calls:
- aTokenProxyAddress = _initTokenWithProxy(input.aTokenImpl,abi.encodeWithSelector(IInitializableAToken.initialize.selector,pool,input.treasury,input.underlyingAsset,IAaveIncentivesController(input.incentivesController),input.underlyingAssetDecimals,input.aTokenName,input.aTokenSymbol,input.params)) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#71-85)
- proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
- stableDebtTokenProxyAddress = _initTokenWithProxy(input.stableDebtTokenImpl,abi.encodeWithSelector(IInitializableDebtToken.initialize.selector,pool,input.underlyingAsset,IAaveIncentivesController(input.incentivesController),input.underlyingAssetDecimals,input.stableDebtTokenName,input.stableDebtTokenSymbol,input.params)) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#87-100)
- proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
- variableDebtTokenProxyAddress = _initTokenWithProxy(input.variableDebtTokenImpl,abi.encodeWithSelector(IInitializableDebtToken.initialize.selector,pool,input.underlyingAsset,IAaveIncentivesController(input.incentivesController),input.underlyingAssetDecimals,input.variableDebtTokenName,input.variableDebtTokenSymbol,input.params)) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#102-115)
- proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
- pool.initReserve(input.underlyingAsset,aTokenProxyAddress,stableDebtTokenProxyAddress,variableDebtTokenProxyAddress,input.interestRateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#117-123)
- pool.setConfiguration(input.underlyingAsset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#133)
Event emitted after the call(s):
- ReserveInitialized(input.underlyingAsset,aTokenProxyAddress,stableDebtTokenProxyAddress,variableDebtTokenProxyAddress,input.interestRateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#135-141)
Reentrancy in LendingPoolConfigurator.activateReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#363-371):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#368)
Event emitted after the call(s):
- ReserveActivated(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#370)
Reentrancy in LendingPoolConfigurator.configureReserveAsCollateral(address,uint256,uint256,uint256) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#287-329):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#326)
Event emitted after the call(s):
- CollateralConfigurationChanged(asset,ltv,liquidationThreshold,liquidationBonus) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#328)
Reentrancy in LendingPoolConfigurator.deactivateReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#377-387):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#384)
Event emitted after the call(s):
- ReserveDeactivated(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#386)
Reentrancy in LendingPoolConfigurator.disableBorrowingOnReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#269-276):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#274)
Event emitted after the call(s):
- BorrowingDisabledOnReserve(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#275)
Reentrancy in LendingPoolConfigurator.disableReserveStableRate(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#349-357):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#354)
Event emitted after the call(s):
- StableRateDisabledOnReserve(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#356)
Reentrancy in LendingPoolConfigurator.enableBorrowingOnReserve(address,bool) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#251-263):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#260)
Event emitted after the call(s):
- BorrowingEnabledOnReserve(asset,stableBorrowRateEnabled) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#262)
Reentrancy in LendingPoolConfigurator.enableReserveStableRate(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#335-343):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#340)
Event emitted after the call(s):
- StableRateEnabledOnReserve(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#342)
Reentrancy in LendingPoolConfigurator.freezeReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#394-402):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#399)
Event emitted after the call(s):
- ReserveFrozen(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#401)
Reentrancy in LendingPoolConfigurator.setReserveFactor(address,uint256) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#423-431):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#428)
Event emitted after the call(s):
- ReserveFactorChanged(asset,reserveFactor) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#430)
Reentrancy in LendingPoolConfigurator.setReserveInterestRateStrategyAddress(address,address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#438-444):
External calls:
- pool.setReserveInterestRateStrategyAddress(asset,rateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#442)
Event emitted after the call(s):
- ReserveInterestRateStrategyChanged(asset,rateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#443)
Reentrancy in LendingPoolConfigurator.unfreezeReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#408-416):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#413)
Event emitted after the call(s):
- ReserveUnfrozen(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#415)
Reentrancy in LendingPoolConfigurator.updateAToken(ILendingPoolConfigurator.UpdateATokenInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#147-173):
External calls:
- _upgradeTokenImplementation(reserveData.aTokenAddress,input.implementation,encodedCall) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#166-170)
- proxy.upgradeToAndCall(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#474)
Event emitted after the call(s):
- ATokenUpgraded(input.asset,reserveData.aTokenAddress,input.implementation) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#172)
Reentrancy in LendingPoolConfigurator.updateStableDebtToken(ILendingPoolConfigurator.UpdateDebtTokenInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#178-207):
External calls:
- _upgradeTokenImplementation(reserveData.stableDebtTokenAddress,input.implementation,encodedCall) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#196-200)
- proxy.upgradeToAndCall(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#474)
Event emitted after the call(s):
- StableDebtTokenUpgraded(input.asset,reserveData.stableDebtTokenAddress,input.implementation) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#202-206)
Reentrancy in LendingPoolConfigurator.updateVariableDebtToken(ILendingPoolConfigurator.UpdateDebtTokenInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#212-244):
External calls:
- _upgradeTokenImplementation(reserveData.variableDebtTokenAddress,input.implementation,encodedCall) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#233-237)
- proxy.upgradeToAndCall(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#474)
Event emitted after the call(s):
- VariableDebtTokenUpgraded(input.asset,reserveData.variableDebtTokenAddress,input.implementation) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#239-243)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
Address.isContract(address) (contracts/dependencies/openzeppelin/contracts/Address.sol#25-36) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/contracts/Address.sol#32-34)
BaseUpgradeabilityProxy._implementation() (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#32-38) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#35-37)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#53-65) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#62-64)
Proxy._delegate(address) (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#31-55) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#33-54)
VersionedInitializable.isConstructor() (contracts/protocol/libraries/aave-upgradeability/VersionedInitializable.sol#61-73) uses assembly
- INLINE ASM (contracts/protocol/libraries/aave-upgradeability/VersionedInitializable.sol#69-71)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60) is never used and should be removed
PercentageMath.percentDiv(uint256,uint256) (contracts/protocol/libraries/math/PercentageMath.sol#43-53) is never used and should be removed
ReserveConfiguration.getActive(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#160-162) is never used and should be removed
ReserveConfiguration.getBorrowingEnabled(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#203-209) is never used and should be removed
ReserveConfiguration.getDecimals(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#136-142) is never used and should be removed
ReserveConfiguration.getFlags(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#272-290) is never used and should be removed
ReserveConfiguration.getFlagsMemory(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#349-365) is never used and should be removed
ReserveConfiguration.getFrozen(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#180-182) is never used and should be removed
ReserveConfiguration.getLiquidationBonus(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#109-115) is never used and should be removed
ReserveConfiguration.getLiquidationThreshold(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#80-86) is never used and should be removed
ReserveConfiguration.getLtv(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#55-57) is never used and should be removed
ReserveConfiguration.getParams(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#297-317) is never used and should be removed
ReserveConfiguration.getReserveFactor(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#259-265) is never used and should be removed
ReserveConfiguration.getStableRateBorrowingEnabled(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#230-236) is never used and should be removed
SafeMath.add(uint256,uint256) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#27-32) is never used and should be removed
SafeMath.div(uint256,uint256) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#101-103) is never used and should be removed
SafeMath.div(uint256,uint256,string) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#116-127) is never used and should be removed
SafeMath.mod(uint256,uint256) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#140-142) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#155-162) is never used and should be removed
SafeMath.mul(uint256,uint256) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#76-88) is never used and should be removed
SafeMath.sub(uint256,uint256) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#43-45) is never used and should be removed
SafeMath.sub(uint256,uint256,string) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#56-65) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60):
- (success) = recipient.call{value: amount}() (contracts/dependencies/openzeppelin/contracts/Address.sol#58)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Low level call in BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63-71):
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable BaseImmutableAdminUpgradeabilityProxy.ADMIN (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#17) is not in mixedCase
Variable VersionedInitializable.______gap (contracts/protocol/libraries/aave-upgradeability/VersionedInitializable.sol#76) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Variable Errors.LP_INCONSISTENT_FLASHLOAN_PARAMS (contracts/protocol/libraries/helpers/Errors.sol#55) is too similar to Errors.VL_INCONSISTENT_FLASHLOAN_PARAMS (contracts/protocol/libraries/helpers/Errors.sol#100)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#variable-names-too-similar
INFO:Slither:0x5A8adC696009a2e0d142c46fDddd8C44bE1604b4 analyzed (21 contracts with 79 detectors), 62 result(s) found
Slither report for AccessControlledOffchainAggregator at `0x785433d8b06D77D68dF6be63944742130A4530d1`
Warning: OffchainAggregator.sol:461:7: Warning: This declaration shadows an existing declaration.
int192 latestAnswer,
^-----------------^
OffchainAggregator.sol:653:3: The shadowed declaration is here:
function latestAnswer()
^ (Relevant source part starts here and spans across multiple lines).
Warning: OffchainAggregator.sol:462:7: Warning: This declaration shadows an existing declaration.
uint64 latestTimestamp
^--------------------^
OffchainAggregator.sol:666:3: The shadowed declaration is here:
function latestTimestamp()
^ (Relevant source part starts here and spans across multiple lines).
Warning: AccessControlledOffchainAggregator.sol:25:5: Warning: This declaration shadows an existing declaration.
string memory description
^-----------------------^
AccessControlledOffchainAggregator.sol:108:3: The shadowed declaration is here:
function description()
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623) passes array OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84)by reference to OffchainAggregatorBilling.oracleRewards(bytes,uint16[31]) (OffchainAggregatorBilling.sol#392-406)which only takes arrays by value
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#modifying-storage-array-by-value
INFO:Detectors:
Reentrancy in OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
State variables written after the call(s):
- s_gasReimbursementsLinkWei[oracle.index] = 1 (OffchainAggregatorBilling.sol#355)
OffchainAggregatorBilling.s_gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#114) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- s_oracleObservationsCounts[oracle.index] = 1 (OffchainAggregatorBilling.sol#354)
OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
Reentrancy in OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
State variables written after the call(s):
- s_gasReimbursementsLinkWei = gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#389)
OffchainAggregatorBilling.s_gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#114) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- s_oracleObservationsCounts = observationsCounts (OffchainAggregatorBilling.sol#388)
OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
Reentrancy in OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32) (OffchainAggregatorBilling.sol#213-228):
External calls:
- payOracles() (OffchainAggregatorBilling.sol#225)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
State variables written after the call(s):
- setBillingInternal(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#226-227)
- s_billing = Billing(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#198-199)
OffchainAggregatorBilling.s_billing (OffchainAggregatorBilling.sol#66) can be used in cross function reentrancies:
- OffchainAggregatorBilling.getBilling() (OffchainAggregatorBilling.sol#238-257)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32) (OffchainAggregatorBilling.sol#189-202)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
Reentrancy in OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212):
External calls:
- payOracle(transmitter) (OffchainAggregator.sol#164)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
State variables written after the call(s):
- delete s_oracles[signer] (OffchainAggregator.sol#165)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- delete s_oracles[transmitter] (OffchainAggregator.sol#166)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- s_oracles[_signers[i]] = Oracle(uint8(i),Role.Signer) (OffchainAggregator.sol#176)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- s_oracles[_transmitters[i]] = Oracle(uint8(i),Role.Transmitter) (OffchainAggregator.sol#182)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- s_signers.pop() (OffchainAggregator.sol#167)
OffchainAggregatorBilling.s_signers (OffchainAggregatorBilling.sol#139) can be used in cross function reentrancies:
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- s_signers.push(_signers[i]) (OffchainAggregator.sol#183)
OffchainAggregatorBilling.s_signers (OffchainAggregatorBilling.sol#139) can be used in cross function reentrancies:
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- s_transmitters.pop() (OffchainAggregator.sol#168)
OffchainAggregatorBilling.s_transmitters (OffchainAggregatorBilling.sol#143) can be used in cross function reentrancies:
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- OffchainAggregator.transmitters() (OffchainAggregator.sol#252-258)
- s_transmitters.push(_transmitters[i]) (OffchainAggregator.sol#184)
OffchainAggregatorBilling.s_transmitters (OffchainAggregatorBilling.sol#143) can be used in cross function reentrancies:
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- OffchainAggregator.transmitters() (OffchainAggregator.sol#252-258)
Reentrancy in OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644):
External calls:
- validateAnswer(r.hotVars.latestAggregatorRoundId,median) (OffchainAggregator.sol#639)
- av.validate{gas: VALIDATOR_GAS_LIMIT}(prevAggregatorRoundId,prevAggregatorRoundAnswer,_aggregatorRoundId,_answer) (OffchainAggregator.sol#322-327)
State variables written after the call(s):
- s_hotVars = r.hotVars (OffchainAggregator.sol#641)
OffchainAggregator.s_hotVars (OffchainAggregator.sol#39) can be used in cross function reentrancies:
- OffchainAggregator.latestAnswer() (OffchainAggregator.sol#653-661)
- OffchainAggregator.latestConfigDetails() (OffchainAggregator.sol#235-245)
- OffchainAggregator.latestRound() (OffchainAggregator.sol#679-687)
- OffchainAggregator.latestRoundData() (OffchainAggregator.sol#791-817)
- OffchainAggregator.latestTimestamp() (OffchainAggregator.sol#666-674)
- OffchainAggregator.latestTransmissionDetails() (OffchainAggregator.sol#454-473)
- OffchainAggregator.requestNewRound() (OffchainAggregator.sol#385-398)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32).r (OffchainAggregator.sol#526) is a local variable never initialized
OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface).gas (OffchainAggregatorBilling.sol#163) is a local variable never initialized
OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface).counts (OffchainAggregatorBilling.sol#162) is a local variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Detectors:
OffchainAggregator.validateAnswer(uint32,int256) (OffchainAggregator.sol#309-328) ignores return value by av.validate{gas: VALIDATOR_GAS_LIMIT}(prevAggregatorRoundId,prevAggregatorRoundAnswer,_aggregatorRoundId,_answer) (OffchainAggregator.sol#322-327)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return
INFO:Detectors:
AccessControlledOffchainAggregator.constructor(uint32,uint32,uint32,uint32,uint32,address,address,int192,int192,AccessControllerInterface,AccessControllerInterface,uint8,string).description (AccessControlledOffchainAggregator.sol#25) shadows:
- AccessControlledOffchainAggregator.description() (AccessControlledOffchainAggregator.sol#108-116) (function)
- OffchainAggregator.description() (OffchainAggregator.sol#740-748) (function)
- AggregatorV3Interface.description() (AggregatorV3Interface.sol#7) (function)
OffchainAggregator.latestTransmissionDetails().latestAnswer (OffchainAggregator.sol#461) shadows:
- OffchainAggregator.latestAnswer() (OffchainAggregator.sol#653-661) (function)
- AggregatorInterface.latestAnswer() (AggregatorInterface.sol#5) (function)
OffchainAggregator.latestTransmissionDetails().latestTimestamp (OffchainAggregator.sol#462) shadows:
- OffchainAggregator.latestTimestamp() (OffchainAggregator.sol#666-674) (function)
- AggregatorInterface.latestTimestamp() (AggregatorInterface.sol#6) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
Owned.transferOwnership(address)._to (Owned.sol#30) lacks a zero-check on :
- pendingOwner = _to (Owned.sol#34)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358) has external calls inside a loop: require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/#calls-inside-a-loop
INFO:Detectors:
Reentrancy in OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212):
External calls:
- payOracle(transmitter) (OffchainAggregator.sol#164)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
State variables written after the call(s):
- s_configCount += 1 (OffchainAggregator.sol#189)
- s_hotVars.threshold = _threshold (OffchainAggregator.sol#186)
- s_hotVars.latestConfigDigest = configDigestFromConfigData(address(this),configCount,_signers,_transmitters,_threshold,_encodedConfigVersion,_encoded) (OffchainAggregator.sol#192-200)
- s_hotVars.latestEpochAndRound = 0 (OffchainAggregator.sol#201)
- s_latestConfigBlockNumber = uint32(block.number) (OffchainAggregator.sol#188)
Reentrancy in OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644):
External calls:
- validateAnswer(r.hotVars.latestAggregatorRoundId,median) (OffchainAggregator.sol#639)
- av.validate{gas: VALIDATOR_GAS_LIMIT}(prevAggregatorRoundId,prevAggregatorRoundAnswer,_aggregatorRoundId,_answer) (OffchainAggregator.sol#322-327)
State variables written after the call(s):
- reimburseAndRewardOracles(uint32(initialGas),r.observers) (OffchainAggregator.sol#643)
- s_gasReimbursementsLinkWei[txOracle.index] = s_gasReimbursementsLinkWei[txOracle.index] + gasCostLinkWei + uint256(billing.linkGweiPerTransmission) * (1000000000) (OffchainAggregatorBilling.sol#615-617)
- reimburseAndRewardOracles(uint32(initialGas),r.observers) (OffchainAggregator.sol#643)
- s_oracleObservationsCounts = oracleRewards(observers,s_oracleObservationsCounts) (OffchainAggregatorBilling.sol#580-581)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2
INFO:Detectors:
Reentrancy in OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
Event emitted after the call(s):
- OraclePaid(_transmitter,payee,linkWeiAmount) (OffchainAggregatorBilling.sol#356)
Reentrancy in OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
Event emitted after the call(s):
- OraclePaid(transmitters[transmitteridx],payee,linkWeiAmount) (OffchainAggregatorBilling.sol#384)
Reentrancy in OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32) (OffchainAggregatorBilling.sol#213-228):
External calls:
- payOracles() (OffchainAggregatorBilling.sol#225)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
Event emitted after the call(s):
- BillingSet(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#200-201)
- setBillingInternal(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#226-227)
Reentrancy in OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212):
External calls:
- payOracle(transmitter) (OffchainAggregator.sol#164)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
Event emitted after the call(s):
- ConfigSet(previousConfigBlockNumber,configCount,_signers,_transmitters,_threshold,_encodedConfigVersion,_encoded) (OffchainAggregator.sol#203-211)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- delete s_oracles[signer] (OffchainAggregator.sol#165)
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- delete s_oracles[transmitter] (OffchainAggregator.sol#166)
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- s_signers.pop() (OffchainAggregator.sol#167)
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- s_transmitters.pop() (OffchainAggregator.sol#168)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#costly-operations-inside-a-loop
INFO:Detectors:
OffchainAggregator.decodeReport(bytes) (OffchainAggregator.sol#423-434) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Parameter AccessControlledOffchainAggregator.getAnswer(uint256)._roundId (AccessControlledOffchainAggregator.sol#82) is not in mixedCase
Parameter AccessControlledOffchainAggregator.getTimestamp(uint256)._roundId (AccessControlledOffchainAggregator.sol#93) is not in mixedCase
Parameter AccessControlledOffchainAggregator.getRoundData(uint80)._roundId (AccessControlledOffchainAggregator.sol#119) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._signers (OffchainAggregator.sol#150) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._transmitters (OffchainAggregator.sol#151) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._threshold (OffchainAggregator.sol#152) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._encodedConfigVersion (OffchainAggregator.sol#153) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._encoded (OffchainAggregator.sol#154) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._contractAddress (OffchainAggregator.sol#215) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._configCount (OffchainAggregator.sol#216) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._signers (OffchainAggregator.sol#217) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._transmitters (OffchainAggregator.sol#218) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._threshold (OffchainAggregator.sol#219) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._encodedConfigVersion (OffchainAggregator.sol#220) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._encodedConfig (OffchainAggregator.sol#221) is not in mixedCase
Parameter OffchainAggregator.setValidator(address)._newValidator (OffchainAggregator.sol#296) is not in mixedCase
Parameter OffchainAggregator.validateAnswer(uint32,int256)._aggregatorRoundId (OffchainAggregator.sol#310) is not in mixedCase
Parameter OffchainAggregator.validateAnswer(uint32,int256)._answer (OffchainAggregator.sol#311) is not in mixedCase
Parameter OffchainAggregator.setRequesterAccessController(AccessControllerInterface)._requesterAccessController (OffchainAggregator.sol#368) is not in mixedCase
Parameter OffchainAggregator.decodeReport(bytes)._report (OffchainAggregator.sol#423) is not in mixedCase
Parameter OffchainAggregator.expectedMsgDataLength(bytes,bytes32[],bytes32[])._report (OffchainAggregator.sol#490) is not in mixedCase
Parameter OffchainAggregator.expectedMsgDataLength(bytes,bytes32[],bytes32[])._rs (OffchainAggregator.sol#490) is not in mixedCase
Parameter OffchainAggregator.expectedMsgDataLength(bytes,bytes32[],bytes32[])._ss (OffchainAggregator.sol#490) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._report (OffchainAggregator.sol#511) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._rs (OffchainAggregator.sol#512) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._ss (OffchainAggregator.sol#512) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._rawVs (OffchainAggregator.sol#512) is not in mixedCase
Parameter OffchainAggregator.getAnswer(uint256)._roundId (OffchainAggregator.sol#693) is not in mixedCase
Parameter OffchainAggregator.getTimestamp(uint256)._roundId (OffchainAggregator.sol#708) is not in mixedCase
Parameter OffchainAggregator.getRoundData(uint80)._roundId (OffchainAggregator.sol#759) is not in mixedCase
Constant OffchainAggregator.maxUint32 (OffchainAggregator.sol#19) is not in UPPER_CASE_WITH_UNDERSCORES
Variable OffchainAggregator.s_hotVars (OffchainAggregator.sol#39) is not in mixedCase
Variable OffchainAggregator.s_transmissions (OffchainAggregator.sol#47) is not in mixedCase
Variable OffchainAggregator.s_configCount (OffchainAggregator.sol#51) is not in mixedCase
Variable OffchainAggregator.s_latestConfigBlockNumber (OffchainAggregator.sol#52) is not in mixedCase
Variable OffchainAggregator.s_validator (OffchainAggregator.sol#268) is not in mixedCase
Variable OffchainAggregator.s_requesterAccessController (OffchainAggregator.sol#334) is not in mixedCase
Variable OffchainAggregator.s_description (OffchainAggregator.sol#735) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._maximumGasPrice (OffchainAggregatorBilling.sol#190) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._reasonableGasPrice (OffchainAggregatorBilling.sol#191) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._microLinkPerEth (OffchainAggregatorBilling.sol#192) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._linkGweiPerObservation (OffchainAggregatorBilling.sol#193) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._linkGweiPerTransmission (OffchainAggregatorBilling.sol#194) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._maximumGasPrice (OffchainAggregatorBilling.sol#214) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._reasonableGasPrice (OffchainAggregatorBilling.sol#215) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._microLinkPerEth (OffchainAggregatorBilling.sol#216) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._linkGweiPerObservation (OffchainAggregatorBilling.sol#217) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._linkGweiPerTransmission (OffchainAggregatorBilling.sol#218) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingAccessControllerInternal(AccessControllerInterface)._billingAccessController (OffchainAggregatorBilling.sol#266) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingAccessController(AccessControllerInterface)._billingAccessController (OffchainAggregatorBilling.sol#284) is not in mixedCase
Parameter OffchainAggregatorBilling.withdrawPayment(address)._transmitter (OffchainAggregatorBilling.sol#308) is not in mixedCase
Parameter OffchainAggregatorBilling.owedPayment(address)._transmitter (OffchainAggregatorBilling.sol#319) is not in mixedCase
Parameter OffchainAggregatorBilling.payOracle(address)._transmitter (OffchainAggregatorBilling.sol#344) is not in mixedCase
Parameter OffchainAggregatorBilling.withdrawFunds(address,uint256)._recipient (OffchainAggregatorBilling.sol#496) is not in mixedCase
Parameter OffchainAggregatorBilling.withdrawFunds(address,uint256)._amount (OffchainAggregatorBilling.sol#496) is not in mixedCase
Parameter OffchainAggregatorBilling.oracleObservationCount(address)._signerOrTransmitter (OffchainAggregatorBilling.sol#559) is not in mixedCase
Parameter OffchainAggregatorBilling.setPayees(address[],address[])._transmitters (OffchainAggregatorBilling.sol#660) is not in mixedCase
Parameter OffchainAggregatorBilling.setPayees(address[],address[])._payees (OffchainAggregatorBilling.sol#661) is not in mixedCase
Parameter OffchainAggregatorBilling.transferPayeeship(address,address)._transmitter (OffchainAggregatorBilling.sol#689) is not in mixedCase
Parameter OffchainAggregatorBilling.transferPayeeship(address,address)._proposed (OffchainAggregatorBilling.sol#690) is not in mixedCase
Parameter OffchainAggregatorBilling.acceptPayeeship(address)._transmitter (OffchainAggregatorBilling.sol#711) is not in mixedCase
Parameter OffchainAggregatorBilling.saturatingAddUint16(uint16,uint16)._x (OffchainAggregatorBilling.sol#728) is not in mixedCase
Parameter OffchainAggregatorBilling.saturatingAddUint16(uint16,uint16)._y (OffchainAggregatorBilling.sol#728) is not in mixedCase
Constant OffchainAggregatorBilling.maxNumOracles (OffchainAggregatorBilling.sol#45) is not in UPPER_CASE_WITH_UNDERSCORES
Variable OffchainAggregatorBilling.s_billing (OffchainAggregatorBilling.sol#66) is not in mixedCase
Variable OffchainAggregatorBilling.LINK (OffchainAggregatorBilling.sol#71) is not in mixedCase
Variable OffchainAggregatorBilling.s_billingAccessController (OffchainAggregatorBilling.sol#73) is not in mixedCase
Variable OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84) is not in mixedCase
Variable OffchainAggregatorBilling.s_payees (OffchainAggregatorBilling.sol#87-89) is not in mixedCase
Variable OffchainAggregatorBilling.s_proposedPayees (OffchainAggregatorBilling.sol#92-94) is not in mixedCase
Variable OffchainAggregatorBilling.s_gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#114) is not in mixedCase
Variable OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) is not in mixedCase
Variable OffchainAggregatorBilling.s_signers (OffchainAggregatorBilling.sol#139) is not in mixedCase
Variable OffchainAggregatorBilling.s_transmitters (OffchainAggregatorBilling.sol#143) is not in mixedCase
Constant OffchainAggregatorBilling.maxUint16 (OffchainAggregatorBilling.sol#145) is not in UPPER_CASE_WITH_UNDERSCORES
Constant OffchainAggregatorBilling.maxUint128 (OffchainAggregatorBilling.sol#146) is not in UPPER_CASE_WITH_UNDERSCORES
Constant OffchainAggregatorBilling.accountingGasCost (OffchainAggregatorBilling.sol#435) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter Owned.transferOwnership(address)._to (Owned.sol#30) is not in mixedCase
Parameter SimpleReadAccessController.hasAccess(address,bytes)._user (SimpleReadAccessController.sol#24) is not in mixedCase
Parameter SimpleReadAccessController.hasAccess(address,bytes)._calldata (SimpleReadAccessController.sol#25) is not in mixedCase
Parameter SimpleWriteAccessController.hasAccess(address,bytes)._user (SimpleWriteAccessController.sol#34) is not in mixedCase
Parameter SimpleWriteAccessController.addAccess(address)._user (SimpleWriteAccessController.sol#50) is not in mixedCase
Parameter SimpleWriteAccessController.addAccessInternal(address)._user (SimpleWriteAccessController.sol#54) is not in mixedCase
Parameter SimpleWriteAccessController.removeAccess(address)._user (SimpleWriteAccessController.sol#65) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Variable OffchainAggregatorBilling.transferPayeeship(address,address)._transmitter (OffchainAggregatorBilling.sol#689) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.owedPayment(address)._transmitter (OffchainAggregatorBilling.sol#319) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.acceptPayeeship(address)._transmitter (OffchainAggregatorBilling.sol#711) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.withdrawPayment(address)._transmitter (OffchainAggregatorBilling.sol#308) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.payOracle(address)._transmitter (OffchainAggregatorBilling.sol#344) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.transferPayeeship(address,address)._transmitter (OffchainAggregatorBilling.sol#689) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.owedPayment(address)._transmitter (OffchainAggregatorBilling.sol#319) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.withdrawPayment(address)._transmitter (OffchainAggregatorBilling.sol#308) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.acceptPayeeship(address)._transmitter (OffchainAggregatorBilling.sol#711) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.payOracle(address)._transmitter (OffchainAggregatorBilling.sol#344) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#variable-names-too-similar
INFO:Slither:0x785433d8b06D77D68dF6be63944742130A4530d1 analyzed (12 contracts with 79 detectors), 120 result(s) found
Slither report for InitializableImmutableAdminUpgradeabilityProxy at `0x7937D4799803FbBe595ed57278Bc4cA21f3bFfCB` with implementation LendingPool at `0xaACA8859EFD9643B98C042691DA60b217C9CdD64`
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
BaseImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#19) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
InitializableImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol#15) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseImmutableAdminUpgradeabilityProxy.ifAdmin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#23-29) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
Address.isContract(address) (contracts/dependencies/openzeppelin/contracts/Address.sol#25-36) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/contracts/Address.sol#32-34)
BaseUpgradeabilityProxy._implementation() (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#32-38) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#35-37)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#53-65) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#62-64)
Proxy._delegate(address) (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#31-55) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#33-54)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60):
- (success) = recipient.call{value: amount}() (contracts/dependencies/openzeppelin/contracts/Address.sol#58)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Low level call in BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63-71):
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable BaseImmutableAdminUpgradeabilityProxy.ADMIN (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#17) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x7937D4799803FbBe595ed57278Bc4cA21f3bFfCB analyzed (6 contracts with 79 detectors), 17 result(s) found
Slither report for InitializableAdminUpgradeabilityProxy at `0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9` with implementation unknown contract name at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`
Warning: contracts/open-zeppelin/Address.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/Proxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/SafeMath.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/UpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol:13:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, InitializableUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/utils/MockTransferHook.sol:9:25: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^----------^
Warning: contracts/utils/MockTransferHook.sol:9:39: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^--------^
Warning: contracts/utils/MockTransferHook.sol:9:51: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^------------^
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68) ignores return value by LEND.transferFrom(msg.sender,address(this),amount) (contracts/token/LendToAaveMigrator.sol#65)
LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68) ignores return value by AAVE.transfer(msg.sender,amount.div(LEND_AAVE_RATIO)) (contracts/token/LendToAaveMigrator.sol#66)
DoubleTransferHelper.doubleSend(address,uint256,uint256) (contracts/utils/DoubleTransferHelper.sol#14-17) ignores return value by AAVE.transfer(to,amount1) (contracts/utils/DoubleTransferHelper.sol#15)
DoubleTransferHelper.doubleSend(address,uint256,uint256) (contracts/utils/DoubleTransferHelper.sol#14-17) ignores return value by AAVE.transfer(to,amount2) (contracts/utils/DoubleTransferHelper.sol#16)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer
INFO:Detectors:
AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153) uses a dangerous strict equality:
- ownerCountOfSnapshots != 0 && snapshotsOwner[ownerCountOfSnapshots.sub(1)].blockNumber == currentBlock (contracts/token/AaveToken.sol#145)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
Reentrancy in AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85):
External calls:
- _mint(migrator,MIGRATION_AMOUNT) (contracts/token/AaveToken.sol#83)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
State variables written after the call(s):
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- _balances[account] = _balances[account].add(amount) (contracts/open-zeppelin/ERC20.sol#235)
ERC20._balances (contracts/open-zeppelin/ERC20.sol#38) can be used in cross function reentrancies:
- ERC20._mint(address,uint256) (contracts/open-zeppelin/ERC20.sol#229-237)
- ERC20._transfer(address,address,uint256) (contracts/open-zeppelin/ERC20.sol#209-218)
- ERC20.balanceOf(address) (contracts/open-zeppelin/ERC20.sol#105-107)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- _countsSnapshots[owner] = ownerCountOfSnapshots.add(1) (contracts/token/AaveToken.sol#149)
AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38) can be used in cross function reentrancies:
- AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38)
- AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- snapshotsOwner[ownerCountOfSnapshots.sub(1)].value = newValue (contracts/token/AaveToken.sol#146)
- snapshotsOwner[ownerCountOfSnapshots] = Snapshot(currentBlock,newValue) (contracts/token/AaveToken.sol#148)
AaveToken._snapshots (contracts/token/AaveToken.sol#36) can be used in cross function reentrancies:
- AaveToken._snapshots (contracts/token/AaveToken.sol#36)
- AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- _totalSupply = _totalSupply.add(amount) (contracts/open-zeppelin/ERC20.sol#234)
ERC20._totalSupply (contracts/open-zeppelin/ERC20.sol#42) can be used in cross function reentrancies:
- ERC20._mint(address,uint256) (contracts/open-zeppelin/ERC20.sol#229-237)
- ERC20.totalSupply() (contracts/open-zeppelin/ERC20.sol#98-100)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
ERC20.constructor(string,string).name (contracts/open-zeppelin/ERC20.sol#57) shadows:
- ERC20.name() (contracts/open-zeppelin/ERC20.sol#66-68) (function)
ERC20.constructor(string,string).symbol (contracts/open-zeppelin/ERC20.sol#57) shadows:
- ERC20.symbol() (contracts/open-zeppelin/ERC20.sol#74-76) (function)
InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._admin (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) shadows:
- BaseAdminUpgradeabilityProxy._admin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#94-99) (function)
MintableErc20.constructor(string,string,uint8).name (contracts/utils/MintableErc20.sol#11) shadows:
- ERC20.name() (contracts/open-zeppelin/ERC20.sol#66-68) (function)
MintableErc20.constructor(string,string,uint8).symbol (contracts/utils/MintableErc20.sol#11) shadows:
- ERC20.symbol() (contracts/open-zeppelin/ERC20.sol#74-76) (function)
MintableErc20.constructor(string,string,uint8).decimals (contracts/utils/MintableErc20.sol#11) shadows:
- ERC20.decimals() (contracts/open-zeppelin/ERC20.sol#91-93) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#85) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#87)
UpgradeabilityProxy.constructor(address,bytes)._logic (contracts/open-zeppelin/UpgradeabilityProxy.sol#19) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/UpgradeabilityProxy.sol#23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseAdminUpgradeabilityProxy.ifAdmin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#34-40) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
Reentrancy in AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85):
External calls:
- _mint(migrator,MIGRATION_AMOUNT) (contracts/token/AaveToken.sol#83)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
Event emitted after the call(s):
- SnapshotDone(owner,oldValue,newValue) (contracts/token/AaveToken.sol#152)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- Transfer(address(0),account,amount) (contracts/open-zeppelin/ERC20.sol#236)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
Reentrancy in LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68):
External calls:
- LEND.transferFrom(msg.sender,address(this),amount) (contracts/token/LendToAaveMigrator.sol#65)
- AAVE.transfer(msg.sender,amount.div(LEND_AAVE_RATIO)) (contracts/token/LendToAaveMigrator.sol#66)
Event emitted after the call(s):
- LendMigrated(msg.sender,amount) (contracts/token/LendToAaveMigrator.sol#67)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
AaveToken.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (contracts/token/AaveToken.sol#98-123) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,INVALID_EXPIRATION) (contracts/token/AaveToken.sol#109)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.isContract(address) (contracts/open-zeppelin/Address.sol#24-33) uses assembly
- INLINE ASM (contracts/open-zeppelin/Address.sol#31)
BaseAdminUpgradeabilityProxy._admin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#94-99) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#96-98)
BaseAdminUpgradeabilityProxy._setAdmin(address) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#105-111) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#108-110)
BaseUpgradeabilityProxy._implementation() (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#30-35) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#32-34)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#50-58) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#55-57)
Proxy._delegate(address) (contracts/open-zeppelin/Proxy.sol#30-49) uses assembly
- INLINE ASM (contracts/open-zeppelin/Proxy.sol#31-48)
AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85) uses assembly
- INLINE ASM (contracts/token/AaveToken.sol#68-70)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/open-zeppelin/Address.sol#51-57) is never used and should be removed
Context._msgData() (contracts/open-zeppelin/Context.sol#20-23) is never used and should be removed
ERC20._burn(address,uint256) (contracts/open-zeppelin/ERC20.sol#250-258) is never used and should be removed
SafeMath.mod(uint256,uint256) (contracts/open-zeppelin/SafeMath.sol#131-133) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (contracts/open-zeppelin/SafeMath.sol#146-149) is never used and should be removed
SafeMath.mul(uint256,uint256) (contracts/open-zeppelin/SafeMath.sol#71-83) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/open-zeppelin/Address.sol#51-57):
- (success) = recipient.call{value: amount}() (contracts/open-zeppelin/Address.sol#55)
Low level call in BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#85-89):
- (success) = newImplementation.delegatecall(data) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#87)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
Low level call in UpgradeabilityProxy.constructor(address,bytes) (contracts/open-zeppelin/UpgradeabilityProxy.sol#19-26):
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/UpgradeabilityProxy.sol#23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
DoubleTransferHelper (contracts/utils/DoubleTransferHelper.sol#6-19) should inherit from VersionedInitializable (contracts/utils/VersionedInitializable.sol#18-44)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-inheritance
INFO:Detectors:
Variable ERC20._name (contracts/open-zeppelin/ERC20.sol#44) is not in mixedCase
Variable ERC20._symbol (contracts/open-zeppelin/ERC20.sol#45) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._logic (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._admin (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._data (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable AaveToken._nonces (contracts/token/AaveToken.sol#34) is not in mixedCase
Variable AaveToken._snapshots (contracts/token/AaveToken.sol#36) is not in mixedCase
Variable AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38) is not in mixedCase
Variable AaveToken._aaveGovernance (contracts/token/AaveToken.sol#43) is not in mixedCase
Variable AaveToken.DOMAIN_SEPARATOR (contracts/token/AaveToken.sol#45) is not in mixedCase
Variable LendToAaveMigrator.AAVE (contracts/token/LendToAaveMigrator.sol#17) is not in mixedCase
Variable LendToAaveMigrator.LEND (contracts/token/LendToAaveMigrator.sol#18) is not in mixedCase
Variable LendToAaveMigrator.LEND_AAVE_RATIO (contracts/token/LendToAaveMigrator.sol#19) is not in mixedCase
Variable LendToAaveMigrator._totalLendMigrated (contracts/token/LendToAaveMigrator.sol#22) is not in mixedCase
Variable DoubleTransferHelper.AAVE (contracts/utils/DoubleTransferHelper.sol#8) is not in mixedCase
Variable VersionedInitializable.______gap (contracts/utils/VersionedInitializable.sol#43) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (contracts/open-zeppelin/Context.sol#21)" inContext (contracts/open-zeppelin/Context.sol#15-25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Slither:0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9 analyzed (19 contracts with 79 detectors), 57 result(s) found
Slither report for EthRobotKeeper at `0x943AcD0c93d7a8Bee7dA5Fd0DC3d0028237074d6`
Traceback (most recent call last):
File "/home/runner/.local/lib/python3.10/site-packages/slither/__main__.py", line 837, in main_impl
) = process_all(filename, args, detector_classes, printer_classes)
File "/home/runner/.local/lib/python3.10/site-packages/slither/__main__.py", line 90, in process_all
compilations = compile_all(target, **vars(args))
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/crytic_compile.py", line 643, in compile_all
compilations.append(CryticCompile(target, **kwargs))
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/crytic_compile.py", line 131, in __init__
self._compile(**kwargs)
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/crytic_compile.py", line 553, in _compile
self._platform.compile(self, **kwargs)
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/platform/etherscan.py", line 362, in compile
solc_standard_json.standalone_compile(filenames, compilation_unit, working_dir=working_dir)
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/platform/solc_standard_json.py", line 66, in standalone_compile
targets_json = run_solc_standard_json(
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/platform/solc_standard_json.py", line 181, in run_solc_standard_json
raise InvalidCompilation(solc_exception_str)
crytic_compile.platform.exceptions.InvalidCompilation: ParserError: ParserError: Source "aave-address-book/AaveGovernanceV2.sol" not found: File not found. Searched the following locations: "".
--> src/contracts/EthRobotKeeper.sol:4:1:
|
4 | import {IAaveGovernanceV2} from 'aave-address-book/AaveGovernanceV2.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "solidity-utils/contracts/oz-common/Ownable.sol" not found: File not found. Searched the following locations: "".
--> src/contracts/EthRobotKeeper.sol:7:1:
|
7 | import {Ownable} from 'solidity-utils/contracts/oz-common/Ownable.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "chainlink-brownie-contracts/interfaces/AutomationCompatibleInterface.sol" not found: File not found. Searched the following locations: "".
--> src/interfaces/IGovernanceRobotKeeper.sol:4:1:
|
4 | import {AutomationCompatibleInterface} from 'chainlink-brownie-contracts/interfaces/AutomationCompatibleInterface.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "aave-address-book/AaveGovernanceV2.sol" not found: File not found. Searched the following locations: "".
--> src/interfaces/IProposalValidator.sol:5:1:
|
5 | import {IAaveGovernanceV2} from 'aave-address-book/AaveGovernanceV2.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ERROR:root:Error in 0x943AcD0c93d7a8Bee7dA5Fd0DC3d0028237074d6
ERROR:root:Traceback (most recent call last):
File "/home/runner/.local/lib/python3.10/site-packages/slither/__main__.py", line 837, in main_impl
) = process_all(filename, args, detector_classes, printer_classes)
File "/home/runner/.local/lib/python3.10/site-packages/slither/__main__.py", line 90, in process_all
compilations = compile_all(target, **vars(args))
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/crytic_compile.py", line 643, in compile_all
compilations.append(CryticCompile(target, **kwargs))
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/crytic_compile.py", line 131, in __init__
self._compile(**kwargs)
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/crytic_compile.py", line 553, in _compile
self._platform.compile(self, **kwargs)
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/platform/etherscan.py", line 362, in compile
solc_standard_json.standalone_compile(filenames, compilation_unit, working_dir=working_dir)
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/platform/solc_standard_json.py", line 66, in standalone_compile
targets_json = run_solc_standard_json(
File "/home/runner/.local/lib/python3.10/site-packages/crytic_compile/platform/solc_standard_json.py", line 181, in run_solc_standard_json
raise InvalidCompilation(solc_exception_str)
crytic_compile.platform.exceptions.InvalidCompilation: ParserError: ParserError: Source "aave-address-book/AaveGovernanceV2.sol" not found: File not found. Searched the following locations: "".
--> src/contracts/EthRobotKeeper.sol:4:1:
|
4 | import {IAaveGovernanceV2} from 'aave-address-book/AaveGovernanceV2.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "solidity-utils/contracts/oz-common/Ownable.sol" not found: File not found. Searched the following locations: "".
--> src/contracts/EthRobotKeeper.sol:7:1:
|
7 | import {Ownable} from 'solidity-utils/contracts/oz-common/Ownable.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "chainlink-brownie-contracts/interfaces/AutomationCompatibleInterface.sol" not found: File not found. Searched the following locations: "".
--> src/interfaces/IGovernanceRobotKeeper.sol:4:1:
|
4 | import {AutomationCompatibleInterface} from 'chainlink-brownie-contracts/interfaces/AutomationCompatibleInterface.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ParserError: ParserError: Source "aave-address-book/AaveGovernanceV2.sol" not found: File not found. Searched the following locations: "".
--> src/interfaces/IProposalValidator.sol:5:1:
|
5 | import {IAaveGovernanceV2} from 'aave-address-book/AaveGovernanceV2.sol';
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Slither report for LendingPool at `0xaACA8859EFD9643B98C042691DA60b217C9CdD64`
Warning: contracts/protocol/lendingpool/LendingPoolConfigurator.sol:70:25: Warning: This declaration shadows an existing declaration.
function _initReserve(ILendingPool pool, InitReserveInput calldata input) internal {
^---------------^
contracts/protocol/lendingpool/LendingPoolConfigurator.sol:34:3: The shadowed declaration is here:
ILendingPool internal pool;
^------------------------^
Warning: contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol:14:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/dependencies/openzeppelin/upgradeability/AdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract AdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, UpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
LendingPool.flashLoan(address,address[],uint256[],uint256[],address,bytes,uint16) (contracts/protocol/lendingpool/LendingPool.sol#483-564) uses arbitrary from in transferFrom: IERC20(vars.currentAsset).safeTransferFrom(receiverAddress,vars.currentATokenAddress,vars.currentAmountPlusPremium) (contracts/protocol/lendingpool/LendingPool.sol#534-538)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#arbitrary-from-in-transferfrom
INFO:Detectors:
BaseUniswapAdapter._pullAToken(address,address,address,uint256,IBaseUniswapAdapter.PermitSignature) (contracts/adapters/BaseUniswapAdapter.sol#275-299) uses arbitrary from in transferFrom in combination with permit: IERC20(reserveAToken).safeTransferFrom(user,address(this),amount) (contracts/adapters/BaseUniswapAdapter.sol#295)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#arbitrary-from-in-transferfrom-used-with-permit
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
IERC20 is re-used:
- IERC20 (@openzeppelin/contracts/token/ERC20/IERC20.sol#8-77)
- IERC20 (contracts/dependencies/openzeppelin/contracts/IERC20.sol#7-80)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#name-reused
INFO:Detectors:
BaseUniswapAdapter.rescueTokens(IERC20) (contracts/adapters/BaseUniswapAdapter.sol#563-565) ignores return value by token.transfer(owner(),token.balanceOf(address(this))) (contracts/adapters/BaseUniswapAdapter.sol#564)
FlashLiquidationAdapter._liquidateAndSwap(address,address,address,uint256,bool,uint256,uint256,address) (contracts/adapters/FlashLiquidationAdapter.sol#102-161) ignores return value by IERC20(collateralAsset).transfer(initiator,vars.remainingTokens) (contracts/adapters/FlashLiquidationAdapter.sol#159)
WETHGateway.withdrawETH(address,uint256,address) (contracts/misc/WETHGateway.sol#56-73) ignores return value by aWETH.transferFrom(msg.sender,address(this),amountToWithdraw) (contracts/misc/WETHGateway.sol#69)
WETHGateway.emergencyTokenTransfer(address,address,uint256) (contracts/misc/WETHGateway.sol#151-157) ignores return value by IERC20(token).transfer(to,amount) (contracts/misc/WETHGateway.sol#156)
MockUniswapV2Router02.swapExactTokensForTokens(uint256,uint256,address[],address,uint256) (contracts/mocks/swap/MockUniswapV2Router02.sol#23-38) ignores return value by IERC20(path[0]).transferFrom(msg.sender,address(this),amountIn) (contracts/mocks/swap/MockUniswapV2Router02.sol#30)
MockUniswapV2Router02.swapExactTokensForTokens(uint256,uint256,address[],address,uint256) (contracts/mocks/swap/MockUniswapV2Router02.sol#23-38) ignores return value by IERC20(path[1]).transfer(to,_amountToReturn[path[0]]) (contracts/mocks/swap/MockUniswapV2Router02.sol#33)
MockUniswapV2Router02.swapTokensForExactTokens(uint256,uint256,address[],address,uint256) (contracts/mocks/swap/MockUniswapV2Router02.sol#40-55) ignores return value by IERC20(path[0]).transferFrom(msg.sender,address(this),_amountToSwap[path[0]]) (contracts/mocks/swap/MockUniswapV2Router02.sol#47)
MockUniswapV2Router02.swapTokensForExactTokens(uint256,uint256,address[],address,uint256) (contracts/mocks/swap/MockUniswapV2Router02.sol#40-55) ignores return value by IERC20(path[1]).transfer(to,amountOut) (contracts/mocks/swap/MockUniswapV2Router02.sol#50)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer
INFO:Detectors:
LendingPoolStorage._addressesProvider (contracts/protocol/lendingpool/LendingPoolStorage.sol#15) is never initialized. It is used in:
- LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245)
- LendingPoolCollateralManager._calculateAvailableCollateralToLiquidate(DataTypes.ReserveData,DataTypes.ReserveData,address,address,uint256,uint256) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#272-316)
LendingPoolStorage._usersConfig (contracts/protocol/lendingpool/LendingPoolStorage.sol#18) is never initialized. It is used in:
- LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245)
LendingPoolStorage._reservesCount (contracts/protocol/lendingpool/LendingPoolStorage.sol#23) is never initialized. It is used in:
- LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables
INFO:Detectors:
BaseUniswapAdapter._getAmountsInData(address,address,uint256).path_scope_0 (contracts/adapters/BaseUniswapAdapter.sol#455) is a storage variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-storage-variables
INFO:Detectors:
LendingPool (contracts/protocol/lendingpool/LendingPool.sol#46-946) is an upgradeable contract that does not protect its initialize functions: LendingPool.initialize(ILendingPoolAddressesProvider) (contracts/protocol/lendingpool/LendingPool.sol#86-91). Anyone can delete the contract with: LendingPool.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPool.sol#425-452)Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unprotected-upgradeable-contract
INFO:Detectors:
BaseUniswapAdapter._calcUsdValue(address,uint256,uint256) (contracts/adapters/BaseUniswapAdapter.sol#319-328) performs a multiplication on the result of a division:
- amount.mul(reservePrice).div(10 ** decimals).mul(ethUsdPrice).div(10 ** 18) (contracts/adapters/BaseUniswapAdapter.sol#327)
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#150-233) performs a multiplication on the result of a division:
- liquidityBalanceETH = vars.reserveUnitPrice.mul(vars.compoundedLiquidityBalance).div(vars.tokenUnit) (contracts/protocol/libraries/logic/GenericLogic.sol#191-192)
- vars.avgLtv = vars.avgLtv.add(liquidityBalanceETH.mul(vars.ltv)) (contracts/protocol/libraries/logic/GenericLogic.sol#196)
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#150-233) performs a multiplication on the result of a division:
- liquidityBalanceETH = vars.reserveUnitPrice.mul(vars.compoundedLiquidityBalance).div(vars.tokenUnit) (contracts/protocol/libraries/logic/GenericLogic.sol#191-192)
- vars.avgLiquidationThreshold = vars.avgLiquidationThreshold.add(liquidityBalanceETH.mul(vars.liquidationThreshold)) (contracts/protocol/libraries/logic/GenericLogic.sol#197-199)
MathUtils.calculateCompoundedInterest(uint256,uint40,uint256) (contracts/protocol/libraries/math/MathUtils.sol#45-70) performs a multiplication on the result of a division:
- ratePerSecond = rate / SECONDS_PER_YEAR (contracts/protocol/libraries/math/MathUtils.sol#61)
- WadRayMath.ray().add(ratePerSecond.mul(exp)).add(secondTerm).add(thirdTerm) (contracts/protocol/libraries/math/MathUtils.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
INFO:Detectors:
MathUtils.calculateCompoundedInterest(uint256,uint40,uint256) (contracts/protocol/libraries/math/MathUtils.sol#45-70) uses a dangerous strict equality:
- exp == 0 (contracts/protocol/libraries/math/MathUtils.sol#53)
GenericLogic.calculateHealthFactorFromBalances(uint256,uint256,uint256) (contracts/protocol/libraries/logic/GenericLogic.sol#242-250) uses a dangerous strict equality:
- totalDebtInETH == 0 (contracts/protocol/libraries/logic/GenericLogic.sol#247)
LendingPool.withdraw(address,uint256,address) (contracts/protocol/lendingpool/LendingPool.sol#142-184) uses a dangerous strict equality:
- amountToWithdraw == userBalance (contracts/protocol/lendingpool/LendingPool.sol#174)
LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245) uses a dangerous strict equality:
- vars.liquidatorPreviousATokenBalance == 0 (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#197)
LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245) uses a dangerous strict equality:
- vars.maxCollateralToLiquidate == vars.userCollateralBalance (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#222)
LendingPoolConfigurator._checkNoLiquidity(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#477-486) uses a dangerous strict equality:
- require(bool,string)(availableLiquidity == 0 && reserveData.currentLiquidityRate == 0,Errors.LPC_RESERVE_LIQUIDITY_NOT_0) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#482-485)
GenericLogic.balanceDecreaseAllowed(address,address,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#55-116) uses a dangerous strict equality:
- vars.liquidationThreshold == 0 (contracts/protocol/libraries/logic/GenericLogic.sol#75)
GenericLogic.balanceDecreaseAllowed(address,address,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#55-116) uses a dangerous strict equality:
- vars.totalDebtInETH == 0 (contracts/protocol/libraries/logic/GenericLogic.sol#87)
GenericLogic.balanceDecreaseAllowed(address,address,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#55-116) uses a dangerous strict equality:
- vars.collateralBalanceAfterDecrease == 0 (contracts/protocol/libraries/logic/GenericLogic.sol#98)
ReserveLogic.getNormalizedDebt(DataTypes.ReserveData) (contracts/protocol/libraries/logic/ReserveLogic.sol#85-104) uses a dangerous strict equality:
- timestamp == uint40(block.timestamp) (contracts/protocol/libraries/logic/ReserveLogic.sol#93)
ReserveLogic.getNormalizedIncome(DataTypes.ReserveData) (contracts/protocol/libraries/logic/ReserveLogic.sol#57-76) uses a dangerous strict equality:
- timestamp == uint40(block.timestamp) (contracts/protocol/libraries/logic/ReserveLogic.sol#65)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
Reentrancy in LendingPoolAddressesProvider._updateImpl(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#194-209):
External calls:
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
State variables written after the call(s):
- _addresses[id] = address(proxy) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#204)
LendingPoolAddressesProvider._addresses (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#21) can be used in cross function reentrancies:
- LendingPoolAddressesProvider._updateImpl(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#194-209)
- LendingPoolAddressesProvider.getAddress(bytes32) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#84-86)
- LendingPoolAddressesProvider.setAddress(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#75-78)
- LendingPoolAddressesProvider.setEmergencyAdmin(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#162-165)
- LendingPoolAddressesProvider.setLendingPoolCollateralManager(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#139-142)
- LendingPoolAddressesProvider.setLendingRateOracle(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#180-183)
- LendingPoolAddressesProvider.setPoolAdmin(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#153-156)
- LendingPoolAddressesProvider.setPriceOracle(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#171-174)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
DefaultReserveInterestRateStrategy.calculateInterestRates(address,uint256,uint256,uint256,uint256,uint256).vars (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#183) is a local variable never initialized
LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool).vars (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#92) is a local variable never initialized
ValidationLogic.validateBorrow(address,DataTypes.ReserveData,address,uint256,uint256,uint256,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address).vars (contracts/protocol/libraries/logic/ValidationLogic.sol#134) is a local variable never initialized
BaseUniswapAdapter._getAmountsOutData(address,address,uint256).resultsWithWeth (contracts/adapters/BaseUniswapAdapter.sol#378) is a local variable never initialized
UniswapLiquiditySwapAdapter._swapLiquidity(address,address,uint256,uint256,address,uint256,bool,IBaseUniswapAdapter.PermitSignature,bool).vars (contracts/adapters/UniswapLiquiditySwapAdapter.sol#211) is a local variable never initialized
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address).vars (contracts/protocol/libraries/logic/GenericLogic.sol#168) is a local variable never initialized
LendingPoolCollateralManager._calculateAvailableCollateralToLiquidate(DataTypes.ReserveData,DataTypes.ReserveData,address,address,uint256,uint256).vars (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#284) is a local variable never initialized
BaseUniswapAdapter._getAmountsInAndPath(address,address,uint256).resultAmounts (contracts/adapters/BaseUniswapAdapter.sol#516) is a local variable never initialized
BaseUniswapAdapter._getAmountsOutData(address,address,uint256).amountsWithWeth (contracts/adapters/BaseUniswapAdapter.sol#369) is a local variable never initialized
ReserveLogic._mintToTreasury(DataTypes.ReserveData,uint256,uint256,uint256,uint256,uint40).vars (contracts/protocol/libraries/logic/ReserveLogic.sol#282) is a local variable never initialized
StableDebtToken.mint(address,address,uint256,uint256).vars (contracts/protocol/tokenization/StableDebtToken.sol#142) is a local variable never initialized
FlashLiquidationAdapter._liquidateAndSwap(address,address,address,uint256,bool,uint256,uint256,address).vars (contracts/adapters/FlashLiquidationAdapter.sol#112) is a local variable never initialized
BaseUniswapAdapter._getAmountsInAndPath(address,address,uint256).resultsWithWeth (contracts/adapters/BaseUniswapAdapter.sol#505) is a local variable never initialized
BaseUniswapAdapter._getAmountsOutData(address,address,uint256).resultAmounts (contracts/adapters/BaseUniswapAdapter.sol#390) is a local variable never initialized
LendingPool.flashLoan(address,address[],uint256[],uint256[],address,bytes,uint16).vars (contracts/protocol/lendingpool/LendingPool.sol#492) is a local variable never initialized
BaseUniswapAdapter._getAmountsInAndPath(address,address,uint256).amountsWithWeth (contracts/adapters/BaseUniswapAdapter.sol#496) is a local variable never initialized
GenericLogic.balanceDecreaseAllowed(address,address,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address).vars (contracts/protocol/libraries/logic/GenericLogic.sol#69) is a local variable never initialized
UniswapLiquiditySwapAdapter.swapAndDeposit(address[],address[],uint256[],uint256[],IBaseUniswapAdapter.PermitSignature[],bool[]).vars (contracts/adapters/UniswapLiquiditySwapAdapter.sol#146) is a local variable never initialized
ReserveLogic.updateInterestRates(DataTypes.ReserveData,address,address,uint256,uint256).vars (contracts/protocol/libraries/logic/ReserveLogic.sol#205) is a local variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Detectors:
BaseUniswapAdapter._pullAToken(address,address,address,uint256,IBaseUniswapAdapter.PermitSignature) (contracts/adapters/BaseUniswapAdapter.sol#275-299) ignores return value by LENDING_POOL.withdraw(reserve,amount,address(this)) (contracts/adapters/BaseUniswapAdapter.sol#298)
BaseUniswapAdapter._getAmountsOutData(address,address,uint256) (contracts/adapters/BaseUniswapAdapter.sol#341-420) ignores return value by UNISWAP_ROUTER.getAmountsOut(finalAmountIn,pathWithWeth) (contracts/adapters/BaseUniswapAdapter.sol#377-383)
BaseUniswapAdapter._getAmountsOutData(address,address,uint256) (contracts/adapters/BaseUniswapAdapter.sol#341-420) ignores return value by UNISWAP_ROUTER.getAmountsOut(finalAmountIn,simplePath) (contracts/adapters/BaseUniswapAdapter.sol#389-400)
BaseUniswapAdapter._getAmountsInAndPath(address,address,uint256) (contracts/adapters/BaseUniswapAdapter.sol#486-527) ignores return value by UNISWAP_ROUTER.getAmountsIn(amountOut,pathWithWeth) (contracts/adapters/BaseUniswapAdapter.sol#504-510)
BaseUniswapAdapter._getAmountsInAndPath(address,address,uint256) (contracts/adapters/BaseUniswapAdapter.sol#486-527) ignores return value by UNISWAP_ROUTER.getAmountsIn(amountOut,simplePath) (contracts/adapters/BaseUniswapAdapter.sol#515-526)
FlashLiquidationAdapter._liquidateAndSwap(address,address,address,uint256,bool,uint256,uint256,address) (contracts/adapters/FlashLiquidationAdapter.sol#102-161) ignores return value by IERC20(borrowedAsset).approve(address(LENDING_POOL),debtToCover) (contracts/adapters/FlashLiquidationAdapter.sol#123)
FlashLiquidationAdapter._liquidateAndSwap(address,address,address,uint256,bool,uint256,uint256,address) (contracts/adapters/FlashLiquidationAdapter.sol#102-161) ignores return value by IERC20(borrowedAsset).approve(address(LENDING_POOL),vars.flashLoanDebt) (contracts/adapters/FlashLiquidationAdapter.sol#155)
UniswapRepayAdapter.swapAndRepay(address,address,uint256,uint256,uint256,IBaseUniswapAdapter.PermitSignature,bool) (contracts/adapters/UniswapRepayAdapter.sol#91-148) ignores return value by LENDING_POOL.repay(debtAsset,amountToRepay,debtRateMode,msg.sender) (contracts/adapters/UniswapRepayAdapter.sol#147)
UniswapRepayAdapter._swapAndRepay(address,address,uint256,uint256,uint256,address,uint256,IBaseUniswapAdapter.PermitSignature,bool) (contracts/adapters/UniswapRepayAdapter.sol#162-224) ignores return value by LENDING_POOL.repay(debtAsset,amount,rateMode,initiator) (contracts/adapters/UniswapRepayAdapter.sol#179)
WETHGateway.authorizeLendingPool(address) (contracts/misc/WETHGateway.sol#30-32) ignores return value by WETH.approve(lendingPool,uint256(- 1)) (contracts/misc/WETHGateway.sol#31)
WETHGateway.withdrawETH(address,uint256,address) (contracts/misc/WETHGateway.sol#56-73) ignores return value by ILendingPool(lendingPool).withdraw(address(WETH),amountToWithdraw,address(this)) (contracts/misc/WETHGateway.sol#70)
WETHGateway.repayETH(address,uint256,uint256,address) (contracts/misc/WETHGateway.sol#82-108) ignores return value by ILendingPool(lendingPool).repay(address(WETH),msg.value,rateMode,onBehalfOf) (contracts/misc/WETHGateway.sol#104)
MockFlashLoanReceiver.executeOperation(address[],uint256[],uint256[],address,bytes) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#46-83) ignores return value by token.mint(premiums[i]) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#75)
MockFlashLoanReceiver.executeOperation(address[],uint256[],uint256[],address,bytes) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#46-83) ignores return value by IERC20(assets[i]).approve(address(LENDING_POOL),amountToReturn) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#77)
MockUniswapV2Router02.swapExactTokensForTokens(uint256,uint256,address[],address,uint256) (contracts/mocks/swap/MockUniswapV2Router02.sol#23-38) ignores return value by MintableERC20(path[1]).mint(_amountToReturn[path[0]]) (contracts/mocks/swap/MockUniswapV2Router02.sol#32)
MockUniswapV2Router02.swapTokensForExactTokens(uint256,uint256,address[],address,uint256) (contracts/mocks/swap/MockUniswapV2Router02.sol#40-55) ignores return value by MintableERC20(path[1]).mint(amountOut) (contracts/mocks/swap/MockUniswapV2Router02.sol#49)
LendingPool.swapBorrowRateMode(address,uint256) (contracts/protocol/lendingpool/LendingPool.sol#297-339) ignores return value by IVariableDebtToken(reserve.variableDebtTokenAddress).mint(msg.sender,msg.sender,stableDebt,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#316-321)
LendingPool.swapBorrowRateMode(address,uint256) (contracts/protocol/lendingpool/LendingPool.sol#297-339) ignores return value by IStableDebtToken(reserve.stableDebtTokenAddress).mint(msg.sender,msg.sender,variableDebt,reserve.currentStableBorrowRate) (contracts/protocol/lendingpool/LendingPool.sol#328-333)
LendingPool.rebalanceStableBorrowRate(address,address) (contracts/protocol/lendingpool/LendingPool.sol#350-380) ignores return value by IStableDebtToken(address(stableDebtToken)).mint(user,user,stableDebt,reserve.currentStableBorrowRate) (contracts/protocol/lendingpool/LendingPool.sol#370-375)
LendingPool.flashLoan(address,address[],uint256[],uint256[],address,bytes,uint16) (contracts/protocol/lendingpool/LendingPool.sol#483-564) ignores return value by IAToken(aTokenAddresses[vars.i]).transferUnderlyingTo(receiverAddress,amounts[vars.i]) (contracts/protocol/lendingpool/LendingPool.sol#506)
LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930) ignores return value by IAToken(vars.aTokenAddress).transferUnderlyingTo(vars.user,vars.amount) (contracts/protocol/lendingpool/LendingPool.sol#916)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return
INFO:Detectors:
ERC20.constructor(string,string).name (contracts/dependencies/openzeppelin/contracts/ERC20.sol#57) shadows:
- ERC20.name() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#66-68) (function)
ERC20.constructor(string,string).symbol (contracts/dependencies/openzeppelin/contracts/ERC20.sol#57) shadows:
- ERC20.symbol() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#74-76) (function)
AdminUpgradeabilityProxy.constructor(address,address,bytes)._admin (contracts/dependencies/openzeppelin/upgradeability/AdminUpgradeabilityProxy.sol#23) shadows:
- BaseAdminUpgradeabilityProxy._admin() (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#99-105) (function)
InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes).admin (contracts/dependencies/openzeppelin/upgradeability/InitializableAdminUpgradeabilityProxy.sol#27) shadows:
- BaseAdminUpgradeabilityProxy.admin() (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#46-48) (function)
MockFlashLoanReceiver.setAmountToApprove(uint256).amountToApprove (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#30) shadows:
- MockFlashLoanReceiver.amountToApprove() (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#38-40) (function)
MintableDelegationERC20.constructor(string,string,uint8).name (contracts/mocks/tokens/MintableDelegationERC20.sol#14) shadows:
- ERC20.name() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#66-68) (function)
MintableDelegationERC20.constructor(string,string,uint8).symbol (contracts/mocks/tokens/MintableDelegationERC20.sol#15) shadows:
- ERC20.symbol() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#74-76) (function)
MintableDelegationERC20.constructor(string,string,uint8).decimals (contracts/mocks/tokens/MintableDelegationERC20.sol#16) shadows:
- ERC20.decimals() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#91-93) (function)
MintableERC20.constructor(string,string,uint8).name (contracts/mocks/tokens/MintableERC20.sol#12) shadows:
- ERC20.name() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#66-68) (function)
MintableERC20.constructor(string,string,uint8).symbol (contracts/mocks/tokens/MintableERC20.sol#13) shadows:
- ERC20.symbol() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#74-76) (function)
MintableERC20.constructor(string,string,uint8).decimals (contracts/mocks/tokens/MintableERC20.sol#14) shadows:
- ERC20.decimals() (contracts/dependencies/openzeppelin/contracts/ERC20.sol#91-93) (function)
DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).baseVariableBorrowRate (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#61) shadows:
- DefaultReserveInterestRateStrategy.baseVariableBorrowRate() (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#93-95) (function)
- IReserveInterestRateStrategy.baseVariableBorrowRate() (contracts/interfaces/IReserveInterestRateStrategy.sol#10) (function)
DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).variableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#62) shadows:
- DefaultReserveInterestRateStrategy.variableRateSlope1() (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#77-79) (function)
DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).variableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#63) shadows:
- DefaultReserveInterestRateStrategy.variableRateSlope2() (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#81-83) (function)
DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).stableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#64) shadows:
- DefaultReserveInterestRateStrategy.stableRateSlope1() (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#85-87) (function)
DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).stableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#65) shadows:
- DefaultReserveInterestRateStrategy.stableRateSlope2() (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#89-91) (function)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput).pool (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70) shadows:
- LendingPoolConfigurator.pool (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#34) (state variable)
BaseImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#19) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
InitializableImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol#15) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
IncentivizedERC20.constructor(string,string,uint8).name (contracts/protocol/tokenization/IncentivizedERC20.sol#27) shadows:
- IncentivizedERC20.name() (contracts/protocol/tokenization/IncentivizedERC20.sol#39-41) (function)
- IERC20Detailed.name() (contracts/dependencies/openzeppelin/contracts/IERC20Detailed.sol#7) (function)
IncentivizedERC20.constructor(string,string,uint8).symbol (contracts/protocol/tokenization/IncentivizedERC20.sol#28) shadows:
- IncentivizedERC20.symbol() (contracts/protocol/tokenization/IncentivizedERC20.sol#46-48) (function)
- IERC20Detailed.symbol() (contracts/dependencies/openzeppelin/contracts/IERC20Detailed.sol#9) (function)
IncentivizedERC20.constructor(string,string,uint8).decimals (contracts/protocol/tokenization/IncentivizedERC20.sol#29) shadows:
- IncentivizedERC20.decimals() (contracts/protocol/tokenization/IncentivizedERC20.sol#53-55) (function)
- IERC20Detailed.decimals() (contracts/dependencies/openzeppelin/contracts/IERC20Detailed.sol#11) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
UpgradeabilityProxy.constructor(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/UpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/UpgradeabilityProxy.sol#24)
BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#86) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#92)
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
ATokensAndRatesHelper.constructor(address,address,address)._pool (contracts/deployments/ATokensAndRatesHelper.sol#38) lacks a zero-check on :
- pool = _pool (contracts/deployments/ATokensAndRatesHelper.sol#42)
ATokensAndRatesHelper.constructor(address,address,address)._addressesProvider (contracts/deployments/ATokensAndRatesHelper.sol#39) lacks a zero-check on :
- addressesProvider = _addressesProvider (contracts/deployments/ATokensAndRatesHelper.sol#43)
ATokensAndRatesHelper.constructor(address,address,address)._poolConfigurator (contracts/deployments/ATokensAndRatesHelper.sol#40) lacks a zero-check on :
- poolConfigurator = _poolConfigurator (contracts/deployments/ATokensAndRatesHelper.sol#44)
StableAndVariableTokensHelper.constructor(address,address)._pool (contracts/deployments/StableAndVariableTokensHelper.sol#16) lacks a zero-check on :
- pool = _pool (contracts/deployments/StableAndVariableTokensHelper.sol#17)
StableAndVariableTokensHelper.constructor(address,address)._addressesProvider (contracts/deployments/StableAndVariableTokensHelper.sol#16) lacks a zero-check on :
- addressesProvider = _addressesProvider (contracts/deployments/StableAndVariableTokensHelper.sol#18)
AaveOracle.constructor(address[],address[],address,address).weth (contracts/misc/AaveOracle.sol#38) lacks a zero-check on :
- WETH = weth (contracts/misc/AaveOracle.sol#42)
MintableDelegationERC20.delegate(address).delegateeAddress (contracts/mocks/tokens/MintableDelegationERC20.sol#31) lacks a zero-check on :
- delegatee = delegateeAddress (contracts/mocks/tokens/MintableDelegationERC20.sol#32)
AToken.initialize(ILendingPool,address,address,IAaveIncentivesController,uint8,string,string,bytes).treasury (contracts/protocol/tokenization/AToken.sol#66) lacks a zero-check on :
- _treasury = treasury (contracts/protocol/tokenization/AToken.sol#96)
AToken.initialize(ILendingPool,address,address,IAaveIncentivesController,uint8,string,string,bytes).underlyingAsset (contracts/protocol/tokenization/AToken.sol#67) lacks a zero-check on :
- _underlyingAsset = underlyingAsset (contracts/protocol/tokenization/AToken.sol#97)
StableDebtToken.initialize(ILendingPool,address,IAaveIncentivesController,uint8,string,string,bytes).underlyingAsset (contracts/protocol/tokenization/StableDebtToken.sol#43) lacks a zero-check on :
- _underlyingAsset = underlyingAsset (contracts/protocol/tokenization/StableDebtToken.sol#55)
VariableDebtToken.initialize(ILendingPool,address,IAaveIncentivesController,uint8,string,string,bytes).underlyingAsset (contracts/protocol/tokenization/VariableDebtToken.sol#37) lacks a zero-check on :
- _underlyingAsset = underlyingAsset (contracts/protocol/tokenization/VariableDebtToken.sol#49)
LendingPool.liquidationCall(address,address,address,uint256,bool).user (contracts/protocol/lendingpool/LendingPool.sol#428) lacks a zero-check on :
- (success,result) = collateralManager.delegatecall(abi.encodeWithSignature(liquidationCall(address,address,address,uint256,bool),collateralAsset,debtAsset,user,debtToCover,receiveAToken)) (contracts/protocol/lendingpool/LendingPool.sol#435-445)
LendingPool.liquidationCall(address,address,address,uint256,bool).collateralAsset (contracts/protocol/lendingpool/LendingPool.sol#426) lacks a zero-check on :
- (success,result) = collateralManager.delegatecall(abi.encodeWithSignature(liquidationCall(address,address,address,uint256,bool),collateralAsset,debtAsset,user,debtToCover,receiveAToken)) (contracts/protocol/lendingpool/LendingPool.sol#435-445)
LendingPool.liquidationCall(address,address,address,uint256,bool).debtAsset (contracts/protocol/lendingpool/LendingPool.sol#427) lacks a zero-check on :
- (success,result) = collateralManager.delegatecall(abi.encodeWithSignature(liquidationCall(address,address,address,uint256,bool),collateralAsset,debtAsset,user,debtToCover,receiveAToken)) (contracts/protocol/lendingpool/LendingPool.sol#435-445)
BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseAdminUpgradeabilityProxy.ifAdmin() (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#35-41) does not always execute _; or revertModifier BaseImmutableAdminUpgradeabilityProxy.ifAdmin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#23-29) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
BaseUniswapAdapter._getReserveData(address) (contracts/adapters/BaseUniswapAdapter.sol#263-265) has external calls inside a loop: LENDING_POOL.getReserveData(asset) (contracts/adapters/BaseUniswapAdapter.sol#264)
UniswapLiquiditySwapAdapter._swapLiquidity(address,address,uint256,uint256,address,uint256,bool,IBaseUniswapAdapter.PermitSignature,bool) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#200-241) has external calls inside a loop: vars.aTokenInitiatorBalance = IERC20(vars.aToken).balanceOf(initiator) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#215)
BaseUniswapAdapter._getDecimals(address) (contracts/adapters/BaseUniswapAdapter.sol#255-257) has external calls inside a loop: IERC20Detailed(asset).decimals() (contracts/adapters/BaseUniswapAdapter.sol#256)
BaseUniswapAdapter._getPrice(address) (contracts/adapters/BaseUniswapAdapter.sol#247-249) has external calls inside a loop: ORACLE.getAssetPrice(asset) (contracts/adapters/BaseUniswapAdapter.sol#248)
BaseUniswapAdapter._swapExactTokensForTokens(address,address,uint256,uint256,bool) (contracts/adapters/BaseUniswapAdapter.sol#132-180) has external calls inside a loop: amounts = UNISWAP_ROUTER.swapExactTokensForTokens(amountToSwap,minAmountOut,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#168-175)
SafeERC20.safeApprove(IERC20,address,uint256) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#39-49) has external calls inside a loop: require(bool,string)((value == 0) || (token.allowance(address(this),spender) == 0),SafeERC20: approve from non-zero to non-zero allowance) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#44-47)
SafeERC20.callOptionalReturn(IERC20,bytes) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#51-63) has external calls inside a loop: (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
UniswapLiquiditySwapAdapter._swapLiquidity(address,address,uint256,uint256,address,uint256,bool,IBaseUniswapAdapter.PermitSignature,bool) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#200-241) has external calls inside a loop: LENDING_POOL.deposit(assetTo,vars.receivedAmount,initiator,0) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#231)
BaseUniswapAdapter._pullAToken(address,address,address,uint256,IBaseUniswapAdapter.PermitSignature) (contracts/adapters/BaseUniswapAdapter.sol#275-299) has external calls inside a loop: IERC20WithPermit(reserveAToken).permit(user,address(this),permitSignature.amount,permitSignature.deadline,permitSignature.v,permitSignature.r,permitSignature.s) (contracts/adapters/BaseUniswapAdapter.sol#283-291)
BaseUniswapAdapter._pullAToken(address,address,address,uint256,IBaseUniswapAdapter.PermitSignature) (contracts/adapters/BaseUniswapAdapter.sol#275-299) has external calls inside a loop: LENDING_POOL.withdraw(reserve,amount,address(this)) (contracts/adapters/BaseUniswapAdapter.sol#298)
UniswapLiquiditySwapAdapter.swapAndDeposit(address[],address[],uint256[],uint256[],IBaseUniswapAdapter.PermitSignature[],bool[]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#130-177) has external calls inside a loop: vars.aTokenInitiatorBalance = IERC20(vars.aToken).balanceOf(msg.sender) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#151)
UniswapLiquiditySwapAdapter.swapAndDeposit(address[],address[],uint256[],uint256[],IBaseUniswapAdapter.PermitSignature[],bool[]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#130-177) has external calls inside a loop: LENDING_POOL.deposit(assetToSwapToList[vars.i],vars.receivedAmount,msg.sender,0) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#175)
ATokensAndRatesHelper.configureReserves(ATokensAndRatesHelper.ConfigureReserveInput[]) (contracts/deployments/ATokensAndRatesHelper.sol#66-82) has external calls inside a loop: configurator.configureReserveAsCollateral(inputParams[i].asset,inputParams[i].baseLTV,inputParams[i].liquidationThreshold,inputParams[i].liquidationBonus) (contracts/deployments/ATokensAndRatesHelper.sol#69-74)
ATokensAndRatesHelper.configureReserves(ATokensAndRatesHelper.ConfigureReserveInput[]) (contracts/deployments/ATokensAndRatesHelper.sol#66-82) has external calls inside a loop: configurator.enableBorrowingOnReserve(inputParams[i].asset,inputParams[i].stableBorrowingEnabled) (contracts/deployments/ATokensAndRatesHelper.sol#76-79)
ATokensAndRatesHelper.configureReserves(ATokensAndRatesHelper.ConfigureReserveInput[]) (contracts/deployments/ATokensAndRatesHelper.sol#66-82) has external calls inside a loop: configurator.setReserveFactor(inputParams[i].asset,inputParams[i].reserveFactor) (contracts/deployments/ATokensAndRatesHelper.sol#80)
StableAndVariableTokensHelper.setOracleBorrowRates(address[],uint256[],address) (contracts/deployments/StableAndVariableTokensHelper.sol#29-40) has external calls inside a loop: LendingRateOracle(oracle).setMarketBorrowRate(assets[i],rates[i]) (contracts/deployments/StableAndVariableTokensHelper.sol#38)
AaveOracle.getAssetPrice(address) (contracts/misc/AaveOracle.sol#83-98) has external calls inside a loop: _fallbackOracle.getAssetPrice(asset) (contracts/misc/AaveOracle.sol#89)
AaveOracle.getAssetPrice(address) (contracts/misc/AaveOracle.sol#83-98) has external calls inside a loop: price = IChainlinkAggregator(source).latestAnswer() (contracts/misc/AaveOracle.sol#91)
AaveOracle.getAssetPrice(address) (contracts/misc/AaveOracle.sol#83-98) has external calls inside a loop: _fallbackOracle.getAssetPrice(asset) (contracts/misc/AaveOracle.sol#95)
AaveProtocolDataProvider.getAllReservesTokens() (contracts/misc/AaveProtocolDataProvider.sol#32-51) has external calls inside a loop: reservesTokens[i] = TokenData(IERC20Detailed(reserves[i]).symbol(),reserves[i]) (contracts/misc/AaveProtocolDataProvider.sol#45-48)
AaveProtocolDataProvider.getAllATokens() (contracts/misc/AaveProtocolDataProvider.sol#53-65) has external calls inside a loop: reserveData = pool.getReserveData(reserves[i]) (contracts/misc/AaveProtocolDataProvider.sol#58)
AaveProtocolDataProvider.getAllATokens() (contracts/misc/AaveProtocolDataProvider.sol#53-65) has external calls inside a loop: aTokens[i] = TokenData(IERC20Detailed(reserveData.aTokenAddress).symbol(),reserveData.aTokenAddress) (contracts/misc/AaveProtocolDataProvider.sol#59-62)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: baseData = lendingPool.getReserveData(reserveData.underlyingAsset) (contracts/misc/UiPoolDataProvider.sol#70-71)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: reserveData.priceInEth = oracle.getAssetPrice(reserveData.underlyingAsset) (contracts/misc/UiPoolDataProvider.sol#82)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: reserveData.availableLiquidity = IERC20Detailed(reserveData.underlyingAsset).balanceOf(reserveData.aTokenAddress) (contracts/misc/UiPoolDataProvider.sol#84-86)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: (reserveData.totalPrincipalStableDebt,None,reserveData.averageStableRate,reserveData.stableDebtLastUpdateTimestamp) = IStableDebtToken(reserveData.stableDebtTokenAddress).getSupplyData() (contracts/misc/UiPoolDataProvider.sol#87-92)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: reserveData.totalScaledVariableDebt = IVariableDebtToken(reserveData.variableDebtTokenAddress).scaledTotalSupply() (contracts/misc/UiPoolDataProvider.sol#93-94)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: reserveData.symbol = IERC20Detailed(reserveData.aTokenAddress).symbol() (contracts/misc/UiPoolDataProvider.sol#99)
UiPoolDataProvider.getInterestRateStrategySlopes(DefaultReserveInterestRateStrategy) (contracts/misc/UiPoolDataProvider.sol#28-44) has external calls inside a loop: (interestRateStrategy.variableRateSlope1(),interestRateStrategy.variableRateSlope2(),interestRateStrategy.stableRateSlope1(),interestRateStrategy.stableRateSlope2()) (contracts/misc/UiPoolDataProvider.sol#38-43)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: userReservesData[i].scaledATokenBalance = IAToken(reserveData.aTokenAddress).scaledBalanceOf(user) (contracts/misc/UiPoolDataProvider.sol#128-129)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: userReservesData[i].scaledVariableDebt = IVariableDebtToken(reserveData.variableDebtTokenAddress).scaledBalanceOf(user) (contracts/misc/UiPoolDataProvider.sol#133-137)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: userReservesData[i].principalStableDebt = IStableDebtToken(reserveData.stableDebtTokenAddress).principalBalanceOf(user) (contracts/misc/UiPoolDataProvider.sol#138-142)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: userReservesData[i].stableBorrowRate = IStableDebtToken(reserveData.stableDebtTokenAddress).getUserStableRate(user) (contracts/misc/UiPoolDataProvider.sol#144-148)
UiPoolDataProvider.getReservesData(ILendingPoolAddressesProvider,address) (contracts/misc/UiPoolDataProvider.sol#46-159) has external calls inside a loop: userReservesData[i].stableBorrowLastUpdateTimestamp = IStableDebtToken(reserveData.stableDebtTokenAddress).getUserLastUpdated(user) (contracts/misc/UiPoolDataProvider.sol#149-153)
WalletBalanceProvider.balanceOf(address,address) (contracts/misc/WalletBalanceProvider.sol#44-52) has external calls inside a loop: IERC20(token).balanceOf(user) (contracts/misc/WalletBalanceProvider.sol#49)
WalletBalanceProvider.getUserWalletBalances(address,address) (contracts/misc/WalletBalanceProvider.sol#79-110) has external calls inside a loop: configuration = pool.getConfiguration(reservesWithEth[j]) (contracts/misc/WalletBalanceProvider.sol#96-97)
MockFlashLoanReceiver.executeOperation(address[],uint256[],uint256[],address,bytes) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#46-83) has external calls inside a loop: require(bool,string)(amounts[i] <= IERC20(assets[i]).balanceOf(address(this)),Invalid balance for the contract) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#66-69)
MockFlashLoanReceiver.executeOperation(address[],uint256[],uint256[],address,bytes) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#46-83) has external calls inside a loop: token.mint(premiums[i]) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#75)
MockFlashLoanReceiver.executeOperation(address[],uint256[],uint256[],address,bytes) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#46-83) has external calls inside a loop: IERC20(assets[i]).approve(address(LENDING_POOL),amountToReturn) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#77)
LendingPool.flashLoan(address,address[],uint256[],uint256[],address,bytes,uint16) (contracts/protocol/lendingpool/LendingPool.sol#483-564) has external calls inside a loop: IAToken(aTokenAddresses[vars.i]).transferUnderlyingTo(receiverAddress,amounts[vars.i]) (contracts/protocol/lendingpool/LendingPool.sol#506)
LendingPool.flashLoan(address,address[],uint256[],uint256[],address,bytes,uint16) (contracts/protocol/lendingpool/LendingPool.sol#483-564) has external calls inside a loop: _reserves[vars.currentAsset].cumulateToLiquidityIndex(IERC20(vars.currentATokenAddress).totalSupply(),vars.currentPremium) (contracts/protocol/lendingpool/LendingPool.sol#523-526)
LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930) has external calls inside a loop: oracle = _addressesProvider.getPriceOracle() (contracts/protocol/lendingpool/LendingPool.sol#859)
LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930) has external calls inside a loop: amountInETH = IPriceOracleGetter(oracle).getAssetPrice(vars.asset).mul(vars.amount).div(10 ** reserve.configuration.getDecimals()) (contracts/protocol/lendingpool/LendingPool.sol#861-864)
LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930) has external calls inside a loop: isFirstBorrowing = IStableDebtToken(reserve.stableDebtTokenAddress).mint(vars.user,vars.onBehalfOf,vars.amount,currentStableRate) (contracts/protocol/lendingpool/LendingPool.sol#889-894)
LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930) has external calls inside a loop: IAToken(vars.aTokenAddress).transferUnderlyingTo(vars.user,vars.amount) (contracts/protocol/lendingpool/LendingPool.sol#916)
LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930) has external calls inside a loop: isFirstBorrowing = IVariableDebtToken(reserve.variableDebtTokenAddress).mint(vars.user,vars.onBehalfOf,vars.amount,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#896-901)
ReserveLogic.updateInterestRates(DataTypes.ReserveData,address,address,uint256,uint256) (contracts/protocol/libraries/logic/ReserveLogic.sol#198-249) has external calls inside a loop: vars.totalVariableDebt = IVariableDebtToken(reserve.variableDebtTokenAddress).scaledTotalSupply().rayMul(reserve.variableBorrowIndex) (contracts/protocol/libraries/logic/ReserveLogic.sol#215-217)
ReserveLogic.updateInterestRates(DataTypes.ReserveData,address,address,uint256,uint256) (contracts/protocol/libraries/logic/ReserveLogic.sol#198-249) has external calls inside a loop: (vars.newLiquidityRate,vars.newStableRate,vars.newVariableRate) = IReserveInterestRateStrategy(reserve.interestRateStrategyAddress).calculateInterestRates(reserveAddress,aTokenAddress,liquidityAdded,liquidityTaken,vars.totalStableDebt,vars.totalVariableDebt,vars.avgStableRate,reserve.configuration.getReserveFactor()) (contracts/protocol/libraries/logic/ReserveLogic.sol#219-232)
ReserveLogic._mintToTreasury(DataTypes.ReserveData,uint256,uint256,uint256,uint256,uint40) (contracts/protocol/libraries/logic/ReserveLogic.sol#274-325) has external calls inside a loop: IAToken(reserve.aTokenAddress).mintToTreasury(vars.amountToMint,newLiquidityIndex) (contracts/protocol/libraries/logic/ReserveLogic.sol#323)
ReserveLogic._mintToTreasury(DataTypes.ReserveData,uint256,uint256,uint256,uint256,uint40) (contracts/protocol/libraries/logic/ReserveLogic.sol#274-325) has external calls inside a loop: (vars.principalStableDebt,vars.currentStableDebt,vars.avgStableRate,vars.stableSupplyUpdatedTimestamp) = IStableDebtToken(reserve.stableDebtTokenAddress).getSupplyData() (contracts/protocol/libraries/logic/ReserveLogic.sol#291-296)
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#150-233) has external calls inside a loop: vars.reserveUnitPrice = IPriceOracleGetter(oracle).getAssetPrice(vars.currentReserveAddress) (contracts/protocol/libraries/logic/GenericLogic.sol#186)
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#150-233) has external calls inside a loop: vars.compoundedLiquidityBalance = IERC20(currentReserve.aTokenAddress).balanceOf(user) (contracts/protocol/libraries/logic/GenericLogic.sol#189)
ReserveLogic.updateState(DataTypes.ReserveData) (contracts/protocol/libraries/logic/ReserveLogic.sol#110-134) has external calls inside a loop: scaledVariableDebt = IVariableDebtToken(reserve.variableDebtTokenAddress).scaledTotalSupply() (contracts/protocol/libraries/logic/ReserveLogic.sol#111-112)
ValidationLogic.validateBorrow(address,DataTypes.ReserveData,address,uint256,uint256,uint256,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/ValidationLogic.sol#120-213) has external calls inside a loop: require(bool,string)(! userConfig.isUsingAsCollateral(reserve.id) || reserve.configuration.getLtv() == 0 || amount > IERC20(reserve.aTokenAddress).balanceOf(userAddress),Errors.VL_COLLATERAL_SAME_AS_BORROWING_CURRENCY) (contracts/protocol/libraries/logic/ValidationLogic.sol#198-203)
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#150-233) has external calls inside a loop: vars.compoundedBorrowBalance = IERC20(currentReserve.stableDebtTokenAddress).balanceOf(user) (contracts/protocol/libraries/logic/GenericLogic.sol#203-205)
ValidationLogic.validateBorrow(address,DataTypes.ReserveData,address,uint256,uint256,uint256,uint256,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/ValidationLogic.sol#120-213) has external calls inside a loop: vars.availableLiquidity = IERC20(asset).balanceOf(reserve.aTokenAddress) (contracts/protocol/libraries/logic/ValidationLogic.sol#205)
GenericLogic.calculateUserAccountData(address,mapping(address => DataTypes.ReserveData),DataTypes.UserConfigurationMap,mapping(uint256 => address),uint256,address) (contracts/protocol/libraries/logic/GenericLogic.sol#150-233) has external calls inside a loop: vars.compoundedBorrowBalance = vars.compoundedBorrowBalance.add(IERC20(currentReserve.variableDebtTokenAddress).balanceOf(user)) (contracts/protocol/libraries/logic/GenericLogic.sol#206-208)
ReserveLogic.updateInterestRates(DataTypes.ReserveData,address,address,uint256,uint256) (contracts/protocol/libraries/logic/ReserveLogic.sol#198-249) has external calls inside a loop: (vars.totalStableDebt,vars.avgStableRate) = IStableDebtToken(vars.stableDebtTokenAddress).getTotalSupplyAndAvgRate() (contracts/protocol/libraries/logic/ReserveLogic.sol#209-210)
LendingPoolConfigurator._initTokenWithProxy(address,bytes) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#454-464) has external calls inside a loop: proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142) has external calls inside a loop: pool.initReserve(input.underlyingAsset,aTokenProxyAddress,stableDebtTokenProxyAddress,variableDebtTokenProxyAddress,input.interestRateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#117-123)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142) has external calls inside a loop: currentConfig = pool.getConfiguration(input.underlyingAsset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#125-126)
LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142) has external calls inside a loop: pool.setConfiguration(input.underlyingAsset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#133)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/#calls-inside-a-loop
INFO:Detectors:
Reentrancy in IncentivizedERC20.transferFrom(address,address,uint256) (contracts/protocol/tokenization/IncentivizedERC20.sol#122-135):
External calls:
- _transfer(sender,recipient,amount) (contracts/protocol/tokenization/IncentivizedERC20.sol#127)
- _getIncentivesController().handleAction(sender,currentTotalSupply,oldSenderBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#187)
- _getIncentivesController().handleAction(recipient,currentTotalSupply,oldRecipientBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#189)
State variables written after the call(s):
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (contracts/protocol/tokenization/IncentivizedERC20.sol#128-132)
- _allowances[owner][spender] = amount (contracts/protocol/tokenization/IncentivizedERC20.sol#234)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2
INFO:Detectors:
Reentrancy in LendingPool._executeBorrow(LendingPool.ExecuteBorrowParams) (contracts/protocol/lendingpool/LendingPool.sol#855-930):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#881)
- isFirstBorrowing = IStableDebtToken(reserve.stableDebtTokenAddress).mint(vars.user,vars.onBehalfOf,vars.amount,currentStableRate) (contracts/protocol/lendingpool/LendingPool.sol#889-894)
- isFirstBorrowing = IVariableDebtToken(reserve.variableDebtTokenAddress).mint(vars.user,vars.onBehalfOf,vars.amount,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#896-901)
- IAToken(vars.aTokenAddress).transferUnderlyingTo(vars.user,vars.amount) (contracts/protocol/lendingpool/LendingPool.sol#916)
Event emitted after the call(s):
- Borrow(vars.asset,vars.user,vars.onBehalfOf,vars.amount,vars.interestRateMode,currentStableRate,vars.referralCode) (contracts/protocol/lendingpool/LendingPool.sol#919-929)
- Borrow(vars.asset,vars.user,vars.onBehalfOf,vars.amount,vars.interestRateMode,reserve.currentVariableBorrowRate,vars.referralCode) (contracts/protocol/lendingpool/LendingPool.sol#919-929)
Reentrancy in LendingPoolConfigurator._initReserve(ILendingPool,ILendingPoolConfigurator.InitReserveInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#70-142):
External calls:
- aTokenProxyAddress = _initTokenWithProxy(input.aTokenImpl,abi.encodeWithSelector(IInitializableAToken.initialize.selector,pool,input.treasury,input.underlyingAsset,IAaveIncentivesController(input.incentivesController),input.underlyingAssetDecimals,input.aTokenName,input.aTokenSymbol,input.params)) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#71-85)
- proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
- stableDebtTokenProxyAddress = _initTokenWithProxy(input.stableDebtTokenImpl,abi.encodeWithSelector(IInitializableDebtToken.initialize.selector,pool,input.underlyingAsset,IAaveIncentivesController(input.incentivesController),input.underlyingAssetDecimals,input.stableDebtTokenName,input.stableDebtTokenSymbol,input.params)) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#87-100)
- proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
- variableDebtTokenProxyAddress = _initTokenWithProxy(input.variableDebtTokenImpl,abi.encodeWithSelector(IInitializableDebtToken.initialize.selector,pool,input.underlyingAsset,IAaveIncentivesController(input.incentivesController),input.underlyingAssetDecimals,input.variableDebtTokenName,input.variableDebtTokenSymbol,input.params)) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#102-115)
- proxy.initialize(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#461)
- pool.initReserve(input.underlyingAsset,aTokenProxyAddress,stableDebtTokenProxyAddress,variableDebtTokenProxyAddress,input.interestRateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#117-123)
- pool.setConfiguration(input.underlyingAsset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#133)
Event emitted after the call(s):
- ReserveInitialized(input.underlyingAsset,aTokenProxyAddress,stableDebtTokenProxyAddress,variableDebtTokenProxyAddress,input.interestRateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#135-141)
Reentrancy in FlashLiquidationAdapter._liquidateAndSwap(address,address,address,uint256,bool,uint256,uint256,address) (contracts/adapters/FlashLiquidationAdapter.sol#102-161):
External calls:
- IERC20(borrowedAsset).approve(address(LENDING_POOL),debtToCover) (contracts/adapters/FlashLiquidationAdapter.sol#123)
- LENDING_POOL.liquidationCall(collateralAsset,borrowedAsset,user,debtToCover,false) (contracts/adapters/FlashLiquidationAdapter.sol#126)
- vars.soldAmount = _swapTokensForExactTokens(collateralAsset,borrowedAsset,vars.diffCollateralBalance,vars.flashLoanDebt.sub(vars.diffFlashBorrowedBalance),useEthPath) (contracts/adapters/FlashLiquidationAdapter.sol#142-148)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),0) (contracts/adapters/BaseUniswapAdapter.sol#213)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),maxAmountToSwap) (contracts/adapters/BaseUniswapAdapter.sol#214)
- amounts = UNISWAP_ROUTER.swapTokensForExactTokens(amountToReceive,maxAmountToSwap,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#228-235)
Event emitted after the call(s):
- Swapped(assetToSwapFrom,assetToSwapTo,amounts[0],amounts[amounts.length - 1]) (contracts/adapters/BaseUniswapAdapter.sol#237)
- vars.soldAmount = _swapTokensForExactTokens(collateralAsset,borrowedAsset,vars.diffCollateralBalance,vars.flashLoanDebt.sub(vars.diffFlashBorrowedBalance),useEthPath) (contracts/adapters/FlashLiquidationAdapter.sol#142-148)
Reentrancy in UniswapRepayAdapter._swapAndRepay(address,address,uint256,uint256,uint256,address,uint256,IBaseUniswapAdapter.PermitSignature,bool) (contracts/adapters/UniswapRepayAdapter.sol#162-224):
External calls:
- IERC20(debtAsset).safeApprove(address(LENDING_POOL),0) (contracts/adapters/UniswapRepayAdapter.sol#176)
- IERC20(debtAsset).safeApprove(address(LENDING_POOL),amount) (contracts/adapters/UniswapRepayAdapter.sol#177)
- LENDING_POOL.repay(debtAsset,amount,rateMode,initiator) (contracts/adapters/UniswapRepayAdapter.sol#179)
- _pullAToken(collateralAsset,collateralReserveData.aTokenAddress,initiator,amounts[0],permitSignature) (contracts/adapters/UniswapRepayAdapter.sol#194-200)
- IERC20WithPermit(reserveAToken).permit(user,address(this),permitSignature.amount,permitSignature.deadline,permitSignature.v,permitSignature.r,permitSignature.s) (contracts/adapters/BaseUniswapAdapter.sol#283-291)
- IERC20(reserveAToken).safeTransferFrom(user,address(this),amount) (contracts/adapters/BaseUniswapAdapter.sol#295)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- LENDING_POOL.withdraw(reserve,amount,address(this)) (contracts/adapters/BaseUniswapAdapter.sol#298)
- _swapTokensForExactTokens(collateralAsset,debtAsset,amounts[0],neededForFlashLoanDebt,useEthPath) (contracts/adapters/UniswapRepayAdapter.sol#203-209)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),0) (contracts/adapters/BaseUniswapAdapter.sol#213)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),maxAmountToSwap) (contracts/adapters/BaseUniswapAdapter.sol#214)
- amounts = UNISWAP_ROUTER.swapTokensForExactTokens(amountToReceive,maxAmountToSwap,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#228-235)
Event emitted after the call(s):
- Swapped(assetToSwapFrom,assetToSwapTo,amounts[0],amounts[amounts.length - 1]) (contracts/adapters/BaseUniswapAdapter.sol#237)
- _swapTokensForExactTokens(collateralAsset,debtAsset,amounts[0],neededForFlashLoanDebt,useEthPath) (contracts/adapters/UniswapRepayAdapter.sol#203-209)
Reentrancy in BaseUniswapAdapter._swapExactTokensForTokens(address,address,uint256,uint256,bool) (contracts/adapters/BaseUniswapAdapter.sol#132-180):
External calls:
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),0) (contracts/adapters/BaseUniswapAdapter.sol#154)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),amountToSwap) (contracts/adapters/BaseUniswapAdapter.sol#155)
- amounts = UNISWAP_ROUTER.swapExactTokensForTokens(amountToSwap,minAmountOut,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#168-175)
Event emitted after the call(s):
- Swapped(assetToSwapFrom,assetToSwapTo,amounts[0],amounts[amounts.length - 1]) (contracts/adapters/BaseUniswapAdapter.sol#177)
Reentrancy in BaseUniswapAdapter._swapTokensForExactTokens(address,address,uint256,uint256,bool) (contracts/adapters/BaseUniswapAdapter.sol#191-240):
External calls:
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),0) (contracts/adapters/BaseUniswapAdapter.sol#213)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),maxAmountToSwap) (contracts/adapters/BaseUniswapAdapter.sol#214)
- amounts = UNISWAP_ROUTER.swapTokensForExactTokens(amountToReceive,maxAmountToSwap,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#228-235)
Event emitted after the call(s):
- Swapped(assetToSwapFrom,assetToSwapTo,amounts[0],amounts[amounts.length - 1]) (contracts/adapters/BaseUniswapAdapter.sol#237)
Reentrancy in AToken._transfer(address,address,uint256,bool) (contracts/protocol/tokenization/AToken.sol#370-391):
External calls:
- super._transfer(from,to,amount.rayDiv(index)) (contracts/protocol/tokenization/AToken.sol#384)
- _getIncentivesController().handleAction(sender,currentTotalSupply,oldSenderBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#187)
- _getIncentivesController().handleAction(recipient,currentTotalSupply,oldRecipientBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#189)
- pool.finalizeTransfer(underlyingAsset,from,to,amount,fromBalanceBefore,toBalanceBefore) (contracts/protocol/tokenization/AToken.sol#387)
Event emitted after the call(s):
- BalanceTransfer(from,to,amount,index) (contracts/protocol/tokenization/AToken.sol#390)
Reentrancy in LendingPoolAddressesProvider._updateImpl(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#194-209):
External calls:
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
Event emitted after the call(s):
- ProxyCreated(id,address(proxy)) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#205)
Reentrancy in LendingPoolConfigurator.activateReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#363-371):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#368)
Event emitted after the call(s):
- ReserveActivated(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#370)
Reentrancy in AToken.burn(address,address,uint256,uint256) (contracts/protocol/tokenization/AToken.sol#120-134):
External calls:
- _burn(user,amountScaled) (contracts/protocol/tokenization/AToken.sol#128)
- _getIncentivesController().handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#222)
- IERC20(_underlyingAsset).safeTransfer(receiverOfUnderlying,amount) (contracts/protocol/tokenization/AToken.sol#130)
Event emitted after the call(s):
- Burn(user,receiverOfUnderlying,amount,index) (contracts/protocol/tokenization/AToken.sol#133)
- Transfer(user,address(0),amount) (contracts/protocol/tokenization/AToken.sol#132)
Reentrancy in StableDebtToken.burn(address,uint256) (contracts/protocol/tokenization/StableDebtToken.sol#197-257):
External calls:
- _mint(user,amountToMint,previousSupply) (contracts/protocol/tokenization/StableDebtToken.sol#239)
- _incentivesController.handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/StableDebtToken.sol#413)
Event emitted after the call(s):
- Mint(user,user,amountToMint,currentBalance,balanceIncrease,userStableRate,newAvgStableRate,nextSupply) (contracts/protocol/tokenization/StableDebtToken.sol#240-249)
Reentrancy in StableDebtToken.burn(address,uint256) (contracts/protocol/tokenization/StableDebtToken.sol#197-257):
External calls:
- _burn(user,amountToBurn,previousSupply) (contracts/protocol/tokenization/StableDebtToken.sol#252)
- _incentivesController.handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/StableDebtToken.sol#432)
Event emitted after the call(s):
- Burn(user,amountToBurn,currentBalance,balanceIncrease,newAvgStableRate,nextSupply) (contracts/protocol/tokenization/StableDebtToken.sol#253)
Reentrancy in StableDebtToken.burn(address,uint256) (contracts/protocol/tokenization/StableDebtToken.sol#197-257):
External calls:
- _mint(user,amountToMint,previousSupply) (contracts/protocol/tokenization/StableDebtToken.sol#239)
- _incentivesController.handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/StableDebtToken.sol#413)
- _burn(user,amountToBurn,previousSupply) (contracts/protocol/tokenization/StableDebtToken.sol#252)
- _incentivesController.handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/StableDebtToken.sol#432)
Event emitted after the call(s):
- Transfer(user,address(0),amount) (contracts/protocol/tokenization/StableDebtToken.sol#256)
Reentrancy in VariableDebtToken.burn(address,uint256,uint256) (contracts/protocol/tokenization/VariableDebtToken.sol#124-136):
External calls:
- _burn(user,amountScaled) (contracts/protocol/tokenization/VariableDebtToken.sol#132)
- _getIncentivesController().handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#222)
Event emitted after the call(s):
- Burn(user,amount,index) (contracts/protocol/tokenization/VariableDebtToken.sol#135)
- Transfer(user,address(0),amount) (contracts/protocol/tokenization/VariableDebtToken.sol#134)
Reentrancy in LendingPoolConfigurator.configureReserveAsCollateral(address,uint256,uint256,uint256) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#287-329):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#326)
Event emitted after the call(s):
- CollateralConfigurationChanged(asset,ltv,liquidationThreshold,liquidationBonus) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#328)
Reentrancy in LendingPoolConfigurator.deactivateReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#377-387):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#384)
Event emitted after the call(s):
- ReserveDeactivated(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#386)
Reentrancy in LendingPool.deposit(address,uint256,address,uint16) (contracts/protocol/lendingpool/LendingPool.sol#104-129):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#116)
- IERC20(asset).safeTransferFrom(msg.sender,aToken,amount) (contracts/protocol/lendingpool/LendingPool.sol#119)
- isFirstDeposit = IAToken(aToken).mint(onBehalfOf,amount,reserve.liquidityIndex) (contracts/protocol/lendingpool/LendingPool.sol#121)
Event emitted after the call(s):
- Deposit(asset,msg.sender,onBehalfOf,amount,referralCode) (contracts/protocol/lendingpool/LendingPool.sol#128)
- ReserveUsedAsCollateralEnabled(asset,onBehalfOf) (contracts/protocol/lendingpool/LendingPool.sol#125)
Reentrancy in LendingPoolConfigurator.disableBorrowingOnReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#269-276):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#274)
Event emitted after the call(s):
- BorrowingDisabledOnReserve(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#275)
Reentrancy in LendingPoolConfigurator.disableReserveStableRate(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#349-357):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#354)
Event emitted after the call(s):
- StableRateDisabledOnReserve(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#356)
Reentrancy in LendingPoolConfigurator.enableBorrowingOnReserve(address,bool) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#251-263):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#260)
Event emitted after the call(s):
- BorrowingEnabledOnReserve(asset,stableBorrowRateEnabled) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#262)
Reentrancy in LendingPoolConfigurator.enableReserveStableRate(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#335-343):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#340)
Event emitted after the call(s):
- StableRateEnabledOnReserve(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#342)
Reentrancy in MockFlashLoanReceiver.executeOperation(address[],uint256[],uint256[],address,bytes) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#46-83):
External calls:
- token.mint(premiums[i]) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#75)
- IERC20(assets[i]).approve(address(LENDING_POOL),amountToReturn) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#77)
Event emitted after the call(s):
- ExecutedWithSuccess(assets,amounts,premiums) (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#80)
Reentrancy in LendingPool.flashLoan(address,address[],uint256[],uint256[],address,bytes,uint16) (contracts/protocol/lendingpool/LendingPool.sol#483-564):
External calls:
- IAToken(aTokenAddresses[vars.i]).transferUnderlyingTo(receiverAddress,amounts[vars.i]) (contracts/protocol/lendingpool/LendingPool.sol#506)
- require(bool,string)(vars.receiver.executeOperation(assets,amounts,premiums,msg.sender,params),Errors.LP_INVALID_FLASH_LOAN_EXECUTOR_RETURN) (contracts/protocol/lendingpool/LendingPool.sol#509-512)
- _reserves[vars.currentAsset].updateState() (contracts/protocol/lendingpool/LendingPool.sol#522)
- IERC20(vars.currentAsset).safeTransferFrom(receiverAddress,vars.currentATokenAddress,vars.currentAmountPlusPremium) (contracts/protocol/lendingpool/LendingPool.sol#534-538)
- _executeBorrow(ExecuteBorrowParams(vars.currentAsset,msg.sender,onBehalfOf,vars.currentAmount,modes[vars.i],vars.currentATokenAddress,referralCode,false)) (contracts/protocol/lendingpool/LendingPool.sol#542-553)
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#881)
- isFirstBorrowing = IStableDebtToken(reserve.stableDebtTokenAddress).mint(vars.user,vars.onBehalfOf,vars.amount,currentStableRate) (contracts/protocol/lendingpool/LendingPool.sol#889-894)
- isFirstBorrowing = IVariableDebtToken(reserve.variableDebtTokenAddress).mint(vars.user,vars.onBehalfOf,vars.amount,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#896-901)
- IAToken(reserve.aTokenAddress).mintToTreasury(vars.amountToMint,newLiquidityIndex) (contracts/protocol/libraries/logic/ReserveLogic.sol#323)
- IAToken(vars.aTokenAddress).transferUnderlyingTo(vars.user,vars.amount) (contracts/protocol/lendingpool/LendingPool.sol#916)
Event emitted after the call(s):
- Borrow(vars.asset,vars.user,vars.onBehalfOf,vars.amount,vars.interestRateMode,currentStableRate,vars.referralCode) (contracts/protocol/lendingpool/LendingPool.sol#919-929)
- _executeBorrow(ExecuteBorrowParams(vars.currentAsset,msg.sender,onBehalfOf,vars.currentAmount,modes[vars.i],vars.currentATokenAddress,referralCode,false)) (contracts/protocol/lendingpool/LendingPool.sol#542-553)
- Borrow(vars.asset,vars.user,vars.onBehalfOf,vars.amount,vars.interestRateMode,reserve.currentVariableBorrowRate,vars.referralCode) (contracts/protocol/lendingpool/LendingPool.sol#919-929)
- _executeBorrow(ExecuteBorrowParams(vars.currentAsset,msg.sender,onBehalfOf,vars.currentAmount,modes[vars.i],vars.currentATokenAddress,referralCode,false)) (contracts/protocol/lendingpool/LendingPool.sol#542-553)
- FlashLoan(receiverAddress,msg.sender,vars.currentAsset,vars.currentAmount,vars.currentPremium,referralCode) (contracts/protocol/lendingpool/LendingPool.sol#555-562)
- ReserveDataUpdated(reserveAddress,vars.newLiquidityRate,vars.newStableRate,vars.newVariableRate,reserve.liquidityIndex,reserve.variableBorrowIndex) (contracts/protocol/libraries/logic/ReserveLogic.sol#241-248)
- _executeBorrow(ExecuteBorrowParams(vars.currentAsset,msg.sender,onBehalfOf,vars.currentAmount,modes[vars.i],vars.currentATokenAddress,referralCode,false)) (contracts/protocol/lendingpool/LendingPool.sol#542-553)
Reentrancy in LendingPoolConfigurator.freezeReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#394-402):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#399)
Event emitted after the call(s):
- ReserveFrozen(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#401)
Reentrancy in LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245):
External calls:
- debtReserve.updateState() (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#163)
- IVariableDebtToken(debtReserve.variableDebtTokenAddress).burn(user,vars.actualDebtToLiquidate,debtReserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#166-170)
- IVariableDebtToken(debtReserve.variableDebtTokenAddress).burn(user,vars.userVariableDebt,debtReserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#174-178)
- IStableDebtToken(debtReserve.stableDebtTokenAddress).burn(user,vars.actualDebtToLiquidate.sub(vars.userVariableDebt)) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#180-183)
- vars.collateralAtoken.transferOnLiquidation(user,msg.sender,vars.maxCollateralToLiquidate) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#195)
Event emitted after the call(s):
- ReserveUsedAsCollateralEnabled(collateralAsset,msg.sender) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#200)
Reentrancy in LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245):
External calls:
- debtReserve.updateState() (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#163)
- IVariableDebtToken(debtReserve.variableDebtTokenAddress).burn(user,vars.actualDebtToLiquidate,debtReserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#166-170)
- IVariableDebtToken(debtReserve.variableDebtTokenAddress).burn(user,vars.userVariableDebt,debtReserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#174-178)
- IStableDebtToken(debtReserve.stableDebtTokenAddress).burn(user,vars.actualDebtToLiquidate.sub(vars.userVariableDebt)) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#180-183)
- vars.collateralAtoken.transferOnLiquidation(user,msg.sender,vars.maxCollateralToLiquidate) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#195)
- collateralReserve.updateState() (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#203)
- vars.collateralAtoken.burn(user,msg.sender,vars.maxCollateralToLiquidate,collateralReserve.liquidityIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#212-217)
Event emitted after the call(s):
- ReserveUsedAsCollateralDisabled(collateralAsset,user) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#224)
Reentrancy in LendingPoolCollateralManager.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#81-245):
External calls:
- debtReserve.updateState() (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#163)
- IVariableDebtToken(debtReserve.variableDebtTokenAddress).burn(user,vars.actualDebtToLiquidate,debtReserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#166-170)
- IVariableDebtToken(debtReserve.variableDebtTokenAddress).burn(user,vars.userVariableDebt,debtReserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#174-178)
- IStableDebtToken(debtReserve.stableDebtTokenAddress).burn(user,vars.actualDebtToLiquidate.sub(vars.userVariableDebt)) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#180-183)
- vars.collateralAtoken.transferOnLiquidation(user,msg.sender,vars.maxCollateralToLiquidate) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#195)
- collateralReserve.updateState() (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#203)
- vars.collateralAtoken.burn(user,msg.sender,vars.maxCollateralToLiquidate,collateralReserve.liquidityIndex) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#212-217)
- IERC20(debtAsset).safeTransferFrom(msg.sender,debtReserve.aTokenAddress,vars.actualDebtToLiquidate) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#228-232)
Event emitted after the call(s):
- LiquidationCall(collateralAsset,debtAsset,user,vars.actualDebtToLiquidate,vars.maxCollateralToLiquidate,msg.sender,receiveAToken) (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#234-242)
Reentrancy in AToken.mint(address,uint256,uint256) (contracts/protocol/tokenization/AToken.sol#144-159):
External calls:
- _mint(user,amountScaled) (contracts/protocol/tokenization/AToken.sol#153)
- _getIncentivesController().handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#206)
Event emitted after the call(s):
- Mint(user,amount,index) (contracts/protocol/tokenization/AToken.sol#156)
- Transfer(address(0),user,amount) (contracts/protocol/tokenization/AToken.sol#155)
Reentrancy in StableDebtToken.mint(address,address,uint256,uint256) (contracts/protocol/tokenization/StableDebtToken.sol#136-190):
External calls:
- _mint(onBehalfOf,amount.add(balanceIncrease),vars.previousSupply) (contracts/protocol/tokenization/StableDebtToken.sol#174)
- _incentivesController.handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/StableDebtToken.sol#413)
Event emitted after the call(s):
- Mint(user,onBehalfOf,amount,currentBalance,balanceIncrease,vars.newStableRate,vars.currentAvgStableRate,vars.nextSupply) (contracts/protocol/tokenization/StableDebtToken.sol#178-187)
- Transfer(address(0),onBehalfOf,amount) (contracts/protocol/tokenization/StableDebtToken.sol#176)
Reentrancy in VariableDebtToken.mint(address,address,uint256,uint256) (contracts/protocol/tokenization/VariableDebtToken.sol#95-115):
External calls:
- _mint(onBehalfOf,amountScaled) (contracts/protocol/tokenization/VariableDebtToken.sol#109)
- _getIncentivesController().handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#206)
Event emitted after the call(s):
- Mint(user,onBehalfOf,amount,index) (contracts/protocol/tokenization/VariableDebtToken.sol#112)
- Transfer(address(0),onBehalfOf,amount) (contracts/protocol/tokenization/VariableDebtToken.sol#111)
Reentrancy in AToken.mintToTreasury(uint256,uint256) (contracts/protocol/tokenization/AToken.sol#167-182):
External calls:
- _mint(treasury,amount.rayDiv(index)) (contracts/protocol/tokenization/AToken.sol#178)
- _getIncentivesController().handleAction(account,oldTotalSupply,oldAccountBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#206)
Event emitted after the call(s):
- Mint(treasury,amount,index) (contracts/protocol/tokenization/AToken.sol#181)
- Transfer(address(0),treasury,amount) (contracts/protocol/tokenization/AToken.sol#180)
Reentrancy in LendingPool.rebalanceStableBorrowRate(address,address) (contracts/protocol/lendingpool/LendingPool.sol#350-380):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#367)
- IStableDebtToken(address(stableDebtToken)).burn(user,stableDebt) (contracts/protocol/lendingpool/LendingPool.sol#369)
- IStableDebtToken(address(stableDebtToken)).mint(user,user,stableDebt,reserve.currentStableBorrowRate) (contracts/protocol/lendingpool/LendingPool.sol#370-375)
Event emitted after the call(s):
- RebalanceStableBorrowRate(asset,user) (contracts/protocol/lendingpool/LendingPool.sol#379)
Reentrancy in LendingPool.repay(address,uint256,uint256,address) (contracts/protocol/lendingpool/LendingPool.sol#236-290):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#264)
- IStableDebtToken(reserve.stableDebtTokenAddress).burn(onBehalfOf,paybackAmount) (contracts/protocol/lendingpool/LendingPool.sol#267)
- IVariableDebtToken(reserve.variableDebtTokenAddress).burn(onBehalfOf,paybackAmount,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#269-273)
- IERC20(asset).safeTransferFrom(msg.sender,aToken,paybackAmount) (contracts/protocol/lendingpool/LendingPool.sol#283)
- IAToken(aToken).handleRepayment(msg.sender,paybackAmount) (contracts/protocol/lendingpool/LendingPool.sol#285)
Event emitted after the call(s):
- Repay(asset,onBehalfOf,msg.sender,paybackAmount) (contracts/protocol/lendingpool/LendingPool.sol#287)
Reentrancy in LendingPoolAddressesProvider.setAddressAsProxy(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#60-67):
External calls:
- _updateImpl(id,implementationAddress) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#65)
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
- proxy.upgradeToAndCall(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#207)
Event emitted after the call(s):
- AddressSet(id,implementationAddress,true) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#66)
Reentrancy in LendingPoolAddressesProvider.setLendingPoolConfiguratorImpl(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#119-122):
External calls:
- _updateImpl(LENDING_POOL_CONFIGURATOR,configurator) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#120)
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
- proxy.upgradeToAndCall(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#207)
Event emitted after the call(s):
- LendingPoolConfiguratorUpdated(configurator) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#121)
Reentrancy in LendingPoolAddressesProvider.setLendingPoolImpl(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#101-104):
External calls:
- _updateImpl(LENDING_POOL,pool) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#102)
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
- proxy.upgradeToAndCall(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#207)
Event emitted after the call(s):
- LendingPoolUpdated(pool) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#103)
Reentrancy in LendingPoolConfigurator.setReserveFactor(address,uint256) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#423-431):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#428)
Event emitted after the call(s):
- ReserveFactorChanged(asset,reserveFactor) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#430)
Reentrancy in LendingPoolConfigurator.setReserveInterestRateStrategyAddress(address,address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#438-444):
External calls:
- pool.setReserveInterestRateStrategyAddress(asset,rateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#442)
Event emitted after the call(s):
- ReserveInterestRateStrategyChanged(asset,rateStrategyAddress) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#443)
Reentrancy in UniswapLiquiditySwapAdapter.swapAndDeposit(address[],address[],uint256[],uint256[],IBaseUniswapAdapter.PermitSignature[],bool[]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#130-177):
External calls:
- _pullAToken(assetToSwapFromList[vars.i],vars.aToken,msg.sender,vars.amountToSwap,permitParams[vars.i]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#156-162)
- IERC20WithPermit(reserveAToken).permit(user,address(this),permitSignature.amount,permitSignature.deadline,permitSignature.v,permitSignature.r,permitSignature.s) (contracts/adapters/BaseUniswapAdapter.sol#283-291)
- IERC20(reserveAToken).safeTransferFrom(user,address(this),amount) (contracts/adapters/BaseUniswapAdapter.sol#295)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- LENDING_POOL.withdraw(reserve,amount,address(this)) (contracts/adapters/BaseUniswapAdapter.sol#298)
- vars.receivedAmount = _swapExactTokensForTokens(assetToSwapFromList[vars.i],assetToSwapToList[vars.i],vars.amountToSwap,minAmountsToReceive[vars.i],useEthPath[vars.i]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#164-170)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),0) (contracts/adapters/BaseUniswapAdapter.sol#154)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),amountToSwap) (contracts/adapters/BaseUniswapAdapter.sol#155)
- amounts = UNISWAP_ROUTER.swapExactTokensForTokens(amountToSwap,minAmountOut,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#168-175)
- IERC20(assetToSwapToList[vars.i]).safeApprove(address(LENDING_POOL),0) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#173)
- IERC20(assetToSwapToList[vars.i]).safeApprove(address(LENDING_POOL),vars.receivedAmount) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#174)
- LENDING_POOL.deposit(assetToSwapToList[vars.i],vars.receivedAmount,msg.sender,0) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#175)
Event emitted after the call(s):
- Swapped(assetToSwapFrom,assetToSwapTo,amounts[0],amounts[amounts.length - 1]) (contracts/adapters/BaseUniswapAdapter.sol#177)
- vars.receivedAmount = _swapExactTokensForTokens(assetToSwapFromList[vars.i],assetToSwapToList[vars.i],vars.amountToSwap,minAmountsToReceive[vars.i],useEthPath[vars.i]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#164-170)
Reentrancy in UniswapRepayAdapter.swapAndRepay(address,address,uint256,uint256,uint256,IBaseUniswapAdapter.PermitSignature,bool) (contracts/adapters/UniswapRepayAdapter.sol#91-148):
External calls:
- _pullAToken(collateralAsset,collateralReserveData.aTokenAddress,msg.sender,amounts[0],permitSignature) (contracts/adapters/UniswapRepayAdapter.sol#123-129)
- IERC20WithPermit(reserveAToken).permit(user,address(this),permitSignature.amount,permitSignature.deadline,permitSignature.v,permitSignature.r,permitSignature.s) (contracts/adapters/BaseUniswapAdapter.sol#283-291)
- IERC20(reserveAToken).safeTransferFrom(user,address(this),amount) (contracts/adapters/BaseUniswapAdapter.sol#295)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- LENDING_POOL.withdraw(reserve,amount,address(this)) (contracts/adapters/BaseUniswapAdapter.sol#298)
- _swapTokensForExactTokens(collateralAsset,debtAsset,amounts[0],amountToRepay,useEthPath) (contracts/adapters/UniswapRepayAdapter.sol#132)
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),0) (contracts/adapters/BaseUniswapAdapter.sol#213)
- IERC20(assetToSwapFrom).safeApprove(address(UNISWAP_ROUTER),maxAmountToSwap) (contracts/adapters/BaseUniswapAdapter.sol#214)
- amounts = UNISWAP_ROUTER.swapTokensForExactTokens(amountToReceive,maxAmountToSwap,path,address(this),block.timestamp) (contracts/adapters/BaseUniswapAdapter.sol#228-235)
Event emitted after the call(s):
- Swapped(assetToSwapFrom,assetToSwapTo,amounts[0],amounts[amounts.length - 1]) (contracts/adapters/BaseUniswapAdapter.sol#237)
- _swapTokensForExactTokens(collateralAsset,debtAsset,amounts[0],amountToRepay,useEthPath) (contracts/adapters/UniswapRepayAdapter.sol#132)
Reentrancy in LendingPool.swapBorrowRateMode(address,uint256) (contracts/protocol/lendingpool/LendingPool.sol#297-339):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#312)
- IStableDebtToken(reserve.stableDebtTokenAddress).burn(msg.sender,stableDebt) (contracts/protocol/lendingpool/LendingPool.sol#315)
- IVariableDebtToken(reserve.variableDebtTokenAddress).mint(msg.sender,msg.sender,stableDebt,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#316-321)
- IVariableDebtToken(reserve.variableDebtTokenAddress).burn(msg.sender,variableDebt,reserve.variableBorrowIndex) (contracts/protocol/lendingpool/LendingPool.sol#323-327)
- IStableDebtToken(reserve.stableDebtTokenAddress).mint(msg.sender,msg.sender,variableDebt,reserve.currentStableBorrowRate) (contracts/protocol/lendingpool/LendingPool.sol#328-333)
Event emitted after the call(s):
- Swap(asset,msg.sender,rateMode) (contracts/protocol/lendingpool/LendingPool.sol#338)
Reentrancy in IncentivizedERC20.transfer(address,uint256) (contracts/protocol/tokenization/IncentivizedERC20.sol#83-87):
External calls:
- _transfer(_msgSender(),recipient,amount) (contracts/protocol/tokenization/IncentivizedERC20.sol#84)
- _getIncentivesController().handleAction(sender,currentTotalSupply,oldSenderBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#187)
- _getIncentivesController().handleAction(recipient,currentTotalSupply,oldRecipientBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#189)
Event emitted after the call(s):
- Transfer(_msgSender(),recipient,amount) (contracts/protocol/tokenization/IncentivizedERC20.sol#85)
Reentrancy in IncentivizedERC20.transferFrom(address,address,uint256) (contracts/protocol/tokenization/IncentivizedERC20.sol#122-135):
External calls:
- _transfer(sender,recipient,amount) (contracts/protocol/tokenization/IncentivizedERC20.sol#127)
- _getIncentivesController().handleAction(sender,currentTotalSupply,oldSenderBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#187)
- _getIncentivesController().handleAction(recipient,currentTotalSupply,oldRecipientBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#189)
Event emitted after the call(s):
- Approval(owner,spender,amount) (contracts/protocol/tokenization/IncentivizedERC20.sol#235)
- _approve(sender,_msgSender(),_allowances[sender][_msgSender()].sub(amount,ERC20: transfer amount exceeds allowance)) (contracts/protocol/tokenization/IncentivizedERC20.sol#128-132)
- Transfer(sender,recipient,amount) (contracts/protocol/tokenization/IncentivizedERC20.sol#133)
Reentrancy in AToken.transferOnLiquidation(address,address,uint256) (contracts/protocol/tokenization/AToken.sol#191-201):
External calls:
- _transfer(from,to,value,false) (contracts/protocol/tokenization/AToken.sol#198)
- pool.finalizeTransfer(underlyingAsset,from,to,amount,fromBalanceBefore,toBalanceBefore) (contracts/protocol/tokenization/AToken.sol#387)
- _getIncentivesController().handleAction(sender,currentTotalSupply,oldSenderBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#187)
- _getIncentivesController().handleAction(recipient,currentTotalSupply,oldRecipientBalance) (contracts/protocol/tokenization/IncentivizedERC20.sol#189)
Event emitted after the call(s):
- Transfer(from,to,value) (contracts/protocol/tokenization/AToken.sol#200)
Reentrancy in LendingPoolConfigurator.unfreezeReserve(address) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#408-416):
External calls:
- pool.setConfiguration(asset,currentConfig.data) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#413)
Event emitted after the call(s):
- ReserveUnfrozen(asset) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#415)
Reentrancy in LendingPoolConfigurator.updateAToken(ILendingPoolConfigurator.UpdateATokenInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#147-173):
External calls:
- _upgradeTokenImplementation(reserveData.aTokenAddress,input.implementation,encodedCall) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#166-170)
- proxy.upgradeToAndCall(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#474)
Event emitted after the call(s):
- ATokenUpgraded(input.asset,reserveData.aTokenAddress,input.implementation) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#172)
Reentrancy in LendingPoolConfigurator.updateStableDebtToken(ILendingPoolConfigurator.UpdateDebtTokenInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#178-207):
External calls:
- _upgradeTokenImplementation(reserveData.stableDebtTokenAddress,input.implementation,encodedCall) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#196-200)
- proxy.upgradeToAndCall(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#474)
Event emitted after the call(s):
- StableDebtTokenUpgraded(input.asset,reserveData.stableDebtTokenAddress,input.implementation) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#202-206)
Reentrancy in LendingPoolConfigurator.updateVariableDebtToken(ILendingPoolConfigurator.UpdateDebtTokenInput) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#212-244):
External calls:
- _upgradeTokenImplementation(reserveData.variableDebtTokenAddress,input.implementation,encodedCall) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#233-237)
- proxy.upgradeToAndCall(implementation,initParams) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#474)
Event emitted after the call(s):
- VariableDebtTokenUpgraded(input.asset,reserveData.variableDebtTokenAddress,input.implementation) (contracts/protocol/lendingpool/LendingPoolConfigurator.sol#239-243)
Reentrancy in LendingPool.withdraw(address,uint256,address) (contracts/protocol/lendingpool/LendingPool.sol#142-184):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#170)
Event emitted after the call(s):
- ReserveUsedAsCollateralDisabled(asset,msg.sender) (contracts/protocol/lendingpool/LendingPool.sol#176)
Reentrancy in LendingPool.withdraw(address,uint256,address) (contracts/protocol/lendingpool/LendingPool.sol#142-184):
External calls:
- reserve.updateState() (contracts/protocol/lendingpool/LendingPool.sol#170)
- IAToken(aToken).burn(msg.sender,to,amountToWithdraw,reserve.liquidityIndex) (contracts/protocol/lendingpool/LendingPool.sol#179)
Event emitted after the call(s):
- Withdraw(asset,msg.sender,to,amountToWithdraw) (contracts/protocol/lendingpool/LendingPool.sol#181)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
FlashLiquidationAdapter._liquidateAndSwap(address,address,address,uint256,bool,uint256,uint256,address) (contracts/adapters/FlashLiquidationAdapter.sol#102-161) uses timestamp for comparisons
Dangerous comparisons:
- vars.remainingTokens > 0 (contracts/adapters/FlashLiquidationAdapter.sol#158)
UniswapLiquiditySwapAdapter.swapAndDeposit(address[],address[],uint256[],uint256[],IBaseUniswapAdapter.PermitSignature[],bool[]) (contracts/adapters/UniswapLiquiditySwapAdapter.sol#130-177) uses timestamp for comparisons
Dangerous comparisons:
- vars.i < assetToSwapFromList.length (contracts/adapters/UniswapLiquiditySwapAdapter.sol#148)
- amountToSwapList[vars.i] > vars.aTokenInitiatorBalance (contracts/adapters/UniswapLiquiditySwapAdapter.sol#152-154)
ReserveLogic.getNormalizedIncome(DataTypes.ReserveData) (contracts/protocol/libraries/logic/ReserveLogic.sol#57-76) uses timestamp for comparisons
Dangerous comparisons:
- timestamp == uint40(block.timestamp) (contracts/protocol/libraries/logic/ReserveLogic.sol#65)
ReserveLogic.getNormalizedDebt(DataTypes.ReserveData) (contracts/protocol/libraries/logic/ReserveLogic.sol#85-104) uses timestamp for comparisons
Dangerous comparisons:
- timestamp == uint40(block.timestamp) (contracts/protocol/libraries/logic/ReserveLogic.sol#93)
MathUtils.calculateCompoundedInterest(uint256,uint40,uint256) (contracts/protocol/libraries/math/MathUtils.sol#45-70) uses timestamp for comparisons
Dangerous comparisons:
- exp == 0 (contracts/protocol/libraries/math/MathUtils.sol#53)
- exp > 2 (contracts/protocol/libraries/math/MathUtils.sol#59)
AToken.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (contracts/protocol/tokenization/AToken.sol#336-360) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,INVALID_EXPIRATION) (contracts/protocol/tokenization/AToken.sol#347)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.isContract(address) (contracts/dependencies/openzeppelin/contracts/Address.sol#25-36) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/contracts/Address.sol#32-34)
BaseAdminUpgradeabilityProxy._admin() (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#99-105) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#102-104)
BaseAdminUpgradeabilityProxy._setAdmin(address) (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#111-117) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#114-116)
BaseUpgradeabilityProxy._implementation() (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#32-38) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#35-37)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#53-65) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#62-64)
Proxy._delegate(address) (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#31-55) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#33-54)
VersionedInitializable.isConstructor() (contracts/protocol/libraries/aave-upgradeability/VersionedInitializable.sol#61-73) uses assembly
- INLINE ASM (contracts/protocol/libraries/aave-upgradeability/VersionedInitializable.sol#69-71)
AToken.initialize(ILendingPool,address,address,IAaveIncentivesController,uint8,string,string,bytes) (contracts/protocol/tokenization/AToken.sol#64-110) uses assembly
- INLINE ASM (contracts/protocol/tokenization/AToken.sol#77-79)
console._sendLogPayload(bytes) (hardhat/console.sol#7-14) uses assembly
- INLINE ASM (hardhat/console.sol#10-13)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60) is never used and should be removed
Context._msgData() (contracts/dependencies/openzeppelin/contracts/Context.sol#19-22) is never used and should be removed
ERC20._burn(address,uint256) (contracts/dependencies/openzeppelin/contracts/ERC20.sol#279-287) is never used and should be removed
LendingPoolCollateralManager.getRevision() (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#66-68) is never used and should be removed
ReserveConfiguration.getBorrowingEnabled(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#203-209) is never used and should be removed
ReserveConfiguration.getFrozen(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#180-182) is never used and should be removed
ReserveConfiguration.getLiquidationBonus(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#109-115) is never used and should be removed
ReserveConfiguration.getStableRateBorrowingEnabled(DataTypes.ReserveConfigurationMap) (contracts/protocol/libraries/configuration/ReserveConfiguration.sol#230-236) is never used and should be removed
SafeMath.mod(uint256,uint256) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#140-142) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (contracts/dependencies/openzeppelin/contracts/SafeMath.sol#155-162) is never used and should be removed
StableDebtToken.getRevision() (contracts/protocol/tokenization/StableDebtToken.sol#73-75) is never used and should be removed
StringLib.concat(string,string) (contracts/deployments/StringLib.sol#5-7) is never used and should be removed
VariableDebtToken.getRevision() (contracts/protocol/tokenization/VariableDebtToken.sol#67-69) is never used and should be removed
WadRayMath.halfRay() (contracts/protocol/libraries/math/WadRayMath.sol#39-41) is never used and should be removed
WadRayMath.halfWad() (contracts/protocol/libraries/math/WadRayMath.sol#46-48) is never used and should be removed
WadRayMath.rayToWad(uint256) (contracts/protocol/libraries/math/WadRayMath.sol#117-123) is never used and should be removed
WadRayMath.wad() (contracts/protocol/libraries/math/WadRayMath.sol#32-34) is never used and should be removed
WadRayMath.wadMul(uint256,uint256) (contracts/protocol/libraries/math/WadRayMath.sol#56-64) is never used and should be removed
console._sendLogPayload(bytes) (hardhat/console.sol#7-14) is never used and should be removed
console.log() (hardhat/console.sol#16-18) is never used and should be removed
console.log(address) (hardhat/console.sol#184-186) is never used and should be removed
console.log(address,address) (hardhat/console.sol#248-250) is never used and should be removed
console.log(address,address,address) (hardhat/console.sol#504-506) is never used and should be removed
console.log(address,address,address,address) (hardhat/console.sol#1528-1530) is never used and should be removed
console.log(address,address,address,bool) (hardhat/console.sol#1524-1526) is never used and should be removed
console.log(address,address,address,string) (hardhat/console.sol#1520-1522) is never used and should be removed
console.log(address,address,address,uint256) (hardhat/console.sol#1516-1518) is never used and should be removed
console.log(address,address,bool) (hardhat/console.sol#500-502) is never used and should be removed
console.log(address,address,bool,address) (hardhat/console.sol#1512-1514) is never used and should be removed
console.log(address,address,bool,bool) (hardhat/console.sol#1508-1510) is never used and should be removed
console.log(address,address,bool,string) (hardhat/console.sol#1504-1506) is never used and should be removed
console.log(address,address,bool,uint256) (hardhat/console.sol#1500-1502) is never used and should be removed
console.log(address,address,string) (hardhat/console.sol#496-498) is never used and should be removed
console.log(address,address,string,address) (hardhat/console.sol#1496-1498) is never used and should be removed
console.log(address,address,string,bool) (hardhat/console.sol#1492-1494) is never used and should be removed
console.log(address,address,string,string) (hardhat/console.sol#1488-1490) is never used and should be removed
console.log(address,address,string,uint256) (hardhat/console.sol#1484-1486) is never used and should be removed
console.log(address,address,uint256) (hardhat/console.sol#492-494) is never used and should be removed
console.log(address,address,uint256,address) (hardhat/console.sol#1480-1482) is never used and should be removed
console.log(address,address,uint256,bool) (hardhat/console.sol#1476-1478) is never used and should be removed
console.log(address,address,uint256,string) (hardhat/console.sol#1472-1474) is never used and should be removed
console.log(address,address,uint256,uint256) (hardhat/console.sol#1468-1470) is never used and should be removed
console.log(address,bool) (hardhat/console.sol#244-246) is never used and should be removed
console.log(address,bool,address) (hardhat/console.sol#488-490) is never used and should be removed
console.log(address,bool,address,address) (hardhat/console.sol#1464-1466) is never used and should be removed
console.log(address,bool,address,bool) (hardhat/console.sol#1460-1462) is never used and should be removed
console.log(address,bool,address,string) (hardhat/console.sol#1456-1458) is never used and should be removed
console.log(address,bool,address,uint256) (hardhat/console.sol#1452-1454) is never used and should be removed
console.log(address,bool,bool) (hardhat/console.sol#484-486) is never used and should be removed
console.log(address,bool,bool,address) (hardhat/console.sol#1448-1450) is never used and should be removed
console.log(address,bool,bool,bool) (hardhat/console.sol#1444-1446) is never used and should be removed
console.log(address,bool,bool,string) (hardhat/console.sol#1440-1442) is never used and should be removed
console.log(address,bool,bool,uint256) (hardhat/console.sol#1436-1438) is never used and should be removed
console.log(address,bool,string) (hardhat/console.sol#480-482) is never used and should be removed
console.log(address,bool,string,address) (hardhat/console.sol#1432-1434) is never used and should be removed
console.log(address,bool,string,bool) (hardhat/console.sol#1428-1430) is never used and should be removed
console.log(address,bool,string,string) (hardhat/console.sol#1424-1426) is never used and should be removed
console.log(address,bool,string,uint256) (hardhat/console.sol#1420-1422) is never used and should be removed
console.log(address,bool,uint256) (hardhat/console.sol#476-478) is never used and should be removed
console.log(address,bool,uint256,address) (hardhat/console.sol#1416-1418) is never used and should be removed
console.log(address,bool,uint256,bool) (hardhat/console.sol#1412-1414) is never used and should be removed
console.log(address,bool,uint256,string) (hardhat/console.sol#1408-1410) is never used and should be removed
console.log(address,bool,uint256,uint256) (hardhat/console.sol#1404-1406) is never used and should be removed
console.log(address,string) (hardhat/console.sol#240-242) is never used and should be removed
console.log(address,string,address) (hardhat/console.sol#472-474) is never used and should be removed
console.log(address,string,address,address) (hardhat/console.sol#1400-1402) is never used and should be removed
console.log(address,string,address,bool) (hardhat/console.sol#1396-1398) is never used and should be removed
console.log(address,string,address,string) (hardhat/console.sol#1392-1394) is never used and should be removed
console.log(address,string,address,uint256) (hardhat/console.sol#1388-1390) is never used and should be removed
console.log(address,string,bool) (hardhat/console.sol#468-470) is never used and should be removed
console.log(address,string,bool,address) (hardhat/console.sol#1384-1386) is never used and should be removed
console.log(address,string,bool,bool) (hardhat/console.sol#1380-1382) is never used and should be removed
console.log(address,string,bool,string) (hardhat/console.sol#1376-1378) is never used and should be removed
console.log(address,string,bool,uint256) (hardhat/console.sol#1372-1374) is never used and should be removed
console.log(address,string,string) (hardhat/console.sol#464-466) is never used and should be removed
console.log(address,string,string,address) (hardhat/console.sol#1368-1370) is never used and should be removed
console.log(address,string,string,bool) (hardhat/console.sol#1364-1366) is never used and should be removed
console.log(address,string,string,string) (hardhat/console.sol#1360-1362) is never used and should be removed
console.log(address,string,string,uint256) (hardhat/console.sol#1356-1358) is never used and should be removed
console.log(address,string,uint256) (hardhat/console.sol#460-462) is never used and should be removed
console.log(address,string,uint256,address) (hardhat/console.sol#1352-1354) is never used and should be removed
console.log(address,string,uint256,bool) (hardhat/console.sol#1348-1350) is never used and should be removed
console.log(address,string,uint256,string) (hardhat/console.sol#1344-1346) is never used and should be removed
console.log(address,string,uint256,uint256) (hardhat/console.sol#1340-1342) is never used and should be removed
console.log(address,uint256) (hardhat/console.sol#236-238) is never used and should be removed
console.log(address,uint256,address) (hardhat/console.sol#456-458) is never used and should be removed
console.log(address,uint256,address,address) (hardhat/console.sol#1336-1338) is never used and should be removed
console.log(address,uint256,address,bool) (hardhat/console.sol#1332-1334) is never used and should be removed
console.log(address,uint256,address,string) (hardhat/console.sol#1328-1330) is never used and should be removed
console.log(address,uint256,address,uint256) (hardhat/console.sol#1324-1326) is never used and should be removed
console.log(address,uint256,bool) (hardhat/console.sol#452-454) is never used and should be removed
console.log(address,uint256,bool,address) (hardhat/console.sol#1320-1322) is never used and should be removed
console.log(address,uint256,bool,bool) (hardhat/console.sol#1316-1318) is never used and should be removed
console.log(address,uint256,bool,string) (hardhat/console.sol#1312-1314) is never used and should be removed
console.log(address,uint256,bool,uint256) (hardhat/console.sol#1308-1310) is never used and should be removed
console.log(address,uint256,string) (hardhat/console.sol#448-450) is never used and should be removed
console.log(address,uint256,string,address) (hardhat/console.sol#1304-1306) is never used and should be removed
console.log(address,uint256,string,bool) (hardhat/console.sol#1300-1302) is never used and should be removed
console.log(address,uint256,string,string) (hardhat/console.sol#1296-1298) is never used and should be removed
console.log(address,uint256,string,uint256) (hardhat/console.sol#1292-1294) is never used and should be removed
console.log(address,uint256,uint256) (hardhat/console.sol#444-446) is never used and should be removed
console.log(address,uint256,uint256,address) (hardhat/console.sol#1288-1290) is never used and should be removed
console.log(address,uint256,uint256,bool) (hardhat/console.sol#1284-1286) is never used and should be removed
console.log(address,uint256,uint256,string) (hardhat/console.sol#1280-1282) is never used and should be removed
console.log(address,uint256,uint256,uint256) (hardhat/console.sol#1276-1278) is never used and should be removed
console.log(bool) (hardhat/console.sol#180-182) is never used and should be removed
console.log(bool,address) (hardhat/console.sol#232-234) is never used and should be removed
console.log(bool,address,address) (hardhat/console.sol#440-442) is never used and should be removed
console.log(bool,address,address,address) (hardhat/console.sol#1272-1274) is never used and should be removed
console.log(bool,address,address,bool) (hardhat/console.sol#1268-1270) is never used and should be removed
console.log(bool,address,address,string) (hardhat/console.sol#1264-1266) is never used and should be removed
console.log(bool,address,address,uint256) (hardhat/console.sol#1260-1262) is never used and should be removed
console.log(bool,address,bool) (hardhat/console.sol#436-438) is never used and should be removed
console.log(bool,address,bool,address) (hardhat/console.sol#1256-1258) is never used and should be removed
console.log(bool,address,bool,bool) (hardhat/console.sol#1252-1254) is never used and should be removed
console.log(bool,address,bool,string) (hardhat/console.sol#1248-1250) is never used and should be removed
console.log(bool,address,bool,uint256) (hardhat/console.sol#1244-1246) is never used and should be removed
console.log(bool,address,string) (hardhat/console.sol#432-434) is never used and should be removed
console.log(bool,address,string,address) (hardhat/console.sol#1240-1242) is never used and should be removed
console.log(bool,address,string,bool) (hardhat/console.sol#1236-1238) is never used and should be removed
console.log(bool,address,string,string) (hardhat/console.sol#1232-1234) is never used and should be removed
console.log(bool,address,string,uint256) (hardhat/console.sol#1228-1230) is never used and should be removed
console.log(bool,address,uint256) (hardhat/console.sol#428-430) is never used and should be removed
console.log(bool,address,uint256,address) (hardhat/console.sol#1224-1226) is never used and should be removed
console.log(bool,address,uint256,bool) (hardhat/console.sol#1220-1222) is never used and should be removed
console.log(bool,address,uint256,string) (hardhat/console.sol#1216-1218) is never used and should be removed
console.log(bool,address,uint256,uint256) (hardhat/console.sol#1212-1214) is never used and should be removed
console.log(bool,bool) (hardhat/console.sol#228-230) is never used and should be removed
console.log(bool,bool,address) (hardhat/console.sol#424-426) is never used and should be removed
console.log(bool,bool,address,address) (hardhat/console.sol#1208-1210) is never used and should be removed
console.log(bool,bool,address,bool) (hardhat/console.sol#1204-1206) is never used and should be removed
console.log(bool,bool,address,string) (hardhat/console.sol#1200-1202) is never used and should be removed
console.log(bool,bool,address,uint256) (hardhat/console.sol#1196-1198) is never used and should be removed
console.log(bool,bool,bool) (hardhat/console.sol#420-422) is never used and should be removed
console.log(bool,bool,bool,address) (hardhat/console.sol#1192-1194) is never used and should be removed
console.log(bool,bool,bool,bool) (hardhat/console.sol#1188-1190) is never used and should be removed
console.log(bool,bool,bool,string) (hardhat/console.sol#1184-1186) is never used and should be removed
console.log(bool,bool,bool,uint256) (hardhat/console.sol#1180-1182) is never used and should be removed
console.log(bool,bool,string) (hardhat/console.sol#416-418) is never used and should be removed
console.log(bool,bool,string,address) (hardhat/console.sol#1176-1178) is never used and should be removed
console.log(bool,bool,string,bool) (hardhat/console.sol#1172-1174) is never used and should be removed
console.log(bool,bool,string,string) (hardhat/console.sol#1168-1170) is never used and should be removed
console.log(bool,bool,string,uint256) (hardhat/console.sol#1164-1166) is never used and should be removed
console.log(bool,bool,uint256) (hardhat/console.sol#412-414) is never used and should be removed
console.log(bool,bool,uint256,address) (hardhat/console.sol#1160-1162) is never used and should be removed
console.log(bool,bool,uint256,bool) (hardhat/console.sol#1156-1158) is never used and should be removed
console.log(bool,bool,uint256,string) (hardhat/console.sol#1152-1154) is never used and should be removed
console.log(bool,bool,uint256,uint256) (hardhat/console.sol#1148-1150) is never used and should be removed
console.log(bool,string) (hardhat/console.sol#224-226) is never used and should be removed
console.log(bool,string,address) (hardhat/console.sol#408-410) is never used and should be removed
console.log(bool,string,address,address) (hardhat/console.sol#1144-1146) is never used and should be removed
console.log(bool,string,address,bool) (hardhat/console.sol#1140-1142) is never used and should be removed
console.log(bool,string,address,string) (hardhat/console.sol#1136-1138) is never used and should be removed
console.log(bool,string,address,uint256) (hardhat/console.sol#1132-1134) is never used and should be removed
console.log(bool,string,bool) (hardhat/console.sol#404-406) is never used and should be removed
console.log(bool,string,bool,address) (hardhat/console.sol#1128-1130) is never used and should be removed
console.log(bool,string,bool,bool) (hardhat/console.sol#1124-1126) is never used and should be removed
console.log(bool,string,bool,string) (hardhat/console.sol#1120-1122) is never used and should be removed
console.log(bool,string,bool,uint256) (hardhat/console.sol#1116-1118) is never used and should be removed
console.log(bool,string,string) (hardhat/console.sol#400-402) is never used and should be removed
console.log(bool,string,string,address) (hardhat/console.sol#1112-1114) is never used and should be removed
console.log(bool,string,string,bool) (hardhat/console.sol#1108-1110) is never used and should be removed
console.log(bool,string,string,string) (hardhat/console.sol#1104-1106) is never used and should be removed
console.log(bool,string,string,uint256) (hardhat/console.sol#1100-1102) is never used and should be removed
console.log(bool,string,uint256) (hardhat/console.sol#396-398) is never used and should be removed
console.log(bool,string,uint256,address) (hardhat/console.sol#1096-1098) is never used and should be removed
console.log(bool,string,uint256,bool) (hardhat/console.sol#1092-1094) is never used and should be removed
console.log(bool,string,uint256,string) (hardhat/console.sol#1088-1090) is never used and should be removed
console.log(bool,string,uint256,uint256) (hardhat/console.sol#1084-1086) is never used and should be removed
console.log(bool,uint256) (hardhat/console.sol#220-222) is never used and should be removed
console.log(bool,uint256,address) (hardhat/console.sol#392-394) is never used and should be removed
console.log(bool,uint256,address,address) (hardhat/console.sol#1080-1082) is never used and should be removed
console.log(bool,uint256,address,bool) (hardhat/console.sol#1076-1078) is never used and should be removed
console.log(bool,uint256,address,string) (hardhat/console.sol#1072-1074) is never used and should be removed
console.log(bool,uint256,address,uint256) (hardhat/console.sol#1068-1070) is never used and should be removed
console.log(bool,uint256,bool) (hardhat/console.sol#388-390) is never used and should be removed
console.log(bool,uint256,bool,address) (hardhat/console.sol#1064-1066) is never used and should be removed
console.log(bool,uint256,bool,bool) (hardhat/console.sol#1060-1062) is never used and should be removed
console.log(bool,uint256,bool,string) (hardhat/console.sol#1056-1058) is never used and should be removed
console.log(bool,uint256,bool,uint256) (hardhat/console.sol#1052-1054) is never used and should be removed
console.log(bool,uint256,string) (hardhat/console.sol#384-386) is never used and should be removed
console.log(bool,uint256,string,address) (hardhat/console.sol#1048-1050) is never used and should be removed
console.log(bool,uint256,string,bool) (hardhat/console.sol#1044-1046) is never used and should be removed
console.log(bool,uint256,string,string) (hardhat/console.sol#1040-1042) is never used and should be removed
console.log(bool,uint256,string,uint256) (hardhat/console.sol#1036-1038) is never used and should be removed
console.log(bool,uint256,uint256) (hardhat/console.sol#380-382) is never used and should be removed
console.log(bool,uint256,uint256,address) (hardhat/console.sol#1032-1034) is never used and should be removed
console.log(bool,uint256,uint256,bool) (hardhat/console.sol#1028-1030) is never used and should be removed
console.log(bool,uint256,uint256,string) (hardhat/console.sol#1024-1026) is never used and should be removed
console.log(bool,uint256,uint256,uint256) (hardhat/console.sol#1020-1022) is never used and should be removed
console.log(string) (hardhat/console.sol#176-178) is never used and should be removed
console.log(string,address) (hardhat/console.sol#216-218) is never used and should be removed
console.log(string,address,address) (hardhat/console.sol#376-378) is never used and should be removed
console.log(string,address,address,address) (hardhat/console.sol#1016-1018) is never used and should be removed
console.log(string,address,address,bool) (hardhat/console.sol#1012-1014) is never used and should be removed
console.log(string,address,address,string) (hardhat/console.sol#1008-1010) is never used and should be removed
console.log(string,address,address,uint256) (hardhat/console.sol#1004-1006) is never used and should be removed
console.log(string,address,bool) (hardhat/console.sol#372-374) is never used and should be removed
console.log(string,address,bool,address) (hardhat/console.sol#1000-1002) is never used and should be removed
console.log(string,address,bool,bool) (hardhat/console.sol#996-998) is never used and should be removed
console.log(string,address,bool,string) (hardhat/console.sol#992-994) is never used and should be removed
console.log(string,address,bool,uint256) (hardhat/console.sol#988-990) is never used and should be removed
console.log(string,address,string) (hardhat/console.sol#368-370) is never used and should be removed
console.log(string,address,string,address) (hardhat/console.sol#984-986) is never used and should be removed
console.log(string,address,string,bool) (hardhat/console.sol#980-982) is never used and should be removed
console.log(string,address,string,string) (hardhat/console.sol#976-978) is never used and should be removed
console.log(string,address,string,uint256) (hardhat/console.sol#972-974) is never used and should be removed
console.log(string,address,uint256) (hardhat/console.sol#364-366) is never used and should be removed
console.log(string,address,uint256,address) (hardhat/console.sol#968-970) is never used and should be removed
console.log(string,address,uint256,bool) (hardhat/console.sol#964-966) is never used and should be removed
console.log(string,address,uint256,string) (hardhat/console.sol#960-962) is never used and should be removed
console.log(string,address,uint256,uint256) (hardhat/console.sol#956-958) is never used and should be removed
console.log(string,bool) (hardhat/console.sol#212-214) is never used and should be removed
console.log(string,bool,address) (hardhat/console.sol#360-362) is never used and should be removed
console.log(string,bool,address,address) (hardhat/console.sol#952-954) is never used and should be removed
console.log(string,bool,address,bool) (hardhat/console.sol#948-950) is never used and should be removed
console.log(string,bool,address,string) (hardhat/console.sol#944-946) is never used and should be removed
console.log(string,bool,address,uint256) (hardhat/console.sol#940-942) is never used and should be removed
console.log(string,bool,bool) (hardhat/console.sol#356-358) is never used and should be removed
console.log(string,bool,bool,address) (hardhat/console.sol#936-938) is never used and should be removed
console.log(string,bool,bool,bool) (hardhat/console.sol#932-934) is never used and should be removed
console.log(string,bool,bool,string) (hardhat/console.sol#928-930) is never used and should be removed
console.log(string,bool,bool,uint256) (hardhat/console.sol#924-926) is never used and should be removed
console.log(string,bool,string) (hardhat/console.sol#352-354) is never used and should be removed
console.log(string,bool,string,address) (hardhat/console.sol#920-922) is never used and should be removed
console.log(string,bool,string,bool) (hardhat/console.sol#916-918) is never used and should be removed
console.log(string,bool,string,string) (hardhat/console.sol#912-914) is never used and should be removed
console.log(string,bool,string,uint256) (hardhat/console.sol#908-910) is never used and should be removed
console.log(string,bool,uint256) (hardhat/console.sol#348-350) is never used and should be removed
console.log(string,bool,uint256,address) (hardhat/console.sol#904-906) is never used and should be removed
console.log(string,bool,uint256,bool) (hardhat/console.sol#900-902) is never used and should be removed
console.log(string,bool,uint256,string) (hardhat/console.sol#896-898) is never used and should be removed
console.log(string,bool,uint256,uint256) (hardhat/console.sol#892-894) is never used and should be removed
console.log(string,string) (hardhat/console.sol#208-210) is never used and should be removed
console.log(string,string,address) (hardhat/console.sol#344-346) is never used and should be removed
console.log(string,string,address,address) (hardhat/console.sol#888-890) is never used and should be removed
console.log(string,string,address,bool) (hardhat/console.sol#884-886) is never used and should be removed
console.log(string,string,address,string) (hardhat/console.sol#880-882) is never used and should be removed
console.log(string,string,address,uint256) (hardhat/console.sol#876-878) is never used and should be removed
console.log(string,string,bool) (hardhat/console.sol#340-342) is never used and should be removed
console.log(string,string,bool,address) (hardhat/console.sol#872-874) is never used and should be removed
console.log(string,string,bool,bool) (hardhat/console.sol#868-870) is never used and should be removed
console.log(string,string,bool,string) (hardhat/console.sol#864-866) is never used and should be removed
console.log(string,string,bool,uint256) (hardhat/console.sol#860-862) is never used and should be removed
console.log(string,string,string) (hardhat/console.sol#336-338) is never used and should be removed
console.log(string,string,string,address) (hardhat/console.sol#856-858) is never used and should be removed
console.log(string,string,string,bool) (hardhat/console.sol#852-854) is never used and should be removed
console.log(string,string,string,string) (hardhat/console.sol#848-850) is never used and should be removed
console.log(string,string,string,uint256) (hardhat/console.sol#844-846) is never used and should be removed
console.log(string,string,uint256) (hardhat/console.sol#332-334) is never used and should be removed
console.log(string,string,uint256,address) (hardhat/console.sol#840-842) is never used and should be removed
console.log(string,string,uint256,bool) (hardhat/console.sol#836-838) is never used and should be removed
console.log(string,string,uint256,string) (hardhat/console.sol#832-834) is never used and should be removed
console.log(string,string,uint256,uint256) (hardhat/console.sol#828-830) is never used and should be removed
console.log(string,uint256) (hardhat/console.sol#204-206) is never used and should be removed
console.log(string,uint256,address) (hardhat/console.sol#328-330) is never used and should be removed
console.log(string,uint256,address,address) (hardhat/console.sol#824-826) is never used and should be removed
console.log(string,uint256,address,bool) (hardhat/console.sol#820-822) is never used and should be removed
console.log(string,uint256,address,string) (hardhat/console.sol#816-818) is never used and should be removed
console.log(string,uint256,address,uint256) (hardhat/console.sol#812-814) is never used and should be removed
console.log(string,uint256,bool) (hardhat/console.sol#324-326) is never used and should be removed
console.log(string,uint256,bool,address) (hardhat/console.sol#808-810) is never used and should be removed
console.log(string,uint256,bool,bool) (hardhat/console.sol#804-806) is never used and should be removed
console.log(string,uint256,bool,string) (hardhat/console.sol#800-802) is never used and should be removed
console.log(string,uint256,bool,uint256) (hardhat/console.sol#796-798) is never used and should be removed
console.log(string,uint256,string) (hardhat/console.sol#320-322) is never used and should be removed
console.log(string,uint256,string,address) (hardhat/console.sol#792-794) is never used and should be removed
console.log(string,uint256,string,bool) (hardhat/console.sol#788-790) is never used and should be removed
console.log(string,uint256,string,string) (hardhat/console.sol#784-786) is never used and should be removed
console.log(string,uint256,string,uint256) (hardhat/console.sol#780-782) is never used and should be removed
console.log(string,uint256,uint256) (hardhat/console.sol#316-318) is never used and should be removed
console.log(string,uint256,uint256,address) (hardhat/console.sol#776-778) is never used and should be removed
console.log(string,uint256,uint256,bool) (hardhat/console.sol#772-774) is never used and should be removed
console.log(string,uint256,uint256,string) (hardhat/console.sol#768-770) is never used and should be removed
console.log(string,uint256,uint256,uint256) (hardhat/console.sol#764-766) is never used and should be removed
console.log(uint256) (hardhat/console.sol#172-174) is never used and should be removed
console.log(uint256,address) (hardhat/console.sol#200-202) is never used and should be removed
console.log(uint256,address,address) (hardhat/console.sol#312-314) is never used and should be removed
console.log(uint256,address,address,address) (hardhat/console.sol#760-762) is never used and should be removed
console.log(uint256,address,address,bool) (hardhat/console.sol#756-758) is never used and should be removed
console.log(uint256,address,address,string) (hardhat/console.sol#752-754) is never used and should be removed
console.log(uint256,address,address,uint256) (hardhat/console.sol#748-750) is never used and should be removed
console.log(uint256,address,bool) (hardhat/console.sol#308-310) is never used and should be removed
console.log(uint256,address,bool,address) (hardhat/console.sol#744-746) is never used and should be removed
console.log(uint256,address,bool,bool) (hardhat/console.sol#740-742) is never used and should be removed
console.log(uint256,address,bool,string) (hardhat/console.sol#736-738) is never used and should be removed
console.log(uint256,address,bool,uint256) (hardhat/console.sol#732-734) is never used and should be removed
console.log(uint256,address,string) (hardhat/console.sol#304-306) is never used and should be removed
console.log(uint256,address,string,address) (hardhat/console.sol#728-730) is never used and should be removed
console.log(uint256,address,string,bool) (hardhat/console.sol#724-726) is never used and should be removed
console.log(uint256,address,string,string) (hardhat/console.sol#720-722) is never used and should be removed
console.log(uint256,address,string,uint256) (hardhat/console.sol#716-718) is never used and should be removed
console.log(uint256,address,uint256) (hardhat/console.sol#300-302) is never used and should be removed
console.log(uint256,address,uint256,address) (hardhat/console.sol#712-714) is never used and should be removed
console.log(uint256,address,uint256,bool) (hardhat/console.sol#708-710) is never used and should be removed
console.log(uint256,address,uint256,string) (hardhat/console.sol#704-706) is never used and should be removed
console.log(uint256,address,uint256,uint256) (hardhat/console.sol#700-702) is never used and should be removed
console.log(uint256,bool) (hardhat/console.sol#196-198) is never used and should be removed
console.log(uint256,bool,address) (hardhat/console.sol#296-298) is never used and should be removed
console.log(uint256,bool,address,address) (hardhat/console.sol#696-698) is never used and should be removed
console.log(uint256,bool,address,bool) (hardhat/console.sol#692-694) is never used and should be removed
console.log(uint256,bool,address,string) (hardhat/console.sol#688-690) is never used and should be removed
console.log(uint256,bool,address,uint256) (hardhat/console.sol#684-686) is never used and should be removed
console.log(uint256,bool,bool) (hardhat/console.sol#292-294) is never used and should be removed
console.log(uint256,bool,bool,address) (hardhat/console.sol#680-682) is never used and should be removed
console.log(uint256,bool,bool,bool) (hardhat/console.sol#676-678) is never used and should be removed
console.log(uint256,bool,bool,string) (hardhat/console.sol#672-674) is never used and should be removed
console.log(uint256,bool,bool,uint256) (hardhat/console.sol#668-670) is never used and should be removed
console.log(uint256,bool,string) (hardhat/console.sol#288-290) is never used and should be removed
console.log(uint256,bool,string,address) (hardhat/console.sol#664-666) is never used and should be removed
console.log(uint256,bool,string,bool) (hardhat/console.sol#660-662) is never used and should be removed
console.log(uint256,bool,string,string) (hardhat/console.sol#656-658) is never used and should be removed
console.log(uint256,bool,string,uint256) (hardhat/console.sol#652-654) is never used and should be removed
console.log(uint256,bool,uint256) (hardhat/console.sol#284-286) is never used and should be removed
console.log(uint256,bool,uint256,address) (hardhat/console.sol#648-650) is never used and should be removed
console.log(uint256,bool,uint256,bool) (hardhat/console.sol#644-646) is never used and should be removed
console.log(uint256,bool,uint256,string) (hardhat/console.sol#640-642) is never used and should be removed
console.log(uint256,bool,uint256,uint256) (hardhat/console.sol#636-638) is never used and should be removed
console.log(uint256,string) (hardhat/console.sol#192-194) is never used and should be removed
console.log(uint256,string,address) (hardhat/console.sol#280-282) is never used and should be removed
console.log(uint256,string,address,address) (hardhat/console.sol#632-634) is never used and should be removed
console.log(uint256,string,address,bool) (hardhat/console.sol#628-630) is never used and should be removed
console.log(uint256,string,address,string) (hardhat/console.sol#624-626) is never used and should be removed
console.log(uint256,string,address,uint256) (hardhat/console.sol#620-622) is never used and should be removed
console.log(uint256,string,bool) (hardhat/console.sol#276-278) is never used and should be removed
console.log(uint256,string,bool,address) (hardhat/console.sol#616-618) is never used and should be removed
console.log(uint256,string,bool,bool) (hardhat/console.sol#612-614) is never used and should be removed
console.log(uint256,string,bool,string) (hardhat/console.sol#608-610) is never used and should be removed
console.log(uint256,string,bool,uint256) (hardhat/console.sol#604-606) is never used and should be removed
console.log(uint256,string,string) (hardhat/console.sol#272-274) is never used and should be removed
console.log(uint256,string,string,address) (hardhat/console.sol#600-602) is never used and should be removed
console.log(uint256,string,string,bool) (hardhat/console.sol#596-598) is never used and should be removed
console.log(uint256,string,string,string) (hardhat/console.sol#592-594) is never used and should be removed
console.log(uint256,string,string,uint256) (hardhat/console.sol#588-590) is never used and should be removed
console.log(uint256,string,uint256) (hardhat/console.sol#268-270) is never used and should be removed
console.log(uint256,string,uint256,address) (hardhat/console.sol#584-586) is never used and should be removed
console.log(uint256,string,uint256,bool) (hardhat/console.sol#580-582) is never used and should be removed
console.log(uint256,string,uint256,string) (hardhat/console.sol#576-578) is never used and should be removed
console.log(uint256,string,uint256,uint256) (hardhat/console.sol#572-574) is never used and should be removed
console.log(uint256,uint256) (hardhat/console.sol#188-190) is never used and should be removed
console.log(uint256,uint256,address) (hardhat/console.sol#264-266) is never used and should be removed
console.log(uint256,uint256,address,address) (hardhat/console.sol#568-570) is never used and should be removed
console.log(uint256,uint256,address,bool) (hardhat/console.sol#564-566) is never used and should be removed
console.log(uint256,uint256,address,string) (hardhat/console.sol#560-562) is never used and should be removed
console.log(uint256,uint256,address,uint256) (hardhat/console.sol#556-558) is never used and should be removed
console.log(uint256,uint256,bool) (hardhat/console.sol#260-262) is never used and should be removed
console.log(uint256,uint256,bool,address) (hardhat/console.sol#552-554) is never used and should be removed
console.log(uint256,uint256,bool,bool) (hardhat/console.sol#548-550) is never used and should be removed
console.log(uint256,uint256,bool,string) (hardhat/console.sol#544-546) is never used and should be removed
console.log(uint256,uint256,bool,uint256) (hardhat/console.sol#540-542) is never used and should be removed
console.log(uint256,uint256,string) (hardhat/console.sol#256-258) is never used and should be removed
console.log(uint256,uint256,string,address) (hardhat/console.sol#536-538) is never used and should be removed
console.log(uint256,uint256,string,bool) (hardhat/console.sol#532-534) is never used and should be removed
console.log(uint256,uint256,string,string) (hardhat/console.sol#528-530) is never used and should be removed
console.log(uint256,uint256,string,uint256) (hardhat/console.sol#524-526) is never used and should be removed
console.log(uint256,uint256,uint256) (hardhat/console.sol#252-254) is never used and should be removed
console.log(uint256,uint256,uint256,address) (hardhat/console.sol#520-522) is never used and should be removed
console.log(uint256,uint256,uint256,bool) (hardhat/console.sol#516-518) is never used and should be removed
console.log(uint256,uint256,uint256,string) (hardhat/console.sol#512-514) is never used and should be removed
console.log(uint256,uint256,uint256,uint256) (hardhat/console.sol#508-510) is never used and should be removed
console.logAddress(address) (hardhat/console.sol#36-38) is never used and should be removed
console.logBool(bool) (hardhat/console.sol#32-34) is never used and should be removed
console.logBytes(bytes) (hardhat/console.sol#40-42) is never used and should be removed
console.logBytes1(bytes1) (hardhat/console.sol#44-46) is never used and should be removed
console.logBytes10(bytes10) (hardhat/console.sol#80-82) is never used and should be removed
console.logBytes11(bytes11) (hardhat/console.sol#84-86) is never used and should be removed
console.logBytes12(bytes12) (hardhat/console.sol#88-90) is never used and should be removed
console.logBytes13(bytes13) (hardhat/console.sol#92-94) is never used and should be removed
console.logBytes14(bytes14) (hardhat/console.sol#96-98) is never used and should be removed
console.logBytes15(bytes15) (hardhat/console.sol#100-102) is never used and should be removed
console.logBytes16(bytes16) (hardhat/console.sol#104-106) is never used and should be removed
console.logBytes17(bytes17) (hardhat/console.sol#108-110) is never used and should be removed
console.logBytes18(bytes18) (hardhat/console.sol#112-114) is never used and should be removed
console.logBytes19(bytes19) (hardhat/console.sol#116-118) is never used and should be removed
console.logBytes2(bytes2) (hardhat/console.sol#48-50) is never used and should be removed
console.logBytes20(bytes20) (hardhat/console.sol#120-122) is never used and should be removed
console.logBytes21(bytes21) (hardhat/console.sol#124-126) is never used and should be removed
console.logBytes22(bytes22) (hardhat/console.sol#128-130) is never used and should be removed
console.logBytes23(bytes23) (hardhat/console.sol#132-134) is never used and should be removed
console.logBytes24(bytes24) (hardhat/console.sol#136-138) is never used and should be removed
console.logBytes25(bytes25) (hardhat/console.sol#140-142) is never used and should be removed
console.logBytes26(bytes26) (hardhat/console.sol#144-146) is never used and should be removed
console.logBytes27(bytes27) (hardhat/console.sol#148-150) is never used and should be removed
console.logBytes28(bytes28) (hardhat/console.sol#152-154) is never used and should be removed
console.logBytes29(bytes29) (hardhat/console.sol#156-158) is never used and should be removed
console.logBytes3(bytes3) (hardhat/console.sol#52-54) is never used and should be removed
console.logBytes30(bytes30) (hardhat/console.sol#160-162) is never used and should be removed
console.logBytes31(bytes31) (hardhat/console.sol#164-166) is never used and should be removed
console.logBytes32(bytes32) (hardhat/console.sol#168-170) is never used and should be removed
console.logBytes4(bytes4) (hardhat/console.sol#56-58) is never used and should be removed
console.logBytes5(bytes5) (hardhat/console.sol#60-62) is never used and should be removed
console.logBytes6(bytes6) (hardhat/console.sol#64-66) is never used and should be removed
console.logBytes7(bytes7) (hardhat/console.sol#68-70) is never used and should be removed
console.logBytes8(bytes8) (hardhat/console.sol#72-74) is never used and should be removed
console.logBytes9(bytes9) (hardhat/console.sol#76-78) is never used and should be removed
console.logInt(int256) (hardhat/console.sol#20-22) is never used and should be removed
console.logString(string) (hardhat/console.sol#28-30) is never used and should be removed
console.logUint(uint256) (hardhat/console.sol#24-26) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60):
- (success) = recipient.call{value: amount}() (contracts/dependencies/openzeppelin/contracts/Address.sol#58)
Low level call in SafeERC20.callOptionalReturn(IERC20,bytes) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#51-63):
- (success,returndata) = address(token).call(data) (contracts/dependencies/openzeppelin/contracts/SafeERC20.sol#55)
Low level call in BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#86-94):
- (success) = newImplementation.delegatecall(data) (contracts/dependencies/openzeppelin/upgradeability/BaseAdminUpgradeabilityProxy.sol#92)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Low level call in UpgradeabilityProxy.constructor(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/UpgradeabilityProxy.sol#20-27):
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/UpgradeabilityProxy.sol#24)
Low level call in WETHGateway._safeTransferETH(address,uint256) (contracts/misc/WETHGateway.sol#139-142):
- (success) = to.call{value: value}(new bytes(0)) (contracts/misc/WETHGateway.sol#140)
Low level call in LendingPool.liquidationCall(address,address,address,uint256,bool) (contracts/protocol/lendingpool/LendingPool.sol#425-452):
- (success,result) = collateralManager.delegatecall(abi.encodeWithSignature(liquidationCall(address,address,address,uint256,bool),collateralAsset,debtAsset,user,debtToCover,receiveAToken)) (contracts/protocol/lendingpool/LendingPool.sol#435-445)
Low level call in BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63-71):
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
MintableDelegationERC20 (contracts/mocks/tokens/MintableDelegationERC20.sol#10-34) should inherit from IDelegationToken (contracts/interfaces/IDelegationToken.sol#9-11)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-inheritance
INFO:Detectors:
Variable BaseUniswapAdapter.WETH_ADDRESS (contracts/adapters/BaseUniswapAdapter.sol#36) is not in mixedCase
Variable BaseUniswapAdapter.ORACLE (contracts/adapters/BaseUniswapAdapter.sol#37) is not in mixedCase
Variable BaseUniswapAdapter.UNISWAP_ROUTER (contracts/adapters/BaseUniswapAdapter.sol#38) is not in mixedCase
Function IBaseUniswapAdapter.WETH_ADDRESS() (contracts/adapters/interfaces/IBaseUniswapAdapter.sol#27) is not in mixedCase
Function IBaseUniswapAdapter.MAX_SLIPPAGE_PERCENT() (contracts/adapters/interfaces/IBaseUniswapAdapter.sol#29) is not in mixedCase
Function IBaseUniswapAdapter.FLASHLOAN_PREMIUM_TOTAL() (contracts/adapters/interfaces/IBaseUniswapAdapter.sol#31) is not in mixedCase
Function IBaseUniswapAdapter.USD_ADDRESS() (contracts/adapters/interfaces/IBaseUniswapAdapter.sol#33) is not in mixedCase
Function IBaseUniswapAdapter.ORACLE() (contracts/adapters/interfaces/IBaseUniswapAdapter.sol#35) is not in mixedCase
Function IBaseUniswapAdapter.UNISWAP_ROUTER() (contracts/adapters/interfaces/IBaseUniswapAdapter.sol#37) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Event ATokensAndRatesHelperdeployedContracts(address,address) (contracts/deployments/ATokensAndRatesHelper.sol#21) is not in CapWords
Event StableAndVariableTokensHelperdeployedContracts(address,address) (contracts/deployments/StableAndVariableTokensHelper.sol#14) is not in CapWords
Variable FlashLoanReceiverBase.ADDRESSES_PROVIDER (contracts/flashloan/base/FlashLoanReceiverBase.sol#15) is not in mixedCase
Variable FlashLoanReceiverBase.LENDING_POOL (contracts/flashloan/base/FlashLoanReceiverBase.sol#16) is not in mixedCase
Function IFlashLoanReceiver.ADDRESSES_PROVIDER() (contracts/flashloan/interfaces/IFlashLoanReceiver.sol#22) is not in mixedCase
Function IFlashLoanReceiver.LENDING_POOL() (contracts/flashloan/interfaces/IFlashLoanReceiver.sol#24) is not in mixedCase
Variable AaveOracle.WETH (contracts/misc/AaveOracle.sol#27) is not in mixedCase
Variable AaveProtocolDataProvider.ADDRESSES_PROVIDER (contracts/misc/AaveProtocolDataProvider.sol#26) is not in mixedCase
Variable WETHGateway.WETH (contracts/misc/WETHGateway.sol#20) is not in mixedCase
Variable MockFlashLoanReceiver._provider (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#15) is not in mixedCase
Variable MockFlashLoanReceiver._failExecution (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#20) is not in mixedCase
Variable MockFlashLoanReceiver._amountToApprove (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#21) is not in mixedCase
Variable MockFlashLoanReceiver._simulateEOA (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#22) is not in mixedCase
Parameter LendingRateOracle.getMarketBorrowRate(address)._asset (contracts/mocks/oracle/LendingRateOracle.sol#11) is not in mixedCase
Parameter LendingRateOracle.setMarketBorrowRate(address,uint256)._asset (contracts/mocks/oracle/LendingRateOracle.sol#15) is not in mixedCase
Parameter LendingRateOracle.setMarketBorrowRate(address,uint256)._rate (contracts/mocks/oracle/LendingRateOracle.sol#15) is not in mixedCase
Parameter LendingRateOracle.getMarketLiquidityRate(address)._asset (contracts/mocks/oracle/LendingRateOracle.sol#19) is not in mixedCase
Parameter LendingRateOracle.setMarketLiquidityRate(address,uint256)._asset (contracts/mocks/oracle/LendingRateOracle.sol#23) is not in mixedCase
Parameter LendingRateOracle.setMarketLiquidityRate(address,uint256)._rate (contracts/mocks/oracle/LendingRateOracle.sol#23) is not in mixedCase
Variable MockUniswapV2Router02._amountToReturn (contracts/mocks/swap/MockUniswapV2Router02.sol#9) is not in mixedCase
Variable MockUniswapV2Router02._amountToSwap (contracts/mocks/swap/MockUniswapV2Router02.sol#10) is not in mixedCase
Variable MockUniswapV2Router02._amountsIn (contracts/mocks/swap/MockUniswapV2Router02.sol#11) is not in mixedCase
Variable MockUniswapV2Router02._amountsOut (contracts/mocks/swap/MockUniswapV2Router02.sol#12) is not in mixedCase
Variable DefaultReserveInterestRateStrategy.OPTIMAL_UTILIZATION_RATE (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#31) is not in mixedCase
Variable DefaultReserveInterestRateStrategy.EXCESS_UTILIZATION_RATE (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#39) is not in mixedCase
Variable DefaultReserveInterestRateStrategy._baseVariableBorrowRate (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#44) is not in mixedCase
Variable DefaultReserveInterestRateStrategy._variableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#47) is not in mixedCase
Variable DefaultReserveInterestRateStrategy._variableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#50) is not in mixedCase
Variable DefaultReserveInterestRateStrategy._stableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#53) is not in mixedCase
Variable DefaultReserveInterestRateStrategy._stableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#56) is not in mixedCase
Function LendingPool.MAX_STABLE_RATE_BORROW_SIZE_PERCENT() (contracts/protocol/lendingpool/LendingPool.sol#711-713) is not in mixedCase
Function LendingPool.FLASHLOAN_PREMIUM_TOTAL() (contracts/protocol/lendingpool/LendingPool.sol#718-720) is not in mixedCase
Function LendingPool.MAX_NUMBER_RESERVES() (contracts/protocol/lendingpool/LendingPool.sol#725-727) is not in mixedCase
Variable LendingPoolStorage._addressesProvider (contracts/protocol/lendingpool/LendingPoolStorage.sol#15) is not in mixedCase
Variable LendingPoolStorage._reserves (contracts/protocol/lendingpool/LendingPoolStorage.sol#17) is not in mixedCase
Variable LendingPoolStorage._usersConfig (contracts/protocol/lendingpool/LendingPoolStorage.sol#18) is not in mixedCase
Variable LendingPoolStorage._reservesList (contracts/protocol/lendingpool/LendingPoolStorage.sol#21) is not in mixedCase
Variable LendingPoolStorage._reservesCount (contracts/protocol/lendingpool/LendingPoolStorage.sol#23) is not in mixedCase
Variable LendingPoolStorage._paused (contracts/protocol/lendingpool/LendingPoolStorage.sol#25) is not in mixedCase
Variable LendingPoolStorage._maxStableRateBorrowSizePercent (contracts/protocol/lendingpool/LendingPoolStorage.sol#27) is not in mixedCase
Variable LendingPoolStorage._flashLoanPremiumTotal (contracts/protocol/lendingpool/LendingPoolStorage.sol#29) is not in mixedCase
Variable LendingPoolStorage._maxNumberOfReserves (contracts/protocol/lendingpool/LendingPoolStorage.sol#31) is not in mixedCase
Variable BaseImmutableAdminUpgradeabilityProxy.ADMIN (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#17) is not in mixedCase
Variable VersionedInitializable.______gap (contracts/protocol/libraries/aave-upgradeability/VersionedInitializable.sol#76) is not in mixedCase
Struct GenericLogic.balanceDecreaseAllowedLocalVars (contracts/protocol/libraries/logic/GenericLogic.sol#30-41) is not in CapWords
Constant WadRayMath.halfWAD (contracts/protocol/libraries/math/WadRayMath.sol#14) is not in UPPER_CASE_WITH_UNDERSCORES
Constant WadRayMath.halfRAY (contracts/protocol/libraries/math/WadRayMath.sol#17) is not in UPPER_CASE_WITH_UNDERSCORES
Function AToken.RESERVE_TREASURY_ADDRESS() (contracts/protocol/tokenization/AToken.sol#269-271) is not in mixedCase
Function AToken.UNDERLYING_ASSET_ADDRESS() (contracts/protocol/tokenization/AToken.sol#276-278) is not in mixedCase
Function AToken.POOL() (contracts/protocol/tokenization/AToken.sol#283-285) is not in mixedCase
Variable AToken._nonces (contracts/protocol/tokenization/AToken.sol#36) is not in mixedCase
Variable AToken.DOMAIN_SEPARATOR (contracts/protocol/tokenization/AToken.sol#38) is not in mixedCase
Variable AToken._pool (contracts/protocol/tokenization/AToken.sol#40) is not in mixedCase
Variable AToken._treasury (contracts/protocol/tokenization/AToken.sol#41) is not in mixedCase
Variable AToken._underlyingAsset (contracts/protocol/tokenization/AToken.sol#42) is not in mixedCase
Variable AToken._incentivesController (contracts/protocol/tokenization/AToken.sol#43) is not in mixedCase
Variable IncentivizedERC20._balances (contracts/protocol/tokenization/IncentivizedERC20.sol#18) is not in mixedCase
Variable IncentivizedERC20._totalSupply (contracts/protocol/tokenization/IncentivizedERC20.sol#21) is not in mixedCase
Function StableDebtToken.UNDERLYING_ASSET_ADDRESS() (contracts/protocol/tokenization/StableDebtToken.sol#341-343) is not in mixedCase
Function StableDebtToken.POOL() (contracts/protocol/tokenization/StableDebtToken.sol#348-350) is not in mixedCase
Variable StableDebtToken._avgStableRate (contracts/protocol/tokenization/StableDebtToken.sol#23) is not in mixedCase
Variable StableDebtToken._timestamps (contracts/protocol/tokenization/StableDebtToken.sol#24) is not in mixedCase
Variable StableDebtToken._usersStableRate (contracts/protocol/tokenization/StableDebtToken.sol#25) is not in mixedCase
Variable StableDebtToken._totalSupplyTimestamp (contracts/protocol/tokenization/StableDebtToken.sol#26) is not in mixedCase
Variable StableDebtToken._pool (contracts/protocol/tokenization/StableDebtToken.sol#28) is not in mixedCase
Variable StableDebtToken._underlyingAsset (contracts/protocol/tokenization/StableDebtToken.sol#29) is not in mixedCase
Variable StableDebtToken._incentivesController (contracts/protocol/tokenization/StableDebtToken.sol#30) is not in mixedCase
Function VariableDebtToken.UNDERLYING_ASSET_ADDRESS() (contracts/protocol/tokenization/VariableDebtToken.sol#180-182) is not in mixedCase
Function VariableDebtToken.POOL() (contracts/protocol/tokenization/VariableDebtToken.sol#194-196) is not in mixedCase
Variable VariableDebtToken._pool (contracts/protocol/tokenization/VariableDebtToken.sol#22) is not in mixedCase
Variable VariableDebtToken._underlyingAsset (contracts/protocol/tokenization/VariableDebtToken.sol#23) is not in mixedCase
Variable VariableDebtToken._incentivesController (contracts/protocol/tokenization/VariableDebtToken.sol#24) is not in mixedCase
Variable DebtTokenBase._borrowAllowances (contracts/protocol/tokenization/base/DebtTokenBase.sol#23) is not in mixedCase
Contract console (hardhat/console.sol#4-1532) is not in CapWords
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (contracts/dependencies/openzeppelin/contracts/Context.sol#20)" inContext (contracts/dependencies/openzeppelin/contracts/Context.sol#14-23)
Redundant expression "params (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#53)" inMockFlashLoanReceiver (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#12-84)
Redundant expression "initiator (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#54)" inMockFlashLoanReceiver (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#12-84)
Redundant expression "recipient (contracts/protocol/tokenization/base/DebtTokenBase.sol#65)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "amount (contracts/protocol/tokenization/base/DebtTokenBase.sol#66)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "owner (contracts/protocol/tokenization/base/DebtTokenBase.sol#77)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "spender (contracts/protocol/tokenization/base/DebtTokenBase.sol#78)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "spender (contracts/protocol/tokenization/base/DebtTokenBase.sol#83)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "amount (contracts/protocol/tokenization/base/DebtTokenBase.sol#84)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "sender (contracts/protocol/tokenization/base/DebtTokenBase.sol#93)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "recipient (contracts/protocol/tokenization/base/DebtTokenBase.sol#94)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "amount (contracts/protocol/tokenization/base/DebtTokenBase.sol#95)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "spender (contracts/protocol/tokenization/base/DebtTokenBase.sol#105)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "addedValue (contracts/protocol/tokenization/base/DebtTokenBase.sol#106)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "spender (contracts/protocol/tokenization/base/DebtTokenBase.sol#116)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Redundant expression "subtractedValue (contracts/protocol/tokenization/base/DebtTokenBase.sol#117)" inDebtTokenBase (contracts/protocol/tokenization/base/DebtTokenBase.sol#18-137)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Detectors:
Variable DefaultReserveInterestRateStrategy._stableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#53) is too similar to DefaultReserveInterestRateStrategy._stableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#56)
Variable DefaultReserveInterestRateStrategy._variableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#47) is too similar to DefaultReserveInterestRateStrategy._variableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#50)
Variable DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).stableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#64) is too similar to DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).stableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#65)
Variable DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).variableRateSlope1 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#62) is too similar to DefaultReserveInterestRateStrategy.constructor(ILendingPoolAddressesProvider,uint256,uint256,uint256,uint256,uint256,uint256).variableRateSlope2 (contracts/protocol/lendingpool/DefaultReserveInterestRateStrategy.sol#63)
Variable Errors.LP_INCONSISTENT_FLASHLOAN_PARAMS (contracts/protocol/libraries/helpers/Errors.sol#55) is too similar to Errors.VL_INCONSISTENT_FLASHLOAN_PARAMS (contracts/protocol/libraries/helpers/Errors.sol#100)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#variable-names-too-similar
INFO:Detectors:
FlashLiquidationAdapter.LIQUIDATION_CLOSE_FACTOR_PERCENT (contracts/adapters/FlashLiquidationAdapter.sol#22) is never used in FlashLiquidationAdapter (contracts/adapters/FlashLiquidationAdapter.sol#20-184)
MockFlashLoanReceiver._provider (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#15) is never used in MockFlashLoanReceiver (contracts/mocks/flashloan/MockFlashLoanReceiver.sol#12-84)
LendingPoolStorage._paused (contracts/protocol/lendingpool/LendingPoolStorage.sol#25) is never used in LendingPoolCollateralManager (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#29-317)
LendingPoolStorage._maxStableRateBorrowSizePercent (contracts/protocol/lendingpool/LendingPoolStorage.sol#27) is never used in LendingPoolCollateralManager (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#29-317)
LendingPoolStorage._flashLoanPremiumTotal (contracts/protocol/lendingpool/LendingPoolStorage.sol#29) is never used in LendingPoolCollateralManager (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#29-317)
LendingPoolStorage._maxNumberOfReserves (contracts/protocol/lendingpool/LendingPoolStorage.sol#31) is never used in LendingPoolCollateralManager (contracts/protocol/lendingpool/LendingPoolCollateralManager.sol#29-317)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variable
INFO:Detectors:
ATokensAndRatesHelper.addressesProvider (contracts/deployments/ATokensAndRatesHelper.sol#19) should be immutable
ATokensAndRatesHelper.pool (contracts/deployments/ATokensAndRatesHelper.sol#18) should be immutable
ATokensAndRatesHelper.poolConfigurator (contracts/deployments/ATokensAndRatesHelper.sol#20) should be immutable
StableAndVariableTokensHelper.addressesProvider (contracts/deployments/StableAndVariableTokensHelper.sol#13) should be immutable
StableAndVariableTokensHelper.pool (contracts/deployments/StableAndVariableTokensHelper.sol#12) should be immutable
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-immutable
INFO:Slither:0xaACA8859EFD9643B98C042691DA60b217C9CdD64 analyzed (91 contracts with 79 detectors), 767 result(s) found
Slither report for LendingPoolAddressesProvider at `0xAcc030EF66f9dFEAE9CbB0cd1B25654b82cFA8d5`
Warning: contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol:16:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseImmutableAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableImmutableAdminUpgradeabilityProxy is
^ (Relevant source part starts here and spans across multiple lines).
contracts/dependencies/openzeppelin/upgradeability/Proxy.sol:16:3: The payable fallback function is defined here.
fallback() external payable {
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
Reentrancy in LendingPoolAddressesProvider._updateImpl(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#194-209):
External calls:
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
State variables written after the call(s):
- _addresses[id] = address(proxy) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#204)
LendingPoolAddressesProvider._addresses (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#21) can be used in cross function reentrancies:
- LendingPoolAddressesProvider._updateImpl(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#194-209)
- LendingPoolAddressesProvider.getAddress(bytes32) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#84-86)
- LendingPoolAddressesProvider.setAddress(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#75-78)
- LendingPoolAddressesProvider.setEmergencyAdmin(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#162-165)
- LendingPoolAddressesProvider.setLendingPoolCollateralManager(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#139-142)
- LendingPoolAddressesProvider.setLendingRateOracle(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#180-183)
- LendingPoolAddressesProvider.setPoolAdmin(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#153-156)
- LendingPoolAddressesProvider.setPriceOracle(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#171-174)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
BaseImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#19) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
InitializableImmutableAdminUpgradeabilityProxy.constructor(address).admin (contracts/protocol/libraries/aave-upgradeability/InitializableImmutableAdminUpgradeabilityProxy.sol#15) shadows:
- BaseImmutableAdminUpgradeabilityProxy.admin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#34-36) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseImmutableAdminUpgradeabilityProxy.ifAdmin() (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#23-29) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
Reentrancy in LendingPoolAddressesProvider._updateImpl(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#194-209):
External calls:
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
Event emitted after the call(s):
- ProxyCreated(id,address(proxy)) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#205)
Reentrancy in LendingPoolAddressesProvider.setAddressAsProxy(bytes32,address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#60-67):
External calls:
- _updateImpl(id,implementationAddress) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#65)
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
- proxy.upgradeToAndCall(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#207)
Event emitted after the call(s):
- AddressSet(id,implementationAddress,true) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#66)
Reentrancy in LendingPoolAddressesProvider.setLendingPoolConfiguratorImpl(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#119-122):
External calls:
- _updateImpl(LENDING_POOL_CONFIGURATOR,configurator) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#120)
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
- proxy.upgradeToAndCall(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#207)
Event emitted after the call(s):
- LendingPoolConfiguratorUpdated(configurator) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#121)
Reentrancy in LendingPoolAddressesProvider.setLendingPoolImpl(address) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#101-104):
External calls:
- _updateImpl(LENDING_POOL,pool) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#102)
- proxy.initialize(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#203)
- proxy.upgradeToAndCall(newAddress,params) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#207)
Event emitted after the call(s):
- LendingPoolUpdated(pool) (contracts/protocol/configuration/LendingPoolAddressesProvider.sol#103)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
Address.isContract(address) (contracts/dependencies/openzeppelin/contracts/Address.sol#25-36) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/contracts/Address.sol#32-34)
BaseUpgradeabilityProxy._implementation() (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#32-38) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#35-37)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#53-65) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/BaseUpgradeabilityProxy.sol#62-64)
Proxy._delegate(address) (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#31-55) uses assembly
- INLINE ASM (contracts/dependencies/openzeppelin/upgradeability/Proxy.sol#33-54)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60) is never used and should be removed
Context._msgData() (contracts/dependencies/openzeppelin/contracts/Context.sol#19-22) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/dependencies/openzeppelin/contracts/Address.sol#54-60):
- (success) = recipient.call{value: amount}() (contracts/dependencies/openzeppelin/contracts/Address.sol#58)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#25)
Low level call in BaseImmutableAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#63-71):
- (success) = newImplementation.delegatecall(data) (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#69)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/dependencies/openzeppelin/upgradeability/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable BaseImmutableAdminUpgradeabilityProxy.ADMIN (contracts/protocol/libraries/aave-upgradeability/BaseImmutableAdminUpgradeabilityProxy.sol#17) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (contracts/dependencies/openzeppelin/contracts/Context.sol#20)" inContext (contracts/dependencies/openzeppelin/contracts/Context.sol#14-23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Slither:0xAcc030EF66f9dFEAE9CbB0cd1B25654b82cFA8d5 analyzed (10 contracts with 79 detectors), 24 result(s) found
Slither report for GovernanceStrategy at `0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e`
INFO:Detectors:
GovernanceStrategy.constructor(address,address).aave (crytic-export/etherscan-contracts/0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e-GovernanceStrategy.sol#78) lacks a zero-check on :
- AAVE = aave (crytic-export/etherscan-contracts/0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e-GovernanceStrategy.sol#79)
GovernanceStrategy.constructor(address,address).stkAave (crytic-export/etherscan-contracts/0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e-GovernanceStrategy.sol#78) lacks a zero-check on :
- STK_AAVE = stkAave (crytic-export/etherscan-contracts/0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e-GovernanceStrategy.sol#80)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Variable GovernanceStrategy.AAVE (crytic-export/etherscan-contracts/0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e-GovernanceStrategy.sol#70) is not in mixedCase
Variable GovernanceStrategy.STK_AAVE (crytic-export/etherscan-contracts/0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e-GovernanceStrategy.sol#71) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e analyzed (4 contracts with 79 detectors), 4 result(s) found
Slither report for AccessControlledOffchainAggregator at `0xbba12740DE905707251525477bAD74985DeC46D2`
Warning: OffchainAggregator.sol:461:7: Warning: This declaration shadows an existing declaration.
int192 latestAnswer,
^-----------------^
OffchainAggregator.sol:653:3: The shadowed declaration is here:
function latestAnswer()
^ (Relevant source part starts here and spans across multiple lines).
Warning: OffchainAggregator.sol:462:7: Warning: This declaration shadows an existing declaration.
uint64 latestTimestamp
^--------------------^
OffchainAggregator.sol:666:3: The shadowed declaration is here:
function latestTimestamp()
^ (Relevant source part starts here and spans across multiple lines).
Warning: AccessControlledOffchainAggregator.sol:25:5: Warning: This declaration shadows an existing declaration.
string memory description
^-----------------------^
AccessControlledOffchainAggregator.sol:108:3: The shadowed declaration is here:
function description()
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623) passes array OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84)by reference to OffchainAggregatorBilling.oracleRewards(bytes,uint16[31]) (OffchainAggregatorBilling.sol#392-406)which only takes arrays by value
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#modifying-storage-array-by-value
INFO:Detectors:
Reentrancy in OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
State variables written after the call(s):
- s_gasReimbursementsLinkWei[oracle.index] = 1 (OffchainAggregatorBilling.sol#355)
OffchainAggregatorBilling.s_gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#114) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- s_oracleObservationsCounts[oracle.index] = 1 (OffchainAggregatorBilling.sol#354)
OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
Reentrancy in OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
State variables written after the call(s):
- s_gasReimbursementsLinkWei = gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#389)
OffchainAggregatorBilling.s_gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#114) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- s_oracleObservationsCounts = observationsCounts (OffchainAggregatorBilling.sol#388)
OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84) can be used in cross function reentrancies:
- OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface) (OffchainAggregatorBilling.sol#148-171)
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
Reentrancy in OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32) (OffchainAggregatorBilling.sol#213-228):
External calls:
- payOracles() (OffchainAggregatorBilling.sol#225)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
State variables written after the call(s):
- setBillingInternal(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#226-227)
- s_billing = Billing(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#198-199)
OffchainAggregatorBilling.s_billing (OffchainAggregatorBilling.sol#66) can be used in cross function reentrancies:
- OffchainAggregatorBilling.getBilling() (OffchainAggregatorBilling.sol#238-257)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32) (OffchainAggregatorBilling.sol#189-202)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
Reentrancy in OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212):
External calls:
- payOracle(transmitter) (OffchainAggregator.sol#164)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
State variables written after the call(s):
- delete s_oracles[signer] (OffchainAggregator.sol#165)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- delete s_oracles[transmitter] (OffchainAggregator.sol#166)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- s_oracles[_signers[i]] = Oracle(uint8(i),Role.Signer) (OffchainAggregator.sol#176)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- s_oracles[_transmitters[i]] = Oracle(uint8(i),Role.Transmitter) (OffchainAggregator.sol#182)
OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) can be used in cross function reentrancies:
- OffchainAggregatorBilling.oracleObservationCount(address) (OffchainAggregatorBilling.sol#559-567)
- OffchainAggregatorBilling.owedPayment(address) (OffchainAggregatorBilling.sol#319-333)
- OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358)
- OffchainAggregatorBilling.reimburseAndRewardOracles(uint32,bytes) (OffchainAggregatorBilling.sol#570-623)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- s_signers.pop() (OffchainAggregator.sol#167)
OffchainAggregatorBilling.s_signers (OffchainAggregatorBilling.sol#139) can be used in cross function reentrancies:
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- s_signers.push(_signers[i]) (OffchainAggregator.sol#183)
OffchainAggregatorBilling.s_signers (OffchainAggregatorBilling.sol#139) can be used in cross function reentrancies:
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- s_transmitters.pop() (OffchainAggregator.sol#168)
OffchainAggregatorBilling.s_transmitters (OffchainAggregatorBilling.sol#143) can be used in cross function reentrancies:
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- OffchainAggregator.transmitters() (OffchainAggregator.sol#252-258)
- s_transmitters.push(_transmitters[i]) (OffchainAggregator.sol#184)
OffchainAggregatorBilling.s_transmitters (OffchainAggregatorBilling.sol#143) can be used in cross function reentrancies:
- OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregatorBilling.totalLINKDue() (OffchainAggregatorBilling.sol#508-535)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
- OffchainAggregator.transmitters() (OffchainAggregator.sol#252-258)
Reentrancy in OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644):
External calls:
- validateAnswer(r.hotVars.latestAggregatorRoundId,median) (OffchainAggregator.sol#639)
- av.validate{gas: VALIDATOR_GAS_LIMIT}(prevAggregatorRoundId,prevAggregatorRoundAnswer,_aggregatorRoundId,_answer) (OffchainAggregator.sol#322-327)
State variables written after the call(s):
- s_hotVars = r.hotVars (OffchainAggregator.sol#641)
OffchainAggregator.s_hotVars (OffchainAggregator.sol#39) can be used in cross function reentrancies:
- OffchainAggregator.latestAnswer() (OffchainAggregator.sol#653-661)
- OffchainAggregator.latestConfigDetails() (OffchainAggregator.sol#235-245)
- OffchainAggregator.latestRound() (OffchainAggregator.sol#679-687)
- OffchainAggregator.latestRoundData() (OffchainAggregator.sol#791-817)
- OffchainAggregator.latestTimestamp() (OffchainAggregator.sol#666-674)
- OffchainAggregator.latestTransmissionDetails() (OffchainAggregator.sol#454-473)
- OffchainAggregator.requestNewRound() (OffchainAggregator.sol#385-398)
- OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212)
- OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32).r (OffchainAggregator.sol#526) is a local variable never initialized
OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface).gas (OffchainAggregatorBilling.sol#163) is a local variable never initialized
OffchainAggregatorBilling.constructor(uint32,uint32,uint32,uint32,uint32,address,AccessControllerInterface).counts (OffchainAggregatorBilling.sol#162) is a local variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Detectors:
OffchainAggregator.validateAnswer(uint32,int256) (OffchainAggregator.sol#309-328) ignores return value by av.validate{gas: VALIDATOR_GAS_LIMIT}(prevAggregatorRoundId,prevAggregatorRoundAnswer,_aggregatorRoundId,_answer) (OffchainAggregator.sol#322-327)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return
INFO:Detectors:
AccessControlledOffchainAggregator.constructor(uint32,uint32,uint32,uint32,uint32,address,address,int192,int192,AccessControllerInterface,AccessControllerInterface,uint8,string).description (AccessControlledOffchainAggregator.sol#25) shadows:
- AccessControlledOffchainAggregator.description() (AccessControlledOffchainAggregator.sol#108-116) (function)
- OffchainAggregator.description() (OffchainAggregator.sol#740-748) (function)
- AggregatorV3Interface.description() (AggregatorV3Interface.sol#7) (function)
OffchainAggregator.latestTransmissionDetails().latestAnswer (OffchainAggregator.sol#461) shadows:
- OffchainAggregator.latestAnswer() (OffchainAggregator.sol#653-661) (function)
- AggregatorInterface.latestAnswer() (AggregatorInterface.sol#5) (function)
OffchainAggregator.latestTransmissionDetails().latestTimestamp (OffchainAggregator.sol#462) shadows:
- OffchainAggregator.latestTimestamp() (OffchainAggregator.sol#666-674) (function)
- AggregatorInterface.latestTimestamp() (AggregatorInterface.sol#6) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
Owned.transferOwnership(address)._to (Owned.sol#30) lacks a zero-check on :
- pendingOwner = _to (Owned.sol#34)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358) has external calls inside a loop: require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/#calls-inside-a-loop
INFO:Detectors:
Reentrancy in OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212):
External calls:
- payOracle(transmitter) (OffchainAggregator.sol#164)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
State variables written after the call(s):
- s_configCount += 1 (OffchainAggregator.sol#189)
- s_hotVars.threshold = _threshold (OffchainAggregator.sol#186)
- s_hotVars.latestConfigDigest = configDigestFromConfigData(address(this),configCount,_signers,_transmitters,_threshold,_encodedConfigVersion,_encoded) (OffchainAggregator.sol#192-200)
- s_hotVars.latestEpochAndRound = 0 (OffchainAggregator.sol#201)
- s_latestConfigBlockNumber = uint32(block.number) (OffchainAggregator.sol#188)
Reentrancy in OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32) (OffchainAggregator.sol#508-644):
External calls:
- validateAnswer(r.hotVars.latestAggregatorRoundId,median) (OffchainAggregator.sol#639)
- av.validate{gas: VALIDATOR_GAS_LIMIT}(prevAggregatorRoundId,prevAggregatorRoundAnswer,_aggregatorRoundId,_answer) (OffchainAggregator.sol#322-327)
State variables written after the call(s):
- reimburseAndRewardOracles(uint32(initialGas),r.observers) (OffchainAggregator.sol#643)
- s_gasReimbursementsLinkWei[txOracle.index] = s_gasReimbursementsLinkWei[txOracle.index] + gasCostLinkWei + uint256(billing.linkGweiPerTransmission) * (1000000000) (OffchainAggregatorBilling.sol#615-617)
- reimburseAndRewardOracles(uint32(initialGas),r.observers) (OffchainAggregator.sol#643)
- s_oracleObservationsCounts = oracleRewards(observers,s_oracleObservationsCounts) (OffchainAggregatorBilling.sol#580-581)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2
INFO:Detectors:
Reentrancy in OffchainAggregatorBilling.payOracle(address) (OffchainAggregatorBilling.sol#344-358):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
Event emitted after the call(s):
- OraclePaid(_transmitter,payee,linkWeiAmount) (OffchainAggregatorBilling.sol#356)
Reentrancy in OffchainAggregatorBilling.payOracles() (OffchainAggregatorBilling.sol#364-390):
External calls:
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
Event emitted after the call(s):
- OraclePaid(transmitters[transmitteridx],payee,linkWeiAmount) (OffchainAggregatorBilling.sol#384)
Reentrancy in OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32) (OffchainAggregatorBilling.sol#213-228):
External calls:
- payOracles() (OffchainAggregatorBilling.sol#225)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#381)
Event emitted after the call(s):
- BillingSet(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#200-201)
- setBillingInternal(_maximumGasPrice,_reasonableGasPrice,_microLinkPerEth,_linkGweiPerObservation,_linkGweiPerTransmission) (OffchainAggregatorBilling.sol#226-227)
Reentrancy in OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212):
External calls:
- payOracle(transmitter) (OffchainAggregator.sol#164)
- require(bool,string)(LINK.transfer(payee,linkWeiAmount),insufficient funds) (OffchainAggregatorBilling.sol#353)
Event emitted after the call(s):
- ConfigSet(previousConfigBlockNumber,configCount,_signers,_transmitters,_threshold,_encodedConfigVersion,_encoded) (OffchainAggregator.sol#203-211)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- delete s_oracles[signer] (OffchainAggregator.sol#165)
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- delete s_oracles[transmitter] (OffchainAggregator.sol#166)
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- s_signers.pop() (OffchainAggregator.sol#167)
OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes) (OffchainAggregator.sol#149-212) has costly operations inside a loop:
- s_transmitters.pop() (OffchainAggregator.sol#168)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#costly-operations-inside-a-loop
INFO:Detectors:
OffchainAggregator.decodeReport(bytes) (OffchainAggregator.sol#423-434) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Parameter AccessControlledOffchainAggregator.getAnswer(uint256)._roundId (AccessControlledOffchainAggregator.sol#82) is not in mixedCase
Parameter AccessControlledOffchainAggregator.getTimestamp(uint256)._roundId (AccessControlledOffchainAggregator.sol#93) is not in mixedCase
Parameter AccessControlledOffchainAggregator.getRoundData(uint80)._roundId (AccessControlledOffchainAggregator.sol#119) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._signers (OffchainAggregator.sol#150) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._transmitters (OffchainAggregator.sol#151) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._threshold (OffchainAggregator.sol#152) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._encodedConfigVersion (OffchainAggregator.sol#153) is not in mixedCase
Parameter OffchainAggregator.setConfig(address[],address[],uint8,uint64,bytes)._encoded (OffchainAggregator.sol#154) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._contractAddress (OffchainAggregator.sol#215) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._configCount (OffchainAggregator.sol#216) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._signers (OffchainAggregator.sol#217) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._transmitters (OffchainAggregator.sol#218) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._threshold (OffchainAggregator.sol#219) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._encodedConfigVersion (OffchainAggregator.sol#220) is not in mixedCase
Parameter OffchainAggregator.configDigestFromConfigData(address,uint64,address[],address[],uint8,uint64,bytes)._encodedConfig (OffchainAggregator.sol#221) is not in mixedCase
Parameter OffchainAggregator.setValidator(address)._newValidator (OffchainAggregator.sol#296) is not in mixedCase
Parameter OffchainAggregator.validateAnswer(uint32,int256)._aggregatorRoundId (OffchainAggregator.sol#310) is not in mixedCase
Parameter OffchainAggregator.validateAnswer(uint32,int256)._answer (OffchainAggregator.sol#311) is not in mixedCase
Parameter OffchainAggregator.setRequesterAccessController(AccessControllerInterface)._requesterAccessController (OffchainAggregator.sol#368) is not in mixedCase
Parameter OffchainAggregator.decodeReport(bytes)._report (OffchainAggregator.sol#423) is not in mixedCase
Parameter OffchainAggregator.expectedMsgDataLength(bytes,bytes32[],bytes32[])._report (OffchainAggregator.sol#490) is not in mixedCase
Parameter OffchainAggregator.expectedMsgDataLength(bytes,bytes32[],bytes32[])._rs (OffchainAggregator.sol#490) is not in mixedCase
Parameter OffchainAggregator.expectedMsgDataLength(bytes,bytes32[],bytes32[])._ss (OffchainAggregator.sol#490) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._report (OffchainAggregator.sol#511) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._rs (OffchainAggregator.sol#512) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._ss (OffchainAggregator.sol#512) is not in mixedCase
Parameter OffchainAggregator.transmit(bytes,bytes32[],bytes32[],bytes32)._rawVs (OffchainAggregator.sol#512) is not in mixedCase
Parameter OffchainAggregator.getAnswer(uint256)._roundId (OffchainAggregator.sol#693) is not in mixedCase
Parameter OffchainAggregator.getTimestamp(uint256)._roundId (OffchainAggregator.sol#708) is not in mixedCase
Parameter OffchainAggregator.getRoundData(uint80)._roundId (OffchainAggregator.sol#759) is not in mixedCase
Constant OffchainAggregator.maxUint32 (OffchainAggregator.sol#19) is not in UPPER_CASE_WITH_UNDERSCORES
Variable OffchainAggregator.s_hotVars (OffchainAggregator.sol#39) is not in mixedCase
Variable OffchainAggregator.s_transmissions (OffchainAggregator.sol#47) is not in mixedCase
Variable OffchainAggregator.s_configCount (OffchainAggregator.sol#51) is not in mixedCase
Variable OffchainAggregator.s_latestConfigBlockNumber (OffchainAggregator.sol#52) is not in mixedCase
Variable OffchainAggregator.s_validator (OffchainAggregator.sol#268) is not in mixedCase
Variable OffchainAggregator.s_requesterAccessController (OffchainAggregator.sol#334) is not in mixedCase
Variable OffchainAggregator.s_description (OffchainAggregator.sol#735) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._maximumGasPrice (OffchainAggregatorBilling.sol#190) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._reasonableGasPrice (OffchainAggregatorBilling.sol#191) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._microLinkPerEth (OffchainAggregatorBilling.sol#192) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._linkGweiPerObservation (OffchainAggregatorBilling.sol#193) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingInternal(uint32,uint32,uint32,uint32,uint32)._linkGweiPerTransmission (OffchainAggregatorBilling.sol#194) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._maximumGasPrice (OffchainAggregatorBilling.sol#214) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._reasonableGasPrice (OffchainAggregatorBilling.sol#215) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._microLinkPerEth (OffchainAggregatorBilling.sol#216) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._linkGweiPerObservation (OffchainAggregatorBilling.sol#217) is not in mixedCase
Parameter OffchainAggregatorBilling.setBilling(uint32,uint32,uint32,uint32,uint32)._linkGweiPerTransmission (OffchainAggregatorBilling.sol#218) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingAccessControllerInternal(AccessControllerInterface)._billingAccessController (OffchainAggregatorBilling.sol#266) is not in mixedCase
Parameter OffchainAggregatorBilling.setBillingAccessController(AccessControllerInterface)._billingAccessController (OffchainAggregatorBilling.sol#284) is not in mixedCase
Parameter OffchainAggregatorBilling.withdrawPayment(address)._transmitter (OffchainAggregatorBilling.sol#308) is not in mixedCase
Parameter OffchainAggregatorBilling.owedPayment(address)._transmitter (OffchainAggregatorBilling.sol#319) is not in mixedCase
Parameter OffchainAggregatorBilling.payOracle(address)._transmitter (OffchainAggregatorBilling.sol#344) is not in mixedCase
Parameter OffchainAggregatorBilling.withdrawFunds(address,uint256)._recipient (OffchainAggregatorBilling.sol#496) is not in mixedCase
Parameter OffchainAggregatorBilling.withdrawFunds(address,uint256)._amount (OffchainAggregatorBilling.sol#496) is not in mixedCase
Parameter OffchainAggregatorBilling.oracleObservationCount(address)._signerOrTransmitter (OffchainAggregatorBilling.sol#559) is not in mixedCase
Parameter OffchainAggregatorBilling.setPayees(address[],address[])._transmitters (OffchainAggregatorBilling.sol#660) is not in mixedCase
Parameter OffchainAggregatorBilling.setPayees(address[],address[])._payees (OffchainAggregatorBilling.sol#661) is not in mixedCase
Parameter OffchainAggregatorBilling.transferPayeeship(address,address)._transmitter (OffchainAggregatorBilling.sol#689) is not in mixedCase
Parameter OffchainAggregatorBilling.transferPayeeship(address,address)._proposed (OffchainAggregatorBilling.sol#690) is not in mixedCase
Parameter OffchainAggregatorBilling.acceptPayeeship(address)._transmitter (OffchainAggregatorBilling.sol#711) is not in mixedCase
Parameter OffchainAggregatorBilling.saturatingAddUint16(uint16,uint16)._x (OffchainAggregatorBilling.sol#728) is not in mixedCase
Parameter OffchainAggregatorBilling.saturatingAddUint16(uint16,uint16)._y (OffchainAggregatorBilling.sol#728) is not in mixedCase
Constant OffchainAggregatorBilling.maxNumOracles (OffchainAggregatorBilling.sol#45) is not in UPPER_CASE_WITH_UNDERSCORES
Variable OffchainAggregatorBilling.s_billing (OffchainAggregatorBilling.sol#66) is not in mixedCase
Variable OffchainAggregatorBilling.LINK (OffchainAggregatorBilling.sol#71) is not in mixedCase
Variable OffchainAggregatorBilling.s_billingAccessController (OffchainAggregatorBilling.sol#73) is not in mixedCase
Variable OffchainAggregatorBilling.s_oracleObservationsCounts (OffchainAggregatorBilling.sol#84) is not in mixedCase
Variable OffchainAggregatorBilling.s_payees (OffchainAggregatorBilling.sol#87-89) is not in mixedCase
Variable OffchainAggregatorBilling.s_proposedPayees (OffchainAggregatorBilling.sol#92-94) is not in mixedCase
Variable OffchainAggregatorBilling.s_gasReimbursementsLinkWei (OffchainAggregatorBilling.sol#114) is not in mixedCase
Variable OffchainAggregatorBilling.s_oracles (OffchainAggregatorBilling.sol#135-136) is not in mixedCase
Variable OffchainAggregatorBilling.s_signers (OffchainAggregatorBilling.sol#139) is not in mixedCase
Variable OffchainAggregatorBilling.s_transmitters (OffchainAggregatorBilling.sol#143) is not in mixedCase
Constant OffchainAggregatorBilling.maxUint16 (OffchainAggregatorBilling.sol#145) is not in UPPER_CASE_WITH_UNDERSCORES
Constant OffchainAggregatorBilling.maxUint128 (OffchainAggregatorBilling.sol#146) is not in UPPER_CASE_WITH_UNDERSCORES
Constant OffchainAggregatorBilling.accountingGasCost (OffchainAggregatorBilling.sol#435) is not in UPPER_CASE_WITH_UNDERSCORES
Parameter Owned.transferOwnership(address)._to (Owned.sol#30) is not in mixedCase
Parameter SimpleReadAccessController.hasAccess(address,bytes)._user (SimpleReadAccessController.sol#24) is not in mixedCase
Parameter SimpleReadAccessController.hasAccess(address,bytes)._calldata (SimpleReadAccessController.sol#25) is not in mixedCase
Parameter SimpleWriteAccessController.hasAccess(address,bytes)._user (SimpleWriteAccessController.sol#34) is not in mixedCase
Parameter SimpleWriteAccessController.addAccess(address)._user (SimpleWriteAccessController.sol#50) is not in mixedCase
Parameter SimpleWriteAccessController.addAccessInternal(address)._user (SimpleWriteAccessController.sol#54) is not in mixedCase
Parameter SimpleWriteAccessController.removeAccess(address)._user (SimpleWriteAccessController.sol#65) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Variable OffchainAggregatorBilling.withdrawPayment(address)._transmitter (OffchainAggregatorBilling.sol#308) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.transferPayeeship(address,address)._transmitter (OffchainAggregatorBilling.sol#689) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.payOracle(address)._transmitter (OffchainAggregatorBilling.sol#344) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.transferPayeeship(address,address)._transmitter (OffchainAggregatorBilling.sol#689) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.owedPayment(address)._transmitter (OffchainAggregatorBilling.sol#319) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.acceptPayeeship(address)._transmitter (OffchainAggregatorBilling.sol#711) is too similar to OffchainAggregatorBilling.totalLINKDue().transmitters (OffchainAggregatorBilling.sol#529)
Variable OffchainAggregatorBilling.withdrawPayment(address)._transmitter (OffchainAggregatorBilling.sol#308) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.acceptPayeeship(address)._transmitter (OffchainAggregatorBilling.sol#711) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.owedPayment(address)._transmitter (OffchainAggregatorBilling.sol#319) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Variable OffchainAggregatorBilling.payOracle(address)._transmitter (OffchainAggregatorBilling.sol#344) is too similar to OffchainAggregatorBilling.payOracles().transmitters (OffchainAggregatorBilling.sol#371)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#variable-names-too-similar
INFO:Slither:0xbba12740DE905707251525477bAD74985DeC46D2 analyzed (12 contracts with 79 detectors), 120 result(s) found
Slither report for EACAggregatorProxy at `0xDC530D9457755926550b59e8ECcdaE7624181557`
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:283:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:273:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:284:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:274:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:285:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:275:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:286:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:276:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:331:7: Warning: This declaration shadows an existing declaration.
uint80 roundId,
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:321:7: The shadowed declaration is here:
uint80 roundId,
^------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:332:7: Warning: This declaration shadows an existing declaration.
int256 answer,
^-----------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:322:7: The shadowed declaration is here:
int256 answer,
^-----------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:333:7: Warning: This declaration shadows an existing declaration.
uint256 startedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:323:7: The shadowed declaration is here:
uint256 startedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:334:7: Warning: This declaration shadows an existing declaration.
uint256 updatedAt,
^---------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:324:7: The shadowed declaration is here:
uint256 updatedAt,
^---------------^
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:513:5: Warning: This declaration shadows an existing declaration.
uint16 phaseId = uint16(_roundId >> PHASE_OFFSET);
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:525:7: Warning: This declaration shadows an existing declaration.
uint16 phaseId
^------------^
crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:410:3: The shadowed declaration is here:
function phaseId()
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:495:3: Warning: Function state mutability can be restricted to pure
function addPhase(
^ (Relevant source part starts here and spans across multiple lines).
Warning: crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol:506:3: Warning: Function state mutability can be restricted to pure
function parseIds(
^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
AggregatorProxy.latestRoundData().answer_scope_1 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#332) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).startedAt_scope_2 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#285) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).roundId_scope_0 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#283) is a local variable never initialized
AggregatorProxy.latestRoundData().startedAt_scope_2 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#333) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).updatedAt_scope_3 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#286) is a local variable never initialized
AggregatorProxy.getRoundData(uint80).answer_scope_1 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#284) is a local variable never initialized
AggregatorProxy.latestRoundData().roundId_scope_0 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#331) is a local variable never initialized
AggregatorProxy.latestRoundData().updatedAt_scope_3 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#334) is a local variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Detectors:
AggregatorProxy.getAnswer(uint256).phaseId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#189) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.getAnswer(uint256).aggregator (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#190) shadows:
- AggregatorProxy.aggregator() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#399-405) (function)
AggregatorProxy.getTimestamp(uint256).phaseId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#214) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.getTimestamp(uint256).aggregator (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#215) shadows:
- AggregatorProxy.aggregator() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#399-405) (function)
AggregatorProxy.getRoundData(uint80).phaseId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#280) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.getRoundData(uint80).roundId_scope_0 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#283) shadows:
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#273) (return variable)
- AggregatorProxy.getRoundData(uint80).roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#273) (return variable)
AggregatorProxy.getRoundData(uint80).answer_scope_1 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#284) shadows:
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#274) (return variable)
- AggregatorProxy.getRoundData(uint80).answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#274) (return variable)
AggregatorProxy.getRoundData(uint80).startedAt_scope_2 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#285) shadows:
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#275) (return variable)
- AggregatorProxy.getRoundData(uint80).startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#275) (return variable)
AggregatorProxy.getRoundData(uint80).updatedAt_scope_3 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#286) shadows:
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#276) (return variable)
- AggregatorProxy.getRoundData(uint80).updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#276) (return variable)
AggregatorProxy.latestRoundData().roundId_scope_0 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#331) shadows:
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#321) (return variable)
- AggregatorProxy.latestRoundData().roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#321) (return variable)
AggregatorProxy.latestRoundData().answer_scope_1 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#332) shadows:
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#322) (return variable)
- AggregatorProxy.latestRoundData().answer (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#322) (return variable)
AggregatorProxy.latestRoundData().startedAt_scope_2 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#333) shadows:
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#323) (return variable)
- AggregatorProxy.latestRoundData().startedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#323) (return variable)
AggregatorProxy.latestRoundData().updatedAt_scope_3 (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#334) shadows:
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#324) (return variable)
- AggregatorProxy.latestRoundData().updatedAt (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#324) (return variable)
AggregatorProxy.parseIds(uint256).phaseId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#513) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#410-416) (function)
AggregatorProxy.addPhaseIds(uint80,int256,uint256,uint256,uint80,uint16).phaseId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#525) shadows:
- AggregatorProxy.phaseId() (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#410-416) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
Owned.transferOwnership(address)._to (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#30) lacks a zero-check on :
- pendingOwner = _to (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#34)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Parameter Owned.transferOwnership(address)._to (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#30) is not in mixedCase
Parameter AggregatorProxy.getAnswer(uint256)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#180) is not in mixedCase
Parameter AggregatorProxy.getTimestamp(uint256)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#205) is not in mixedCase
Parameter AggregatorProxy.getRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#267) is not in mixedCase
Parameter AggregatorProxy.proposedGetRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#353) is not in mixedCase
Parameter AggregatorProxy.proposeAggregator(address)._aggregator (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#459) is not in mixedCase
Parameter AggregatorProxy.confirmAggregator(address)._aggregator (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#473) is not in mixedCase
Parameter AggregatorProxy.setAggregator(address)._aggregator (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#487) is not in mixedCase
Parameter AggregatorProxy.addPhase(uint16,uint64)._phase (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#496) is not in mixedCase
Parameter AggregatorProxy.addPhase(uint16,uint64)._originalId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#497) is not in mixedCase
Parameter AggregatorProxy.parseIds(uint256)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#507) is not in mixedCase
Parameter EACAggregatorProxy.setController(address)._accessController (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#582) is not in mixedCase
Parameter EACAggregatorProxy.getAnswer(uint256)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#638) is not in mixedCase
Parameter EACAggregatorProxy.getTimestamp(uint256)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#658) is not in mixedCase
Parameter EACAggregatorProxy.getRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#710) is not in mixedCase
Parameter EACAggregatorProxy.proposedGetRoundData(uint80)._roundId (crytic-export/etherscan-contracts/0xDC530D9457755926550b59e8ECcdaE7624181557-EACAggregatorProxy.sol#776) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0xDC530D9457755926550b59e8ECcdaE7624181557 analyzed (7 contracts with 79 detectors), 40 result(s) found