- ID: 281
- Proposer: 0x329c54289Ff5D6B7b7daE13592C6B1EDA1543eD4
- Targets: 0x2fE52eF191F0BE1D98459BdaD2F1d3160336C08f
- Executor: 0xEE56e2B3D491590B5b31738cC34d5232F378a8D5 (Short executor)
- Simulation: https://dashboard.tenderly.co/me/simulator/1f8d9e61-b527-45a5-b3c8-91d99c795409
Proposal text
This AIP proposes to set the Metis Foundation wallet as the emission manager for the METIS token on the Aave V3 Metis pool. This will enable the Metis Foundation to define and fund incentive programs for this Aave pool, promoting growth and expanding the user base of this new Aave V3 market.
The Metis Foundation has expressed a desire to actively contribute to the growth and development of the Aave V3 Metis pool. By setting their wallet as the emission manager for the METIS token, the Foundation will be able to directly fund incentive programs that can attract more users to the pool and stimulate activity. This aligns with the broader goals of the Aave community to foster active and engaged markets.
The Metis Foundation wallet address is as follows:
Emission Admin Wallet (Metis Foundation): 0x97177cD80475f8b38945c1E77e12F0c9d50Ac84D
The AIP calls the setEmissionAdmin() method in the emission_manager contract.
EMISSION_MANAGER.setEmissionAdmin(METIS, EMISSION_ADMIN);
This method will set the Metis Foundation wallet as the emission admin for the METIS token.
- Implementation: Metis
- Tests: Metis
- Snapshot
- Discussion
Copyright and related rights waived via CC0.
Info:
- State changes:
# CanonicalTransactionChain at `0x56a76bcC92361f6DF8D75476feD8843EdC70e1C9`
@@ Slot `0x885ae911a91d52ba03e9fc7b77c4d6ae755c0740e76634b4c2ab9cdabf3595fd` @@
- "0x0000000000000000000000000000000000000000000000000000000000000000"
+ "0x9edc19ae7c2ae57670a9d2f4c92d4b5bd55e751ce94630d3c163414741bb69c3"
@@ Slot `0x885ae911a91d52ba03e9fc7b77c4d6ae755c0740e76634b4c2ab9cdabf3595fe` @@
- "0x0000000000000000000000000000000000000000000000000000000000000000"
+ "0x0000000000000000000000000000000000000000000000010fca0d0064c7795f"
@@ Slot `0xf2fadc8f281df3b2e312450efbc7e5145e4214fc70e639a3a1b10148ef5697af` @@
- "0x0000000000000000000000000000000000000000000000000000000000006c36"
+ "0x0000000000000000000000000000000000000000000000000000000000006c37"Info:
- There is no SELFDESTRUCT inside of delegated call
Info:
- Events Emitted:
- CanonicalTransactionChain at
0x56a76bcC92361f6DF8D75476feD8843EdC70e1C9TransactionEnqueued(_chainId: 1088, _l1TxOrigin: 0x192e1101855bd523ba69a9794e0217f0db633510, _target: 0x4200000000000000000000000000000000000007, _gasLimit: 5000000, _data: 0xcbd4ece90000000000000000000000008ec77963068474a45016938deb95e603ca82a029000000000000000000000000ee56e2b3d491590b5b31738cc34d5232f378a8d500000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000006c360000000000000000000000000000000000000000000000000000000000000244d9a4cbdf00000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000d82f30507e4cdbf63d0091d0db866f7f4b09fd900000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000965786563757465282900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000, _queueIndex: 27702, _timestamp: 1690794335)
- Lib_ResolvedDelegateProxy at
0x081D1101855bD523bA69A9794e0217F0DB6323ffSentMessage(target: 0x8ec77963068474a45016938deb95e603ca82a029, sender: 0xee56e2b3d491590b5b31738cc34d5232f378a8d5, message: 0xd9a4cbdf00000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000d82f30507e4cdbf63d0091d0db866f7f4b09fd9000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000009657865637574652829000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001, messageNonce: 27702, gasLimit: 5000000, chainId: 1088)
- CanonicalTransactionChain at
Info:
- Targets:
- 0x2fE52eF191F0BE1D98459BdaD2F1d3160336C08f: Contract (not verified)
Info:
- Touched address:
- 0x3cbded22f878afc8d39dcd744d3fe62086b76193: EOA (verification not applicable)
- 0xec568fffba86c094cf06b22134b23074dfe2252c: Contract (verified) (AaveGovernanceV2)
- 0xee56e2b3d491590b5b31738cc34d5232f378a8d5: Contract (verified) (Executor)
- 0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e: Contract (verified) (GovernanceStrategy)
- 0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9: Contract (verified) (InitializableAdminUpgradeabilityProxy)
- 0x96f68837877fd0414b55050c9e794aecdbcfca59: Contract (verified) (AaveTokenV2)
- 0x2fe52ef191f0be1d98459bdad2f1d3160336c08f: Contract (not verified)
- 0x081d1101855bd523ba69a9794e0217f0db6323ff: Contract (verified) (Lib_ResolvedDelegateProxy)
- 0x918778e825747a892b17c66fe7d24c618262867d: Contract (verified) (Lib_AddressManager)
- 0x8bf439ef7167023f009e24b21719ca5f768ecb36: Contract (verified) (L1CrossDomainMessenger)
- 0x7f6b0b7589febc40419a8646eff9801b87397063: Contract (verified) (MVM_DiscountOracle)
- 0x56a76bcc92361f6df8d75476fed8843edc70e1c9: Contract (verified) (CanonicalTransactionChain)
Info:
View Details
View warnings for Lib_ResolvedDelegateProxy at `0x081D1101855bD523bA69A9794e0217F0DB6323ff`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x081d1101855bd523ba69a9794e0217f0db6323ff-Lib_ResolvedDelegateProxy' running
View warnings for CanonicalTransactionChain at `0x56a76bcC92361f6DF8D75476feD8843EdC70e1C9`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x56a76bcc92361f6df8d75476fed8843edc70e1c9-CanonicalTransactionChain' running
WARNING:CryticCompile:Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> contracts/L1/rollup/CanonicalTransactionChain.sol:840:9:
|
840 | uint256 _chainId,
| ^^^^^^^^^^^^^^^^
Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> contracts/L1/rollup/CanonicalTransactionChain.sol:918:9:
|
918 | uint256 _chainId,
| ^^^^^^^^^^^^^^^^
View warnings for MVM_DiscountOracle at `0x7f6B0b7589febc40419a8646EFf9801b87397063`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
WARNING:CryticCompile:Warning: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
--> crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol
Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol:350:46:
|
350 | function processL2SeqGas(address sender, uint256 _chainId)
| ^^^^^^^^^^^^^^^^
View warnings for InitializableAdminUpgradeabilityProxy at `0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9` with implementation AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9-InitializableAdminUpgradeabilityProxy' running
WARNING:CryticCompile:Warning: contracts/open-zeppelin/Address.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/Proxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/SafeMath.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/UpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol:13:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, InitializableUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/utils/MockTransferHook.sol:9:25: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^----------^
Warning: contracts/utils/MockTransferHook.sol:9:39: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^--------^
Warning: contracts/utils/MockTransferHook.sol:9:51: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^------------^
View warnings for L1CrossDomainMessenger at `0x8bF439ef7167023F009E24b21719Ca5f768Ecb36`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x8bf439ef7167023f009e24b21719ca5f768ecb36-L1CrossDomainMessenger' running
WARNING:CryticCompile:Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> contracts/L1/messaging/L1CrossDomainMessenger.sol:525:9:
|
525 | uint256 _chainId,
| ^^^^^^^^^^^^^^^^
Warning: Warning: Function state mutability can be restricted to pure
--> contracts/L1/messaging/L1CrossDomainMessenger.sol:524:5:
|
524 | function _verifyStorageProofByChainId(
| ^ (Relevant source part starts here and spans across multiple lines).
View warnings for Lib_AddressManager at `0x918778e825747a892b17C66fe7D24C618262867d`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x918778e825747a892b17c66fe7d24c618262867d-Lib_AddressManager' running
View warnings for AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x96f68837877fd0414b55050c9e794aecdbcfca59-AaveTokenV2' running
WARNING:CryticCompile:Warning: src/contracts/AaveTokenV2.sol:453:18: Warning: This declaration shadows an existing declaration.
constructor (string memory name, string memory symbol) public {
^----------------^
src/contracts/AaveTokenV2.sol:462:5: The shadowed declaration is here:
function name() public view returns (string memory) {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:453:38: Warning: This declaration shadows an existing declaration.
constructor (string memory name, string memory symbol) public {
^------------------^
src/contracts/AaveTokenV2.sol:470:5: The shadowed declaration is here:
function symbol() public view returns (string memory) {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:35:3: Warning: Interface functions are implicitly "virtual"
function delegateByType(address delegatee, DelegationType delegationType) external virtual;
^-----------------------------------------------------------------------------------------^
Warning: src/contracts/AaveTokenV2.sol:40:3: Warning: Interface functions are implicitly "virtual"
function delegate(address delegatee) external virtual;
^----------------------------------------------------^
Warning: src/contracts/AaveTokenV2.sol:45:3: Warning: Interface functions are implicitly "virtual"
function getDelegateeByType(address delegator, DelegationType delegationType)
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:56:3: Warning: Interface functions are implicitly "virtual"
function getPowerCurrent(address user, DelegationType delegationType)
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:66:3: Warning: Interface functions are implicitly "virtual"
function getPowerAtBlock(
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:75:3: Warning: Interface functions are implicitly "virtual"
function totalSupplyAt(uint256 blockNumber) external virtual view returns (uint256);
^----------------------------------------------------------------------------------^
Warning: src/contracts/AaveTokenV2.sol:453:5: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
constructor (string memory name, string memory symbol) public {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:1164:3: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
constructor() ERC20(NAME, SYMBOL) public {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:913:26: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function totalSupplyAt(uint256 blockNumber) external override view returns (uint256) {
^-----------------^
Warning: src/contracts/AaveTokenV2.sol:1079:5: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
uint128 oldValue,
^--------------^
View warnings for GovernanceStrategy at `0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e`
INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
Info:
View Details
Slither report for Lib_ResolvedDelegateProxy at `0x081D1101855bD523bA69A9794e0217F0DB6323ff`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x081d1101855bd523ba69a9794e0217f0db6323ff-Lib_ResolvedDelegateProxy' running
INFO:Detectors:
Lib_ResolvedDelegateProxy.fallback() (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#43-61) uses delegatecall to a input-controlled function id
- (success,returndata) = target.delegatecall(msg.data) (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#50)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
Lib_ResolvedDelegateProxy.fallback() (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#43-61) uses assembly
- INLINE ASM (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#53-55)
- INLINE ASM (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#57-59)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Lib_ResolvedDelegateProxy.fallback() (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#43-61) compares to a boolean constant:
-success == true (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#52)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#boolean-equality
INFO:Detectors:
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#20-22) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Lib_ResolvedDelegateProxy.fallback() (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#43-61):
- (success,returndata) = target.delegatecall(msg.data) (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#50)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Contract Lib_AddressManager (contracts/libraries/resolver/Lib_AddressManager.sol#10-61) is not in CapWords
Parameter Lib_AddressManager.setAddress(string,address)._name (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.setAddress(string,address)._address (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.getAddress(string)._name (contracts/libraries/resolver/Lib_AddressManager.sol#45) is not in mixedCase
Contract Lib_ResolvedDelegateProxy (contracts/libraries/resolver/Lib_ResolvedDelegateProxy.sol#10-62) is not in CapWords
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x081d1101855bd523ba69a9794e0217f0db6323ff analyzed (4 contracts with 82 detectors), 10 result(s) found
Slither report for CanonicalTransactionChain at `0x56a76bcC92361f6DF8D75476feD8843EdC70e1C9`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x56a76bcc92361f6df8d75476fed8843edc70e1c9-CanonicalTransactionChain' running
Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> contracts/L1/rollup/CanonicalTransactionChain.sol:840:9:
|
840 | uint256 _chainId,
| ^^^^^^^^^^^^^^^^
Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> contracts/L1/rollup/CanonicalTransactionChain.sol:918:9:
|
918 | uint256 _chainId,
| ^^^^^^^^^^^^^^^^
INFO:Detectors:
CanonicalTransactionChain.uint2str(uint256) (contracts/L1/rollup/CanonicalTransactionChain.sol#684-704) performs a multiplication on the result of a division:
- temp = (48 + uint8(_i - _i / 10 * 10)) (contracts/L1/rollup/CanonicalTransactionChain.sol#698)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
INFO:Detectors:
Reentrancy in CanonicalTransactionChain.appendSequencerBatch() (contracts/L1/rollup/CanonicalTransactionChain.sol#228-320):
External calls:
- _appendBatch(blockhash(uint256)(block.number - 1),totalElementsToAppend,numQueuedTransactions,blockTimestamp,blockNumber) (contracts/L1/rollup/CanonicalTransactionChain.sol#303-309)
- batchesRef.push(batchHeaderHash,latestBatchContext) (contracts/L1/rollup/CanonicalTransactionChain.sol#470)
State variables written after the call(s):
- _nextQueueIndex[DEFAULT_CHAINID] = nextQueueIndex (contracts/L1/rollup/CanonicalTransactionChain.sol#319)
CanonicalTransactionChain._nextQueueIndex (contracts/L1/rollup/CanonicalTransactionChain.sol#60) can be used in cross function reentrancies:
- CanonicalTransactionChain.appendSequencerBatch() (contracts/L1/rollup/CanonicalTransactionChain.sol#228-320)
- CanonicalTransactionChain.appendSequencerBatchByChainId() (contracts/L1/rollup/CanonicalTransactionChain.sol#713-826)
- CanonicalTransactionChain.getNextQueueIndex() (contracts/L1/rollup/CanonicalTransactionChain.sol#154-156)
- CanonicalTransactionChain.getNumPendingQueueElements() (contracts/L1/rollup/CanonicalTransactionChain.sol#193-195)
- CanonicalTransactionChain.getNumPendingQueueElementsByChainId(uint256) (contracts/L1/rollup/CanonicalTransactionChain.sol#577-588)
Reentrancy in CanonicalTransactionChain.appendSequencerBatchByChainId() (contracts/L1/rollup/CanonicalTransactionChain.sol#713-826):
External calls:
- _appendBatchByChainId(_chainId,blockhash(uint256)(block.number - 1),totalElementsToAppend,numQueuedTransactions,blockTimestamp,blockNumber) (contracts/L1/rollup/CanonicalTransactionChain.sol#808-815)
- batchesRef.pushByChainId(_chainId,batchHeaderHash,latestBatchContext) (contracts/L1/rollup/CanonicalTransactionChain.sol#989)
State variables written after the call(s):
- _nextQueueIndex[_chainId] = nextQueueIndex (contracts/L1/rollup/CanonicalTransactionChain.sol#825)
CanonicalTransactionChain._nextQueueIndex (contracts/L1/rollup/CanonicalTransactionChain.sol#60) can be used in cross function reentrancies:
- CanonicalTransactionChain.appendSequencerBatch() (contracts/L1/rollup/CanonicalTransactionChain.sol#228-320)
- CanonicalTransactionChain.appendSequencerBatchByChainId() (contracts/L1/rollup/CanonicalTransactionChain.sol#713-826)
- CanonicalTransactionChain.getNextQueueIndex() (contracts/L1/rollup/CanonicalTransactionChain.sol#154-156)
- CanonicalTransactionChain.getNumPendingQueueElements() (contracts/L1/rollup/CanonicalTransactionChain.sol#193-195)
- CanonicalTransactionChain.getNumPendingQueueElementsByChainId(uint256) (contracts/L1/rollup/CanonicalTransactionChain.sol#577-588)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
Reentrancy in CanonicalTransactionChain.appendSequencerBatch() (contracts/L1/rollup/CanonicalTransactionChain.sol#228-320):
External calls:
- _appendBatch(blockhash(uint256)(block.number - 1),totalElementsToAppend,numQueuedTransactions,blockTimestamp,blockNumber) (contracts/L1/rollup/CanonicalTransactionChain.sol#303-309)
- batchesRef.push(batchHeaderHash,latestBatchContext) (contracts/L1/rollup/CanonicalTransactionChain.sol#470)
Event emitted after the call(s):
- SequencerBatchAppended(nextQueueIndex - numQueuedTransactions,numQueuedTransactions,getTotalElements(),DEFAULT_CHAINID) (contracts/L1/rollup/CanonicalTransactionChain.sol#311-316)
Reentrancy in CanonicalTransactionChain.appendSequencerBatchByChainId() (contracts/L1/rollup/CanonicalTransactionChain.sol#713-826):
External calls:
- _appendBatchByChainId(_chainId,blockhash(uint256)(block.number - 1),totalElementsToAppend,numQueuedTransactions,blockTimestamp,blockNumber) (contracts/L1/rollup/CanonicalTransactionChain.sol#808-815)
- batchesRef.pushByChainId(_chainId,batchHeaderHash,latestBatchContext) (contracts/L1/rollup/CanonicalTransactionChain.sol#989)
Event emitted after the call(s):
- SequencerBatchAppended(_chainId,nextQueueIndex - numQueuedTransactions,numQueuedTransactions,getTotalElementsByChainId(_chainId)) (contracts/L1/rollup/CanonicalTransactionChain.sol#817-822)
Reentrancy in CanonicalTransactionChain.deleteBatchElementsAfterInclusiveByChainId(uint256,uint256,bytes27) (contracts/L1/rollup/CanonicalTransactionChain.sol#1099-1114):
External calls:
- batches().deleteElementsAfterInclusiveByChainId(_chainId,_index,_globalMetadata) (contracts/L1/rollup/CanonicalTransactionChain.sol#1108-1112)
Event emitted after the call(s):
- BatchElementDeleted(msg.sender,_chainId,_index,_globalMetadata) (contracts/L1/rollup/CanonicalTransactionChain.sol#1113)
Reentrancy in CanonicalTransactionChain.pushBatchByChainId(uint256,bytes32,bytes27) (contracts/L1/rollup/CanonicalTransactionChain.sol#1059-1070):
External calls:
- batches().pushByChainId(_chainId,_object,_globalMetadata) (contracts/L1/rollup/CanonicalTransactionChain.sol#1068)
Event emitted after the call(s):
- BatchPushed(msg.sender,_chainId,_object,_globalMetadata) (contracts/L1/rollup/CanonicalTransactionChain.sol#1069)
Reentrancy in CanonicalTransactionChain.setBatchByChainId(uint256,uint256,bytes32) (contracts/L1/rollup/CanonicalTransactionChain.sol#1072-1083):
External calls:
- batches().setByChainId(_chainId,_index,_object) (contracts/L1/rollup/CanonicalTransactionChain.sol#1081)
Event emitted after the call(s):
- BatchSetted(msg.sender,_chainId,_index,_object) (contracts/L1/rollup/CanonicalTransactionChain.sol#1082)
Reentrancy in CanonicalTransactionChain.setBatchGlobalMetadataByChainId(uint256,bytes27) (contracts/L1/rollup/CanonicalTransactionChain.sol#1025-1035):
External calls:
- batches().setGlobalMetadataByChainId(_chainId,_globalMetadata) (contracts/L1/rollup/CanonicalTransactionChain.sol#1033)
Event emitted after the call(s):
- BatchesGlobalMetadataSet(msg.sender,_chainId,_globalMetadata) (contracts/L1/rollup/CanonicalTransactionChain.sol#1034)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
CanonicalTransactionChain.appendSequencerBatch() (contracts/L1/rollup/CanonicalTransactionChain.sol#228-320) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#232-236)
CanonicalTransactionChain._getBatchContext(uint256) (contracts/L1/rollup/CanonicalTransactionChain.sol#331-352) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#338-343)
CanonicalTransactionChain._getBatchExtraData() (contracts/L1/rollup/CanonicalTransactionChain.sol#359-399) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#377-395)
CanonicalTransactionChain._makeBatchExtraData(uint40,uint40,uint40,uint40) (contracts/L1/rollup/CanonicalTransactionChain.sol#409-425) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#416-422)
CanonicalTransactionChain.appendSequencerBatchByChainId() (contracts/L1/rollup/CanonicalTransactionChain.sol#713-826) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#721-726)
CanonicalTransactionChain._getBatchContextByChainId(uint256,uint256,uint256) (contracts/L1/rollup/CanonicalTransactionChain.sol#838-868) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#855-860)
CanonicalTransactionChain._getBatchExtraDataByChainId(uint256) (contracts/L1/rollup/CanonicalTransactionChain.sol#875-907) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#893-899)
CanonicalTransactionChain._makeBatchExtraDataByChainId(uint256,uint40,uint40,uint40,uint40) (contracts/L1/rollup/CanonicalTransactionChain.sol#917-940) uses assembly
- INLINE ASM (contracts/L1/rollup/CanonicalTransactionChain.sol#931-937)
Lib_RLPReader.toRLPItem(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#42-49) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#44-46)
Lib_RLPReader.readList(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#56-88) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#83-85)
Lib_RLPReader.readBytes32(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#144-163) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#153-160)
Lib_RLPReader.readBool(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#197-209) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#202-204)
Lib_RLPReader._decodeLength(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#264-331) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#277-279)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#300-303)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#322-325)
Lib_RLPReader._copy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPReader.sol#340-376) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#352-354)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#358-360)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#372-374)
Lib_RLPWriter._memcpy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#143-169) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#153-155)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#164-168)
Lib_RLPWriter._flatten(bytes[]) (contracts/libraries/rlp/Lib_RLPWriter.sol#177-207) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#190-192)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#198-200)
Lib_BytesUtils.slice(bytes,uint256,uint256) (contracts/libraries/utils/Lib_BytesUtils.sol#12-77) uses assembly
- INLINE ASM (contracts/libraries/utils/Lib_BytesUtils.sol#23-74)
Lib_BytesUtils.toBytes32(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#87-97) uses assembly
- INLINE ASM (contracts/libraries/utils/Lib_BytesUtils.sol#90-92)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
AddressAliasHelper.undoL1ToL2Alias(address) (contracts/standards/AddressAliasHelper.sol#38-42) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#20-22) is never used and should be removed
Lib_Bytes32Utils.fromAddress(address) (contracts/libraries/utils/Lib_Bytes32Utils.sol#44-46) is never used and should be removed
Lib_Bytes32Utils.fromBool(bool) (contracts/libraries/utils/Lib_Bytes32Utils.sol#26-28) is never used and should be removed
Lib_Bytes32Utils.toAddress(bytes32) (contracts/libraries/utils/Lib_Bytes32Utils.sol#35-37) is never used and should be removed
Lib_Bytes32Utils.toBool(bytes32) (contracts/libraries/utils/Lib_Bytes32Utils.sol#17-19) is never used and should be removed
Lib_BytesUtils.equal(bytes,bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#124-126) is never used and should be removed
Lib_BytesUtils.fromNibbles(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#114-122) is never used and should be removed
Lib_BytesUtils.slice(bytes,uint256) (contracts/libraries/utils/Lib_BytesUtils.sol#79-85) is never used and should be removed
Lib_BytesUtils.slice(bytes,uint256,uint256) (contracts/libraries/utils/Lib_BytesUtils.sol#12-77) is never used and should be removed
Lib_BytesUtils.toBytes32(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#87-97) is never used and should be removed
Lib_BytesUtils.toNibbles(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#103-112) is never used and should be removed
Lib_BytesUtils.toUint256(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#99-101) is never used and should be removed
Lib_OVMCodec.decodeEVMAccount(bytes) (contracts/libraries/codec/Lib_OVMCodec.sol#111-121) is never used and should be removed
Lib_OVMCodec.encodeTransaction(Lib_OVMCodec.Transaction) (contracts/libraries/codec/Lib_OVMCodec.sol#80-95) is never used and should be removed
Lib_OVMCodec.hashTransaction(Lib_OVMCodec.Transaction) (contracts/libraries/codec/Lib_OVMCodec.sol#102-104) is never used and should be removed
Lib_RLPReader._copy(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#383-385) is never used and should be removed
Lib_RLPReader._copy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPReader.sol#340-376) is never used and should be removed
Lib_RLPReader._decodeLength(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#264-331) is never used and should be removed
Lib_RLPReader.readAddress(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#225-233) is never used and should be removed
Lib_RLPReader.readAddress(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#240-242) is never used and should be removed
Lib_RLPReader.readBool(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#197-209) is never used and should be removed
Lib_RLPReader.readBool(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#216-218) is never used and should be removed
Lib_RLPReader.readBytes(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#104-110) is never used and should be removed
Lib_RLPReader.readBytes(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#117-119) is never used and should be removed
Lib_RLPReader.readBytes32(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#144-163) is never used and should be removed
Lib_RLPReader.readBytes32(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#170-172) is never used and should be removed
Lib_RLPReader.readList(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#56-88) is never used and should be removed
Lib_RLPReader.readList(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#95-97) is never used and should be removed
Lib_RLPReader.readRawBytes(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#249-251) is never used and should be removed
Lib_RLPReader.readString(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#126-128) is never used and should be removed
Lib_RLPReader.readString(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#135-137) is never used and should be removed
Lib_RLPReader.readUint256(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#179-181) is never used and should be removed
Lib_RLPReader.readUint256(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#188-190) is never used and should be removed
Lib_RLPReader.toRLPItem(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#42-49) is never used and should be removed
Lib_RLPWriter._flatten(bytes[]) (contracts/libraries/rlp/Lib_RLPWriter.sol#177-207) is never used and should be removed
Lib_RLPWriter._memcpy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#143-169) is never used and should be removed
Lib_RLPWriter._toBinary(uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#118-134) is never used and should be removed
Lib_RLPWriter._writeLength(uint256,uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#88-110) is never used and should be removed
Lib_RLPWriter.writeAddress(address) (contracts/libraries/rlp/Lib_RLPWriter.sol#54-56) is never used and should be removed
Lib_RLPWriter.writeBool(bool) (contracts/libraries/rlp/Lib_RLPWriter.sol#72-76) is never used and should be removed
Lib_RLPWriter.writeBytes(bytes) (contracts/libraries/rlp/Lib_RLPWriter.sol#18-28) is never used and should be removed
Lib_RLPWriter.writeList(bytes[]) (contracts/libraries/rlp/Lib_RLPWriter.sol#35-38) is never used and should be removed
Lib_RLPWriter.writeString(string) (contracts/libraries/rlp/Lib_RLPWriter.sol#45-47) is never used and should be removed
Lib_RLPWriter.writeUint(uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#63-65) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Parameter CanonicalTransactionChain.setGasParams(uint256,uint256)._l2GasDiscountDivisor (contracts/L1/rollup/CanonicalTransactionChain.sol#101) is not in mixedCase
Parameter CanonicalTransactionChain.setGasParams(uint256,uint256)._enqueueGasCost (contracts/L1/rollup/CanonicalTransactionChain.sol#101) is not in mixedCase
Parameter CanonicalTransactionChain.getQueueElement(uint256)._index (contracts/L1/rollup/CanonicalTransactionChain.sol#181) is not in mixedCase
Parameter CanonicalTransactionChain.enqueue(address,uint256,bytes)._target (contracts/L1/rollup/CanonicalTransactionChain.sol#213) is not in mixedCase
Parameter CanonicalTransactionChain.enqueue(address,uint256,bytes)._gasLimit (contracts/L1/rollup/CanonicalTransactionChain.sol#214) is not in mixedCase
Parameter CanonicalTransactionChain.enqueue(address,uint256,bytes)._data (contracts/L1/rollup/CanonicalTransactionChain.sol#215) is not in mixedCase
Parameter CanonicalTransactionChain.getTotalElementsByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#479) is not in mixedCase
Parameter CanonicalTransactionChain.getTotalBatchesByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#495) is not in mixedCase
Parameter CanonicalTransactionChain.getNextQueueIndexByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#510) is not in mixedCase
Parameter CanonicalTransactionChain.getLastTimestampByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#526) is not in mixedCase
Parameter CanonicalTransactionChain.getLastBlockNumberByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#542) is not in mixedCase
Parameter CanonicalTransactionChain.getQueueElementByChainId(uint256,uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#560) is not in mixedCase
Parameter CanonicalTransactionChain.getQueueElementByChainId(uint256,uint256)._index (contracts/L1/rollup/CanonicalTransactionChain.sol#561) is not in mixedCase
Parameter CanonicalTransactionChain.getNumPendingQueueElementsByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#578) is not in mixedCase
Parameter CanonicalTransactionChain.getQueueLengthByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#596) is not in mixedCase
Parameter CanonicalTransactionChain.enqueueByChainId(uint256,address,uint256,bytes)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#615) is not in mixedCase
Parameter CanonicalTransactionChain.enqueueByChainId(uint256,address,uint256,bytes)._target (contracts/L1/rollup/CanonicalTransactionChain.sol#616) is not in mixedCase
Parameter CanonicalTransactionChain.enqueueByChainId(uint256,address,uint256,bytes)._gasLimit (contracts/L1/rollup/CanonicalTransactionChain.sol#617) is not in mixedCase
Parameter CanonicalTransactionChain.enqueueByChainId(uint256,address,uint256,bytes)._data (contracts/L1/rollup/CanonicalTransactionChain.sol#618) is not in mixedCase
Parameter CanonicalTransactionChain.uint2str(uint256)._i (contracts/L1/rollup/CanonicalTransactionChain.sol#684) is not in mixedCase
Parameter CanonicalTransactionChain.pushQueueByChainId(uint256,Lib_OVMCodec.QueueElement)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1001) is not in mixedCase
Parameter CanonicalTransactionChain.pushQueueByChainId(uint256,Lib_OVMCodec.QueueElement)._object (contracts/L1/rollup/CanonicalTransactionChain.sol#1002) is not in mixedCase
Parameter CanonicalTransactionChain.setQueueByChainId(uint256,uint256,Lib_OVMCodec.QueueElement)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1013) is not in mixedCase
Parameter CanonicalTransactionChain.setQueueByChainId(uint256,uint256,Lib_OVMCodec.QueueElement)._index (contracts/L1/rollup/CanonicalTransactionChain.sol#1014) is not in mixedCase
Parameter CanonicalTransactionChain.setQueueByChainId(uint256,uint256,Lib_OVMCodec.QueueElement)._object (contracts/L1/rollup/CanonicalTransactionChain.sol#1015) is not in mixedCase
Parameter CanonicalTransactionChain.setBatchGlobalMetadataByChainId(uint256,bytes27)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1026) is not in mixedCase
Parameter CanonicalTransactionChain.setBatchGlobalMetadataByChainId(uint256,bytes27)._globalMetadata (contracts/L1/rollup/CanonicalTransactionChain.sol#1027) is not in mixedCase
Parameter CanonicalTransactionChain.getBatchGlobalMetadataByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1037) is not in mixedCase
Parameter CanonicalTransactionChain.lengthBatchByChainId(uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1048) is not in mixedCase
Parameter CanonicalTransactionChain.pushBatchByChainId(uint256,bytes32,bytes27)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1060) is not in mixedCase
Parameter CanonicalTransactionChain.pushBatchByChainId(uint256,bytes32,bytes27)._object (contracts/L1/rollup/CanonicalTransactionChain.sol#1061) is not in mixedCase
Parameter CanonicalTransactionChain.pushBatchByChainId(uint256,bytes32,bytes27)._globalMetadata (contracts/L1/rollup/CanonicalTransactionChain.sol#1062) is not in mixedCase
Parameter CanonicalTransactionChain.setBatchByChainId(uint256,uint256,bytes32)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1073) is not in mixedCase
Parameter CanonicalTransactionChain.setBatchByChainId(uint256,uint256,bytes32)._index (contracts/L1/rollup/CanonicalTransactionChain.sol#1074) is not in mixedCase
Parameter CanonicalTransactionChain.setBatchByChainId(uint256,uint256,bytes32)._object (contracts/L1/rollup/CanonicalTransactionChain.sol#1075) is not in mixedCase
Parameter CanonicalTransactionChain.getBatchByChainId(uint256,uint256)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1086) is not in mixedCase
Parameter CanonicalTransactionChain.getBatchByChainId(uint256,uint256)._index (contracts/L1/rollup/CanonicalTransactionChain.sol#1087) is not in mixedCase
Parameter CanonicalTransactionChain.deleteBatchElementsAfterInclusiveByChainId(uint256,uint256,bytes27)._chainId (contracts/L1/rollup/CanonicalTransactionChain.sol#1100) is not in mixedCase
Parameter CanonicalTransactionChain.deleteBatchElementsAfterInclusiveByChainId(uint256,uint256,bytes27)._index (contracts/L1/rollup/CanonicalTransactionChain.sol#1101) is not in mixedCase
Parameter CanonicalTransactionChain.deleteBatchElementsAfterInclusiveByChainId(uint256,uint256,bytes27)._globalMetadata (contracts/L1/rollup/CanonicalTransactionChain.sol#1102) is not in mixedCase
Contract Lib_OVMCodec (contracts/libraries/codec/Lib_OVMCodec.sol#13-143) is not in CapWords
Parameter Lib_OVMCodec.encodeTransaction(Lib_OVMCodec.Transaction)._transaction (contracts/libraries/codec/Lib_OVMCodec.sol#80) is not in mixedCase
Parameter Lib_OVMCodec.hashTransaction(Lib_OVMCodec.Transaction)._transaction (contracts/libraries/codec/Lib_OVMCodec.sol#102) is not in mixedCase
Parameter Lib_OVMCodec.decodeEVMAccount(bytes)._encoded (contracts/libraries/codec/Lib_OVMCodec.sol#111) is not in mixedCase
Parameter Lib_OVMCodec.hashBatchHeader(Lib_OVMCodec.ChainBatchHeader)._batchHeader (contracts/libraries/codec/Lib_OVMCodec.sol#128) is not in mixedCase
Contract Lib_AddressManager (contracts/libraries/resolver/Lib_AddressManager.sol#10-61) is not in CapWords
Parameter Lib_AddressManager.setAddress(string,address)._name (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.setAddress(string,address)._address (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.getAddress(string)._name (contracts/libraries/resolver/Lib_AddressManager.sol#45) is not in mixedCase
Contract Lib_AddressResolver (contracts/libraries/resolver/Lib_AddressResolver.sol#10-40) is not in CapWords
Parameter Lib_AddressResolver.resolve(string)._name (contracts/libraries/resolver/Lib_AddressResolver.sol#37) is not in mixedCase
Contract Lib_RLPReader (contracts/libraries/rlp/Lib_RLPReader.sol#8-386) is not in CapWords
Parameter Lib_RLPReader.toRLPItem(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#42) is not in mixedCase
Parameter Lib_RLPReader.readList(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#56) is not in mixedCase
Parameter Lib_RLPReader.readList(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#95) is not in mixedCase
Parameter Lib_RLPReader.readBytes(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#104) is not in mixedCase
Parameter Lib_RLPReader.readBytes(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#117) is not in mixedCase
Parameter Lib_RLPReader.readString(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#126) is not in mixedCase
Parameter Lib_RLPReader.readString(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#135) is not in mixedCase
Parameter Lib_RLPReader.readBytes32(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#144) is not in mixedCase
Parameter Lib_RLPReader.readBytes32(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#170) is not in mixedCase
Parameter Lib_RLPReader.readUint256(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#179) is not in mixedCase
Parameter Lib_RLPReader.readUint256(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#188) is not in mixedCase
Parameter Lib_RLPReader.readBool(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#197) is not in mixedCase
Parameter Lib_RLPReader.readBool(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#216) is not in mixedCase
Parameter Lib_RLPReader.readAddress(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#225) is not in mixedCase
Parameter Lib_RLPReader.readAddress(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#240) is not in mixedCase
Parameter Lib_RLPReader.readRawBytes(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#249) is not in mixedCase
Contract Lib_RLPWriter (contracts/libraries/rlp/Lib_RLPWriter.sol#8-208) is not in CapWords
Parameter Lib_RLPWriter.writeBytes(bytes)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#18) is not in mixedCase
Parameter Lib_RLPWriter.writeList(bytes[])._in (contracts/libraries/rlp/Lib_RLPWriter.sol#35) is not in mixedCase
Parameter Lib_RLPWriter.writeString(string)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#45) is not in mixedCase
Parameter Lib_RLPWriter.writeAddress(address)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#54) is not in mixedCase
Parameter Lib_RLPWriter.writeUint(uint256)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#63) is not in mixedCase
Parameter Lib_RLPWriter.writeBool(bool)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#72) is not in mixedCase
Contract Lib_Bytes32Utils (contracts/libraries/utils/Lib_Bytes32Utils.sol#7-47) is not in CapWords
Parameter Lib_Bytes32Utils.toBool(bytes32)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#17) is not in mixedCase
Parameter Lib_Bytes32Utils.fromBool(bool)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#26) is not in mixedCase
Parameter Lib_Bytes32Utils.toAddress(bytes32)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#35) is not in mixedCase
Parameter Lib_Bytes32Utils.fromAddress(address)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#44) is not in mixedCase
Contract Lib_BytesUtils (contracts/libraries/utils/Lib_BytesUtils.sol#7-127) is not in CapWords
Parameter Lib_BytesUtils.slice(bytes,uint256,uint256)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#13) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256,uint256)._start (contracts/libraries/utils/Lib_BytesUtils.sol#14) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256,uint256)._length (contracts/libraries/utils/Lib_BytesUtils.sol#15) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#79) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256)._start (contracts/libraries/utils/Lib_BytesUtils.sol#79) is not in mixedCase
Parameter Lib_BytesUtils.toBytes32(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#87) is not in mixedCase
Parameter Lib_BytesUtils.toUint256(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#99) is not in mixedCase
Parameter Lib_BytesUtils.toNibbles(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#103) is not in mixedCase
Parameter Lib_BytesUtils.fromNibbles(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#114) is not in mixedCase
Parameter Lib_BytesUtils.equal(bytes,bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#124) is not in mixedCase
Parameter Lib_BytesUtils.equal(bytes,bytes)._other (contracts/libraries/utils/Lib_BytesUtils.sol#124) is not in mixedCase
Constant AddressAliasHelper.offset (contracts/standards/AddressAliasHelper.sol#22) is not in UPPER_CASE_WITH_UNDERSCORES
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Variable CanonicalTransactionChain._getBatchContext(uint256).numSequencedTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#333) is too similar to CanonicalTransactionChain.appendSequencerBatch().numSequencerTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#255)
Variable CanonicalTransactionChain._getBatchContextByChainId(uint256,uint256,uint256).numSequencedTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#850) is too similar to CanonicalTransactionChain.appendSequencerBatchByChainId().numSequencerTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#764)
Variable CanonicalTransactionChain._getBatchContextByChainId(uint256,uint256,uint256).numSequencedTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#850) is too similar to CanonicalTransactionChain.appendSequencerBatch().numSequencerTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#255)
Variable CanonicalTransactionChain._getBatchContext(uint256).numSequencedTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#333) is too similar to CanonicalTransactionChain.appendSequencerBatchByChainId().numSequencerTransactions (contracts/L1/rollup/CanonicalTransactionChain.sol#764)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#variable-names-too-similar
INFO:Detectors:
CanonicalTransactionChain.BATCH_CONTEXT_LENGTH_POS (contracts/L1/rollup/CanonicalTransactionChain.sol#45) is never used in CanonicalTransactionChain (contracts/L1/rollup/CanonicalTransactionChain.sol#23-1115)
CanonicalTransactionChain.TX_DATA_HEADER_SIZE (contracts/L1/rollup/CanonicalTransactionChain.sol#47) is never used in CanonicalTransactionChain (contracts/L1/rollup/CanonicalTransactionChain.sol#23-1115)
CanonicalTransactionChain.BYTES_TILL_TX_DATA (contracts/L1/rollup/CanonicalTransactionChain.sol#48) is never used in CanonicalTransactionChain (contracts/L1/rollup/CanonicalTransactionChain.sol#23-1115)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variable
INFO:Detectors:
CanonicalTransactionChain.maxTransactionGasLimit (contracts/L1/rollup/CanonicalTransactionChain.sol#54) should be immutable
Lib_AddressResolver.libAddressManager (contracts/libraries/resolver/Lib_AddressResolver.sol#15) should be immutable
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-immutable
INFO:Slither:0x56a76bcc92361f6df8d75476fed8843edc70e1c9 analyzed (13 contracts with 82 detectors), 174 result(s) found
Slither report for MVM_DiscountOracle at `0x7f6B0b7589febc40419a8646EFf9801b87397063`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
Warning: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
--> crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol
Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol:350:46:
|
350 | function processL2SeqGas(address sender, uint256 _chainId)
| ^^^^^^^^^^^^^^^^
INFO:Detectors:
MVM_DiscountOracle.uint2str(uint256) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#356-376) performs a multiplication on the result of a division:
- temp = (48 + uint8(_i - _i / 10 * 10)) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#370)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
INFO:Detectors:
MVM_DiscountOracle.setDiscount(uint256) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#293-301) should emit an event for:
- discount = _discount (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#300)
MVM_DiscountOracle.setMinL2Gas(uint256) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#303-311) should emit an event for:
- minL2Gas = _minL2Gas (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#310)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-events-arithmetic
INFO:Detectors:
MVM_DiscountOracle.isXDomainSenderAllowed(address) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#324-338) compares to a boolean constant:
-(allowAllXDomainSenders == true || xDomainWL[_sender]) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#334-337)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#boolean-equality
INFO:Detectors:
Context._msgData() (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#58-60) is never used and should be removed
MVM_DiscountOracle.uint2str(uint256) (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#356-376) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Contract iMVM_DiscountOracle (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#8-34) is not in CapWords
Contract Lib_AddressManager (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#147-198) is not in CapWords
Parameter Lib_AddressManager.setAddress(string,address)._name (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#169) is not in mixedCase
Parameter Lib_AddressManager.setAddress(string,address)._address (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#169) is not in mixedCase
Parameter Lib_AddressManager.getAddress(string)._name (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#182) is not in mixedCase
Contract Lib_AddressResolver (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#211-241) is not in CapWords
Parameter Lib_AddressResolver.resolve(string)._name (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#238) is not in mixedCase
Contract MVM_DiscountOracle (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#252-378) is not in CapWords
Parameter MVM_DiscountOracle.setDiscount(uint256)._discount (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#294) is not in mixedCase
Parameter MVM_DiscountOracle.setMinL2Gas(uint256)._minL2Gas (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#304) is not in mixedCase
Parameter MVM_DiscountOracle.setWhitelistedXDomainSender(address,bool)._sender (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#314) is not in mixedCase
Parameter MVM_DiscountOracle.setWhitelistedXDomainSender(address,bool)._isWhitelisted (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#315) is not in mixedCase
Parameter MVM_DiscountOracle.isXDomainSenderAllowed(address)._sender (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#325) is not in mixedCase
Parameter MVM_DiscountOracle.setAllowAllXDomainSenders(bool)._allowAllXDomainSenders (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#341) is not in mixedCase
Parameter MVM_DiscountOracle.uint2str(uint256)._i (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#356) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Lib_AddressResolver.libAddressManager (crytic-export/etherscan-contracts/0x7f6b0b7589febc40419a8646eff9801b87397063-MVM_DiscountOracle.sol#216) should be immutable
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-immutable
INFO:Slither:0x7f6b0b7589febc40419a8646eff9801b87397063 analyzed (6 contracts with 82 detectors), 22 result(s) found
Slither report for InitializableAdminUpgradeabilityProxy at `0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9` with implementation AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9-InitializableAdminUpgradeabilityProxy' running
Warning: contracts/open-zeppelin/Address.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/Proxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/SafeMath.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/UpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.
Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol:13:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, InitializableUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
fallback () payable external {
^ (Relevant source part starts here and spans across multiple lines).
Warning: contracts/utils/MockTransferHook.sol:9:25: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^----------^
Warning: contracts/utils/MockTransferHook.sol:9:39: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^--------^
Warning: contracts/utils/MockTransferHook.sol:9:51: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function onTransfer(address from, address to, uint256 amount) external override {
^------------^
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68) ignores return value by LEND.transferFrom(msg.sender,address(this),amount) (contracts/token/LendToAaveMigrator.sol#65)
LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68) ignores return value by AAVE.transfer(msg.sender,amount.div(LEND_AAVE_RATIO)) (contracts/token/LendToAaveMigrator.sol#66)
DoubleTransferHelper.doubleSend(address,uint256,uint256) (contracts/utils/DoubleTransferHelper.sol#14-17) ignores return value by AAVE.transfer(to,amount1) (contracts/utils/DoubleTransferHelper.sol#15)
DoubleTransferHelper.doubleSend(address,uint256,uint256) (contracts/utils/DoubleTransferHelper.sol#14-17) ignores return value by AAVE.transfer(to,amount2) (contracts/utils/DoubleTransferHelper.sol#16)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer
INFO:Detectors:
AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153) uses a dangerous strict equality:
- ownerCountOfSnapshots != 0 && snapshotsOwner[ownerCountOfSnapshots.sub(1)].blockNumber == currentBlock (contracts/token/AaveToken.sol#145)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
Reentrancy in AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85):
External calls:
- _mint(migrator,MIGRATION_AMOUNT) (contracts/token/AaveToken.sol#83)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
State variables written after the call(s):
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- _balances[account] = _balances[account].add(amount) (contracts/open-zeppelin/ERC20.sol#235)
ERC20._balances (contracts/open-zeppelin/ERC20.sol#38) can be used in cross function reentrancies:
- ERC20._mint(address,uint256) (contracts/open-zeppelin/ERC20.sol#229-237)
- ERC20._transfer(address,address,uint256) (contracts/open-zeppelin/ERC20.sol#209-218)
- ERC20.balanceOf(address) (contracts/open-zeppelin/ERC20.sol#105-107)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- _countsSnapshots[owner] = ownerCountOfSnapshots.add(1) (contracts/token/AaveToken.sol#149)
AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38) can be used in cross function reentrancies:
- AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38)
- AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- snapshotsOwner[ownerCountOfSnapshots.sub(1)].value = newValue (contracts/token/AaveToken.sol#146)
- snapshotsOwner[ownerCountOfSnapshots] = Snapshot(currentBlock,newValue) (contracts/token/AaveToken.sol#148)
AaveToken._snapshots (contracts/token/AaveToken.sol#36) can be used in cross function reentrancies:
- AaveToken._snapshots (contracts/token/AaveToken.sol#36)
- AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- _totalSupply = _totalSupply.add(amount) (contracts/open-zeppelin/ERC20.sol#234)
ERC20._totalSupply (contracts/open-zeppelin/ERC20.sol#42) can be used in cross function reentrancies:
- ERC20._mint(address,uint256) (contracts/open-zeppelin/ERC20.sol#229-237)
- ERC20.totalSupply() (contracts/open-zeppelin/ERC20.sol#98-100)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
ERC20.constructor(string,string).name (contracts/open-zeppelin/ERC20.sol#57) shadows:
- ERC20.name() (contracts/open-zeppelin/ERC20.sol#66-68) (function)
ERC20.constructor(string,string).symbol (contracts/open-zeppelin/ERC20.sol#57) shadows:
- ERC20.symbol() (contracts/open-zeppelin/ERC20.sol#74-76) (function)
InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._admin (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) shadows:
- BaseAdminUpgradeabilityProxy._admin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#94-99) (function)
MintableErc20.constructor(string,string,uint8).name (contracts/utils/MintableErc20.sol#11) shadows:
- ERC20.name() (contracts/open-zeppelin/ERC20.sol#66-68) (function)
MintableErc20.constructor(string,string,uint8).symbol (contracts/utils/MintableErc20.sol#11) shadows:
- ERC20.symbol() (contracts/open-zeppelin/ERC20.sol#74-76) (function)
MintableErc20.constructor(string,string,uint8).decimals (contracts/utils/MintableErc20.sol#11) shadows:
- ERC20.decimals() (contracts/open-zeppelin/ERC20.sol#91-93) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#85) lacks a zero-check on :
- (success) = newImplementation.delegatecall(data) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#87)
UpgradeabilityProxy.constructor(address,bytes)._logic (contracts/open-zeppelin/UpgradeabilityProxy.sol#19) lacks a zero-check on :
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/UpgradeabilityProxy.sol#23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseAdminUpgradeabilityProxy.ifAdmin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#34-40) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
Reentrancy in AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85):
External calls:
- _mint(migrator,MIGRATION_AMOUNT) (contracts/token/AaveToken.sol#83)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
Event emitted after the call(s):
- SnapshotDone(owner,oldValue,newValue) (contracts/token/AaveToken.sol#152)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
- Transfer(address(0),account,amount) (contracts/open-zeppelin/ERC20.sol#236)
- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
Reentrancy in LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68):
External calls:
- LEND.transferFrom(msg.sender,address(this),amount) (contracts/token/LendToAaveMigrator.sol#65)
- AAVE.transfer(msg.sender,amount.div(LEND_AAVE_RATIO)) (contracts/token/LendToAaveMigrator.sol#66)
Event emitted after the call(s):
- LendMigrated(msg.sender,amount) (contracts/token/LendToAaveMigrator.sol#67)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
AaveToken.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (contracts/token/AaveToken.sol#98-123) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,INVALID_EXPIRATION) (contracts/token/AaveToken.sol#109)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.isContract(address) (contracts/open-zeppelin/Address.sol#24-33) uses assembly
- INLINE ASM (contracts/open-zeppelin/Address.sol#31)
BaseAdminUpgradeabilityProxy._admin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#94-99) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#96-98)
BaseAdminUpgradeabilityProxy._setAdmin(address) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#105-111) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#108-110)
BaseUpgradeabilityProxy._implementation() (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#30-35) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#32-34)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#50-58) uses assembly
- INLINE ASM (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#55-57)
Proxy._delegate(address) (contracts/open-zeppelin/Proxy.sol#30-49) uses assembly
- INLINE ASM (contracts/open-zeppelin/Proxy.sol#31-48)
AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85) uses assembly
- INLINE ASM (contracts/token/AaveToken.sol#68-70)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/open-zeppelin/Address.sol#51-57) is never used and should be removed
Context._msgData() (contracts/open-zeppelin/Context.sol#20-23) is never used and should be removed
ERC20._burn(address,uint256) (contracts/open-zeppelin/ERC20.sol#250-258) is never used and should be removed
SafeMath.mod(uint256,uint256) (contracts/open-zeppelin/SafeMath.sol#131-133) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (contracts/open-zeppelin/SafeMath.sol#146-149) is never used and should be removed
SafeMath.mul(uint256,uint256) (contracts/open-zeppelin/SafeMath.sol#71-83) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/open-zeppelin/Address.sol#51-57):
- (success) = recipient.call{value: amount}() (contracts/open-zeppelin/Address.sol#55)
Low level call in BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#85-89):
- (success) = newImplementation.delegatecall(data) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#87)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20-28):
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
Low level call in UpgradeabilityProxy.constructor(address,bytes) (contracts/open-zeppelin/UpgradeabilityProxy.sol#19-26):
- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/UpgradeabilityProxy.sol#23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
DoubleTransferHelper (contracts/utils/DoubleTransferHelper.sol#6-19) should inherit from VersionedInitializable (contracts/utils/VersionedInitializable.sol#18-44)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-inheritance
INFO:Detectors:
Variable ERC20._name (contracts/open-zeppelin/ERC20.sol#44) is not in mixedCase
Variable ERC20._symbol (contracts/open-zeppelin/ERC20.sol#45) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._logic (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._admin (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._data (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable AaveToken._nonces (contracts/token/AaveToken.sol#34) is not in mixedCase
Variable AaveToken._snapshots (contracts/token/AaveToken.sol#36) is not in mixedCase
Variable AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38) is not in mixedCase
Variable AaveToken._aaveGovernance (contracts/token/AaveToken.sol#43) is not in mixedCase
Variable AaveToken.DOMAIN_SEPARATOR (contracts/token/AaveToken.sol#45) is not in mixedCase
Variable LendToAaveMigrator.AAVE (contracts/token/LendToAaveMigrator.sol#17) is not in mixedCase
Variable LendToAaveMigrator.LEND (contracts/token/LendToAaveMigrator.sol#18) is not in mixedCase
Variable LendToAaveMigrator.LEND_AAVE_RATIO (contracts/token/LendToAaveMigrator.sol#19) is not in mixedCase
Variable LendToAaveMigrator._totalLendMigrated (contracts/token/LendToAaveMigrator.sol#22) is not in mixedCase
Variable DoubleTransferHelper.AAVE (contracts/utils/DoubleTransferHelper.sol#8) is not in mixedCase
Variable VersionedInitializable.______gap (contracts/utils/VersionedInitializable.sol#43) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (contracts/open-zeppelin/Context.sol#21)" inContext (contracts/open-zeppelin/Context.sol#15-25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Slither:0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9 analyzed (19 contracts with 82 detectors), 57 result(s) found
Slither report for L1CrossDomainMessenger at `0x8bF439ef7167023F009E24b21719Ca5f768Ecb36`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x8bf439ef7167023f009e24b21719ca5f768ecb36-L1CrossDomainMessenger' running
Warning: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
--> contracts/L1/messaging/L1CrossDomainMessenger.sol:525:9:
|
525 | uint256 _chainId,
| ^^^^^^^^^^^^^^^^
Warning: Warning: Function state mutability can be restricted to pure
--> contracts/L1/messaging/L1CrossDomainMessenger.sol:524:5:
|
524 | function _verifyStorageProofByChainId(
| ^ (Relevant source part starts here and spans across multiple lines).
INFO:Detectors:
Reentrancy in L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306):
External calls:
- (success) = _target.call(_message) (contracts/L1/messaging/L1CrossDomainMessenger.sol#284)
State variables written after the call(s):
- successfulMessages[xDomainCalldataHash] = true (contracts/L1/messaging/L1CrossDomainMessenger.sol#290)
L1CrossDomainMessenger.successfulMessages (contracts/L1/messaging/L1CrossDomainMessenger.sol#60) can be used in cross function reentrancies:
- L1CrossDomainMessenger.successfulMessages (contracts/L1/messaging/L1CrossDomainMessenger.sol#60)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
Lib_MerkleTrie._getUpdatedTrieRoot(Lib_MerkleTrie.TrieNode[],bytes).currentNode (contracts/libraries/trie/Lib_MerkleTrie.sol#461) is a local variable never initialized
Lib_MerkleTrie._getUpdatedTrieRoot(Lib_MerkleTrie.TrieNode[],bytes).previousNodeHash (contracts/libraries/trie/Lib_MerkleTrie.sol#463) is a local variable never initialized
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables
INFO:Detectors:
Lib_SecureMerkleTrie.get(bytes,bytes,bytes32) (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#66-73) ignores return value by Lib_MerkleTrie.get(key,_proof,_root) (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#72)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return
INFO:Detectors:
L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._sender (contracts/L1/messaging/L1CrossDomainMessenger.sol#241) lacks a zero-check on :
- xDomainMsgSender = _sender (contracts/L1/messaging/L1CrossDomainMessenger.sol#283)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Reentrancy in L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306):
External calls:
- (success) = _target.call(_message) (contracts/L1/messaging/L1CrossDomainMessenger.sol#284)
State variables written after the call(s):
- relayedMessages[relayId] = true (contracts/L1/messaging/L1CrossDomainMessenger.sol#305)
- xDomainMsgSender = Lib_DefaultValues.DEFAULT_XDOMAIN_SENDER (contracts/L1/messaging/L1CrossDomainMessenger.sol#285)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2
INFO:Detectors:
Reentrancy in L1CrossDomainMessenger.sendMessage(address,bytes,uint32) (contracts/L1/messaging/L1CrossDomainMessenger.sol#137-161):
External calls:
- oracle.processL2SeqGas{value: msg.value}(msg.sender,DEFAULT_CHAINID) (contracts/L1/messaging/L1CrossDomainMessenger.sol#145)
- _sendXDomainMessage(ovmCanonicalTransactionChain,xDomainCalldata,_gasLimit) (contracts/L1/messaging/L1CrossDomainMessenger.sol#158)
- ICanonicalTransactionChain(_canonicalTransactionChain).enqueue(Lib_PredeployAddresses.L2_CROSS_DOMAIN_MESSENGER,_gasLimit,_message) (contracts/L1/messaging/L1CrossDomainMessenger.sol#459-463)
External calls sending eth:
- oracle.processL2SeqGas{value: msg.value}(msg.sender,DEFAULT_CHAINID) (contracts/L1/messaging/L1CrossDomainMessenger.sol#145)
Event emitted after the call(s):
- SentMessage(_target,msg.sender,_message,nonce,_gasLimit,DEFAULT_CHAINID) (contracts/L1/messaging/L1CrossDomainMessenger.sol#160)
Reentrancy in L1CrossDomainMessenger.sendMessageViaChainId(uint256,address,bytes,uint32) (contracts/L1/messaging/L1CrossDomainMessenger.sol#170-205):
External calls:
- oracle.processL2SeqGas{value: msg.value}(msg.sender,_chainId) (contracts/L1/messaging/L1CrossDomainMessenger.sol#184)
- _sendXDomainMessageViaChainId(_chainId,ovmCanonicalTransactionChain,xDomainCalldataRaw,_gasLimit) (contracts/L1/messaging/L1CrossDomainMessenger.sol#198-203)
- ICanonicalTransactionChain(_canonicalTransactionChain).enqueueByChainId(_chainId,Lib_PredeployAddresses.L2_CROSS_DOMAIN_MESSENGER,_gasLimit,_message) (contracts/L1/messaging/L1CrossDomainMessenger.sol#585-590)
External calls sending eth:
- oracle.processL2SeqGas{value: msg.value}(msg.sender,_chainId) (contracts/L1/messaging/L1CrossDomainMessenger.sol#184)
Event emitted after the call(s):
- SentMessage(_target,msg.sender,_message,nonce,_gasLimit,_chainId) (contracts/L1/messaging/L1CrossDomainMessenger.sol#204)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
Lib_RLPReader.toRLPItem(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#42-49) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#44-46)
Lib_RLPReader.readList(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#56-88) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#83-85)
Lib_RLPReader.readBytes32(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#144-163) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#153-160)
Lib_RLPReader.readBool(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#197-209) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#202-204)
Lib_RLPReader._decodeLength(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#264-331) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#277-279)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#300-303)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#322-325)
Lib_RLPReader._copy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPReader.sol#340-376) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#352-354)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#358-360)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPReader.sol#372-374)
Lib_RLPWriter._memcpy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#143-169) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#153-155)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#164-168)
Lib_RLPWriter._flatten(bytes[]) (contracts/libraries/rlp/Lib_RLPWriter.sol#177-207) uses assembly
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#190-192)
- INLINE ASM (contracts/libraries/rlp/Lib_RLPWriter.sol#198-200)
Lib_BytesUtils.slice(bytes,uint256,uint256) (contracts/libraries/utils/Lib_BytesUtils.sol#12-77) uses assembly
- INLINE ASM (contracts/libraries/utils/Lib_BytesUtils.sol#23-74)
Lib_BytesUtils.toBytes32(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#87-97) uses assembly
- INLINE ASM (contracts/libraries/utils/Lib_BytesUtils.sol#90-92)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306) compares to a boolean constant:
-require(bool,string)(_verifyXDomainMessageByChainId(_chainId,xDomainCalldata,_proof) == true,Provided message could not be verified.) (contracts/L1/messaging/L1CrossDomainMessenger.sol#257-264)
L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306) compares to a boolean constant:
-require(bool,string)(successfulMessages[xDomainCalldataHash] == false,Provided message has already been received.) (contracts/L1/messaging/L1CrossDomainMessenger.sol#268-271)
L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306) compares to a boolean constant:
-success == true (contracts/L1/messaging/L1CrossDomainMessenger.sol#289)
L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306) compares to a boolean constant:
-require(bool,string)(blockedMessages[xDomainCalldataHash] == false,Provided message has been blocked.) (contracts/L1/messaging/L1CrossDomainMessenger.sol#273-276)
L1CrossDomainMessenger._verifyStateRootProof(IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#384-400) compares to a boolean constant:
-(ovmStateCommitmentChain.insideFraudProofWindow(_proof.stateRootBatchHeader) == false && ovmStateCommitmentChain.verifyStateCommitment(_proof.stateRoot,_proof.stateRootBatchHeader,_proof.stateRootProof)) (contracts/L1/messaging/L1CrossDomainMessenger.sol#393-399)
L1CrossDomainMessenger._verifyStorageProof(bytes,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#408-446) compares to a boolean constant:
-require(bool,string)(exists == true,Message passing predeploy has not been initialized or invalid proof provided.) (contracts/L1/messaging/L1CrossDomainMessenger.sol#430-433)
L1CrossDomainMessenger._verifyStateRootProofByChainId(uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#493-516) compares to a boolean constant:
-(ovmStateCommitmentChain.insideFraudProofWindowByChainId(_chainId,_proof.stateRootBatchHeader) == false && ovmStateCommitmentChain.verifyStateCommitmentByChainId(_chainId,_proof.stateRoot,_proof.stateRootBatchHeader,_proof.stateRootProof)) (contracts/L1/messaging/L1CrossDomainMessenger.sol#507-515)
L1CrossDomainMessenger._verifyStorageProofByChainId(uint256,bytes,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#524-569) compares to a boolean constant:
-require(bool,string)(exists == true,Message passing predeploy has not been initialized or invalid proof provided.) (contracts/L1/messaging/L1CrossDomainMessenger.sol#553-556)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#boolean-equality
INFO:Detectors:
Lib_MerkleTrie._getNewPath(Lib_MerkleTrie.TrieNode[],uint256,bytes,bytes,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#286-445) has a high cyclomatic complexity (14).
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#cyclomatic-complexity
INFO:Detectors:
AddressAliasHelper.undoL1ToL2Alias(address) (contracts/standards/AddressAliasHelper.sol#38-42) is never used and should be removed
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#20-22) is never used and should be removed
ContextUpgradeable.__Context_init() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#17-19) is never used and should be removed
ContextUpgradeable._msgData() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#27-29) is never used and should be removed
L1CrossDomainMessenger._verifyStateRootProof(IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#384-400) is never used and should be removed
L1CrossDomainMessenger._verifyStorageProof(bytes,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#408-446) is never used and should be removed
L1CrossDomainMessenger._verifyXDomainMessage(bytes,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#372-377) is never used and should be removed
Lib_Bytes32Utils.fromAddress(address) (contracts/libraries/utils/Lib_Bytes32Utils.sol#44-46) is never used and should be removed
Lib_Bytes32Utils.fromBool(bool) (contracts/libraries/utils/Lib_Bytes32Utils.sol#26-28) is never used and should be removed
Lib_Bytes32Utils.toAddress(bytes32) (contracts/libraries/utils/Lib_Bytes32Utils.sol#35-37) is never used and should be removed
Lib_Bytes32Utils.toBool(bytes32) (contracts/libraries/utils/Lib_Bytes32Utils.sol#17-19) is never used and should be removed
Lib_BytesUtils.fromNibbles(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#114-122) is never used and should be removed
Lib_BytesUtils.toUint256(bytes) (contracts/libraries/utils/Lib_BytesUtils.sol#99-101) is never used and should be removed
Lib_CrossDomainUtils.encodeXDomainCalldataViaChainId(uint256,address,address,bytes,uint256) (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#44-65) is never used and should be removed
Lib_MerkleTrie._addHexPrefix(bytes,bool) (contracts/libraries/trie/Lib_MerkleTrie.sol#768-778) is never used and should be removed
Lib_MerkleTrie._editBranchIndex(Lib_MerkleTrie.TrieNode,uint8,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#752-760) is never used and should be removed
Lib_MerkleTrie._editBranchValue(Lib_MerkleTrie.TrieNode,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#735-743) is never used and should be removed
Lib_MerkleTrie._editExtensionNodeValue(Lib_MerkleTrie.TrieNode,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#680-694) is never used and should be removed
Lib_MerkleTrie._getNewPath(Lib_MerkleTrie.TrieNode[],uint256,bytes,bytes,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#286-445) is never used and should be removed
Lib_MerkleTrie._getNodeHash(bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#579-585) is never used and should be removed
Lib_MerkleTrie._getNodeKey(Lib_MerkleTrie.TrieNode) (contracts/libraries/trie/Lib_MerkleTrie.sol#560-562) is never used and should be removed
Lib_MerkleTrie._getNodeType(Lib_MerkleTrie.TrieNode) (contracts/libraries/trie/Lib_MerkleTrie.sol#592-607) is never used and should be removed
Lib_MerkleTrie._getUpdatedTrieRoot(Lib_MerkleTrie.TrieNode[],bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#453-505) is never used and should be removed
Lib_MerkleTrie._joinNodeArrays(Lib_MerkleTrie.TrieNode[],uint256,Lib_MerkleTrie.TrieNode[],uint256) (contracts/libraries/trie/Lib_MerkleTrie.sol#807-826) is never used and should be removed
Lib_MerkleTrie._makeEmptyBranchNode() (contracts/libraries/trie/Lib_MerkleTrie.sol#721-727) is never used and should be removed
Lib_MerkleTrie._makeExtensionNode(bytes,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#662-672) is never used and should be removed
Lib_MerkleTrie._makeLeafNode(bytes,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#705-715) is never used and should be removed
Lib_MerkleTrie._makeNode(Lib_RLPReader.RLPItem[]) (contracts/libraries/trie/Lib_MerkleTrie.sol#644-654) is never used and should be removed
Lib_MerkleTrie._makeNode(bytes[]) (contracts/libraries/trie/Lib_MerkleTrie.sol#633-637) is never used and should be removed
Lib_MerkleTrie._removeHexPrefix(bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#785-795) is never used and should be removed
Lib_MerkleTrie.getSingleNodeRootHash(bytes,bytes) (contracts/libraries/trie/Lib_MerkleTrie.sol#145-151) is never used and should be removed
Lib_MerkleTrie.update(bytes,bytes,bytes,bytes32) (contracts/libraries/trie/Lib_MerkleTrie.sol#92-108) is never used and should be removed
Lib_OVMCodec.encodeTransaction(Lib_OVMCodec.Transaction) (contracts/libraries/codec/Lib_OVMCodec.sol#80-95) is never used and should be removed
Lib_OVMCodec.hashBatchHeader(Lib_OVMCodec.ChainBatchHeader) (contracts/libraries/codec/Lib_OVMCodec.sol#128-142) is never used and should be removed
Lib_OVMCodec.hashTransaction(Lib_OVMCodec.Transaction) (contracts/libraries/codec/Lib_OVMCodec.sol#102-104) is never used and should be removed
Lib_RLPReader.readAddress(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#225-233) is never used and should be removed
Lib_RLPReader.readAddress(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#240-242) is never used and should be removed
Lib_RLPReader.readBool(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#197-209) is never used and should be removed
Lib_RLPReader.readBool(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#216-218) is never used and should be removed
Lib_RLPReader.readBytes(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#117-119) is never used and should be removed
Lib_RLPReader.readBytes32(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#170-172) is never used and should be removed
Lib_RLPReader.readString(Lib_RLPReader.RLPItem) (contracts/libraries/rlp/Lib_RLPReader.sol#126-128) is never used and should be removed
Lib_RLPReader.readString(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#135-137) is never used and should be removed
Lib_RLPReader.readUint256(bytes) (contracts/libraries/rlp/Lib_RLPReader.sol#188-190) is never used and should be removed
Lib_RLPWriter._flatten(bytes[]) (contracts/libraries/rlp/Lib_RLPWriter.sol#177-207) is never used and should be removed
Lib_RLPWriter._memcpy(uint256,uint256,uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#143-169) is never used and should be removed
Lib_RLPWriter._toBinary(uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#118-134) is never used and should be removed
Lib_RLPWriter._writeLength(uint256,uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#88-110) is never used and should be removed
Lib_RLPWriter.writeAddress(address) (contracts/libraries/rlp/Lib_RLPWriter.sol#54-56) is never used and should be removed
Lib_RLPWriter.writeBool(bool) (contracts/libraries/rlp/Lib_RLPWriter.sol#72-76) is never used and should be removed
Lib_RLPWriter.writeBytes(bytes) (contracts/libraries/rlp/Lib_RLPWriter.sol#18-28) is never used and should be removed
Lib_RLPWriter.writeList(bytes[]) (contracts/libraries/rlp/Lib_RLPWriter.sol#35-38) is never used and should be removed
Lib_RLPWriter.writeString(string) (contracts/libraries/rlp/Lib_RLPWriter.sol#45-47) is never used and should be removed
Lib_RLPWriter.writeUint(uint256) (contracts/libraries/rlp/Lib_RLPWriter.sol#63-65) is never used and should be removed
Lib_SecureMerkleTrie.getSingleNodeRootHash(bytes,bytes) (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#81-88) is never used and should be removed
Lib_SecureMerkleTrie.update(bytes,bytes,bytes,bytes32) (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#48-56) is never used and should be removed
OwnableUpgradeable.__Ownable_init() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#28-31) is never used and should be removed
PausableUpgradeable.__Pausable_init() (@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol#33-36) is never used and should be removed
PausableUpgradeable._unpause() (@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol#92-95) is never used and should be removed
ReentrancyGuardUpgradeable.__ReentrancyGuard_init() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#39-41) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof) (contracts/L1/messaging/L1CrossDomainMessenger.sol#238-306):
- (success) = _target.call(_message) (contracts/L1/messaging/L1CrossDomainMessenger.sol#284)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Function OwnableUpgradeable.__Ownable_init() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#28-31) is not in mixedCase
Function OwnableUpgradeable.__Ownable_init_unchained() (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#33-35) is not in mixedCase
Variable OwnableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol#77) is not in mixedCase
Function PausableUpgradeable.__Pausable_init() (@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol#33-36) is not in mixedCase
Function PausableUpgradeable.__Pausable_init_unchained() (@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol#38-40) is not in mixedCase
Variable PausableUpgradeable.__gap (@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol#96) is not in mixedCase
Function ReentrancyGuardUpgradeable.__ReentrancyGuard_init() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#39-41) is not in mixedCase
Function ReentrancyGuardUpgradeable.__ReentrancyGuard_init_unchained() (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#43-45) is not in mixedCase
Variable ReentrancyGuardUpgradeable.__gap (@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol#67) is not in mixedCase
Function ContextUpgradeable.__Context_init() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#17-19) is not in mixedCase
Function ContextUpgradeable.__Context_init_unchained() (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#21-22) is not in mixedCase
Variable ContextUpgradeable.__gap (@openzeppelin/contracts-upgradeable/utils/ContextUpgradeable.sol#30) is not in mixedCase
Parameter L1CrossDomainMessenger.initialize(address)._libAddressManager (contracts/L1/messaging/L1CrossDomainMessenger.sol#83) is not in mixedCase
Parameter L1CrossDomainMessenger.blockMessage(bytes32)._xDomainCalldataHash (contracts/L1/messaging/L1CrossDomainMessenger.sol#109) is not in mixedCase
Parameter L1CrossDomainMessenger.allowMessage(bytes32)._xDomainCalldataHash (contracts/L1/messaging/L1CrossDomainMessenger.sol#118) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessage(address,bytes,uint32)._target (contracts/L1/messaging/L1CrossDomainMessenger.sol#138) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessage(address,bytes,uint32)._message (contracts/L1/messaging/L1CrossDomainMessenger.sol#139) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessage(address,bytes,uint32)._gasLimit (contracts/L1/messaging/L1CrossDomainMessenger.sol#140) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessageViaChainId(uint256,address,bytes,uint32)._chainId (contracts/L1/messaging/L1CrossDomainMessenger.sol#171) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessageViaChainId(uint256,address,bytes,uint32)._target (contracts/L1/messaging/L1CrossDomainMessenger.sol#172) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessageViaChainId(uint256,address,bytes,uint32)._message (contracts/L1/messaging/L1CrossDomainMessenger.sol#173) is not in mixedCase
Parameter L1CrossDomainMessenger.sendMessageViaChainId(uint256,address,bytes,uint32)._gasLimit (contracts/L1/messaging/L1CrossDomainMessenger.sol#174) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessage(address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._target (contracts/L1/messaging/L1CrossDomainMessenger.sol#212) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessage(address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._sender (contracts/L1/messaging/L1CrossDomainMessenger.sol#213) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessage(address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._message (contracts/L1/messaging/L1CrossDomainMessenger.sol#214) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessage(address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._messageNonce (contracts/L1/messaging/L1CrossDomainMessenger.sol#215) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessage(address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._proof (contracts/L1/messaging/L1CrossDomainMessenger.sol#216) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessage(address,address,bytes,uint256,uint32,uint32)._target (contracts/L1/messaging/L1CrossDomainMessenger.sol#227) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessage(address,address,bytes,uint256,uint32,uint32)._sender (contracts/L1/messaging/L1CrossDomainMessenger.sol#228) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessage(address,address,bytes,uint256,uint32,uint32)._message (contracts/L1/messaging/L1CrossDomainMessenger.sol#229) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessage(address,address,bytes,uint256,uint32,uint32)._queueIndex (contracts/L1/messaging/L1CrossDomainMessenger.sol#230) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessage(address,address,bytes,uint256,uint32,uint32)._oldGasLimit (contracts/L1/messaging/L1CrossDomainMessenger.sol#231) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessage(address,address,bytes,uint256,uint32,uint32)._newGasLimit (contracts/L1/messaging/L1CrossDomainMessenger.sol#232) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._chainId (contracts/L1/messaging/L1CrossDomainMessenger.sol#239) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._target (contracts/L1/messaging/L1CrossDomainMessenger.sol#240) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._sender (contracts/L1/messaging/L1CrossDomainMessenger.sol#241) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._message (contracts/L1/messaging/L1CrossDomainMessenger.sol#242) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._messageNonce (contracts/L1/messaging/L1CrossDomainMessenger.sol#243) is not in mixedCase
Parameter L1CrossDomainMessenger.relayMessageViaChainId(uint256,address,address,bytes,uint256,IL1CrossDomainMessenger.L2MessageInclusionProof)._proof (contracts/L1/messaging/L1CrossDomainMessenger.sol#244) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._chainId (contracts/L1/messaging/L1CrossDomainMessenger.sol#312) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._target (contracts/L1/messaging/L1CrossDomainMessenger.sol#313) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._sender (contracts/L1/messaging/L1CrossDomainMessenger.sol#314) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._message (contracts/L1/messaging/L1CrossDomainMessenger.sol#315) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._queueIndex (contracts/L1/messaging/L1CrossDomainMessenger.sol#316) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._oldGasLimit (contracts/L1/messaging/L1CrossDomainMessenger.sol#317) is not in mixedCase
Parameter L1CrossDomainMessenger.replayMessageViaChainId(uint256,address,address,bytes,uint256,uint32,uint32)._newGasLimit (contracts/L1/messaging/L1CrossDomainMessenger.sol#318) is not in mixedCase
Contract iMVM_DiscountOracle (contracts/MVM/iMVM_DiscountOracle.sol#4-30) is not in CapWords
Contract Lib_CrossDomainUtils (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#10-66) is not in CapWords
Parameter Lib_CrossDomainUtils.encodeXDomainCalldata(address,address,bytes,uint256)._target (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#20) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldata(address,address,bytes,uint256)._sender (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#21) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldata(address,address,bytes,uint256)._message (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#22) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldata(address,address,bytes,uint256)._messageNonce (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#23) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldataViaChainId(uint256,address,address,bytes,uint256)._chainId (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#45) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldataViaChainId(uint256,address,address,bytes,uint256)._target (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#46) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldataViaChainId(uint256,address,address,bytes,uint256)._sender (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#47) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldataViaChainId(uint256,address,address,bytes,uint256)._message (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#48) is not in mixedCase
Parameter Lib_CrossDomainUtils.encodeXDomainCalldataViaChainId(uint256,address,address,bytes,uint256)._messageNonce (contracts/libraries/bridge/Lib_CrossDomainUtils.sol#49) is not in mixedCase
Contract Lib_OVMCodec (contracts/libraries/codec/Lib_OVMCodec.sol#13-143) is not in CapWords
Parameter Lib_OVMCodec.encodeTransaction(Lib_OVMCodec.Transaction)._transaction (contracts/libraries/codec/Lib_OVMCodec.sol#80) is not in mixedCase
Parameter Lib_OVMCodec.hashTransaction(Lib_OVMCodec.Transaction)._transaction (contracts/libraries/codec/Lib_OVMCodec.sol#102) is not in mixedCase
Parameter Lib_OVMCodec.decodeEVMAccount(bytes)._encoded (contracts/libraries/codec/Lib_OVMCodec.sol#111) is not in mixedCase
Parameter Lib_OVMCodec.hashBatchHeader(Lib_OVMCodec.ChainBatchHeader)._batchHeader (contracts/libraries/codec/Lib_OVMCodec.sol#128) is not in mixedCase
Contract Lib_DefaultValues (contracts/libraries/constants/Lib_DefaultValues.sol#7-12) is not in CapWords
Contract Lib_PredeployAddresses (contracts/libraries/constants/Lib_PredeployAddresses.sol#7-25) is not in CapWords
Contract Lib_AddressManager (contracts/libraries/resolver/Lib_AddressManager.sol#10-61) is not in CapWords
Parameter Lib_AddressManager.setAddress(string,address)._name (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.setAddress(string,address)._address (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.getAddress(string)._name (contracts/libraries/resolver/Lib_AddressManager.sol#45) is not in mixedCase
Contract Lib_AddressResolver (contracts/libraries/resolver/Lib_AddressResolver.sol#10-40) is not in CapWords
Parameter Lib_AddressResolver.resolve(string)._name (contracts/libraries/resolver/Lib_AddressResolver.sol#37) is not in mixedCase
Contract Lib_RLPReader (contracts/libraries/rlp/Lib_RLPReader.sol#8-386) is not in CapWords
Parameter Lib_RLPReader.toRLPItem(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#42) is not in mixedCase
Parameter Lib_RLPReader.readList(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#56) is not in mixedCase
Parameter Lib_RLPReader.readList(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#95) is not in mixedCase
Parameter Lib_RLPReader.readBytes(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#104) is not in mixedCase
Parameter Lib_RLPReader.readBytes(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#117) is not in mixedCase
Parameter Lib_RLPReader.readString(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#126) is not in mixedCase
Parameter Lib_RLPReader.readString(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#135) is not in mixedCase
Parameter Lib_RLPReader.readBytes32(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#144) is not in mixedCase
Parameter Lib_RLPReader.readBytes32(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#170) is not in mixedCase
Parameter Lib_RLPReader.readUint256(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#179) is not in mixedCase
Parameter Lib_RLPReader.readUint256(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#188) is not in mixedCase
Parameter Lib_RLPReader.readBool(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#197) is not in mixedCase
Parameter Lib_RLPReader.readBool(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#216) is not in mixedCase
Parameter Lib_RLPReader.readAddress(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#225) is not in mixedCase
Parameter Lib_RLPReader.readAddress(bytes)._in (contracts/libraries/rlp/Lib_RLPReader.sol#240) is not in mixedCase
Parameter Lib_RLPReader.readRawBytes(Lib_RLPReader.RLPItem)._in (contracts/libraries/rlp/Lib_RLPReader.sol#249) is not in mixedCase
Contract Lib_RLPWriter (contracts/libraries/rlp/Lib_RLPWriter.sol#8-208) is not in CapWords
Parameter Lib_RLPWriter.writeBytes(bytes)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#18) is not in mixedCase
Parameter Lib_RLPWriter.writeList(bytes[])._in (contracts/libraries/rlp/Lib_RLPWriter.sol#35) is not in mixedCase
Parameter Lib_RLPWriter.writeString(string)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#45) is not in mixedCase
Parameter Lib_RLPWriter.writeAddress(address)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#54) is not in mixedCase
Parameter Lib_RLPWriter.writeUint(uint256)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#63) is not in mixedCase
Parameter Lib_RLPWriter.writeBool(bool)._in (contracts/libraries/rlp/Lib_RLPWriter.sol#72) is not in mixedCase
Contract Lib_MerkleTrie (contracts/libraries/trie/Lib_MerkleTrie.sol#12-827) is not in CapWords
Parameter Lib_MerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._key (contracts/libraries/trie/Lib_MerkleTrie.sol#71) is not in mixedCase
Parameter Lib_MerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._value (contracts/libraries/trie/Lib_MerkleTrie.sol#72) is not in mixedCase
Parameter Lib_MerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._proof (contracts/libraries/trie/Lib_MerkleTrie.sol#73) is not in mixedCase
Parameter Lib_MerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._root (contracts/libraries/trie/Lib_MerkleTrie.sol#74) is not in mixedCase
Parameter Lib_MerkleTrie.update(bytes,bytes,bytes,bytes32)._key (contracts/libraries/trie/Lib_MerkleTrie.sol#93) is not in mixedCase
Parameter Lib_MerkleTrie.update(bytes,bytes,bytes,bytes32)._value (contracts/libraries/trie/Lib_MerkleTrie.sol#94) is not in mixedCase
Parameter Lib_MerkleTrie.update(bytes,bytes,bytes,bytes32)._proof (contracts/libraries/trie/Lib_MerkleTrie.sol#95) is not in mixedCase
Parameter Lib_MerkleTrie.update(bytes,bytes,bytes,bytes32)._root (contracts/libraries/trie/Lib_MerkleTrie.sol#96) is not in mixedCase
Parameter Lib_MerkleTrie.get(bytes,bytes,bytes32)._key (contracts/libraries/trie/Lib_MerkleTrie.sol#119) is not in mixedCase
Parameter Lib_MerkleTrie.get(bytes,bytes,bytes32)._proof (contracts/libraries/trie/Lib_MerkleTrie.sol#120) is not in mixedCase
Parameter Lib_MerkleTrie.get(bytes,bytes,bytes32)._root (contracts/libraries/trie/Lib_MerkleTrie.sol#121) is not in mixedCase
Parameter Lib_MerkleTrie.getSingleNodeRootHash(bytes,bytes)._key (contracts/libraries/trie/Lib_MerkleTrie.sol#145) is not in mixedCase
Parameter Lib_MerkleTrie.getSingleNodeRootHash(bytes,bytes)._value (contracts/libraries/trie/Lib_MerkleTrie.sol#145) is not in mixedCase
Contract Lib_SecureMerkleTrie (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#10-102) is not in CapWords
Parameter Lib_SecureMerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._key (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#28) is not in mixedCase
Parameter Lib_SecureMerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._value (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#29) is not in mixedCase
Parameter Lib_SecureMerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._proof (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#30) is not in mixedCase
Parameter Lib_SecureMerkleTrie.verifyInclusionProof(bytes,bytes,bytes,bytes32)._root (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#31) is not in mixedCase
Parameter Lib_SecureMerkleTrie.update(bytes,bytes,bytes,bytes32)._key (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#49) is not in mixedCase
Parameter Lib_SecureMerkleTrie.update(bytes,bytes,bytes,bytes32)._value (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#50) is not in mixedCase
Parameter Lib_SecureMerkleTrie.update(bytes,bytes,bytes,bytes32)._proof (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#51) is not in mixedCase
Parameter Lib_SecureMerkleTrie.update(bytes,bytes,bytes,bytes32)._root (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#52) is not in mixedCase
Parameter Lib_SecureMerkleTrie.get(bytes,bytes,bytes32)._key (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#67) is not in mixedCase
Parameter Lib_SecureMerkleTrie.get(bytes,bytes,bytes32)._proof (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#68) is not in mixedCase
Parameter Lib_SecureMerkleTrie.get(bytes,bytes,bytes32)._root (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#69) is not in mixedCase
Parameter Lib_SecureMerkleTrie.getSingleNodeRootHash(bytes,bytes)._key (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#81) is not in mixedCase
Parameter Lib_SecureMerkleTrie.getSingleNodeRootHash(bytes,bytes)._value (contracts/libraries/trie/Lib_SecureMerkleTrie.sol#81) is not in mixedCase
Contract Lib_Bytes32Utils (contracts/libraries/utils/Lib_Bytes32Utils.sol#7-47) is not in CapWords
Parameter Lib_Bytes32Utils.toBool(bytes32)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#17) is not in mixedCase
Parameter Lib_Bytes32Utils.fromBool(bool)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#26) is not in mixedCase
Parameter Lib_Bytes32Utils.toAddress(bytes32)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#35) is not in mixedCase
Parameter Lib_Bytes32Utils.fromAddress(address)._in (contracts/libraries/utils/Lib_Bytes32Utils.sol#44) is not in mixedCase
Contract Lib_BytesUtils (contracts/libraries/utils/Lib_BytesUtils.sol#7-127) is not in CapWords
Parameter Lib_BytesUtils.slice(bytes,uint256,uint256)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#13) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256,uint256)._start (contracts/libraries/utils/Lib_BytesUtils.sol#14) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256,uint256)._length (contracts/libraries/utils/Lib_BytesUtils.sol#15) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#79) is not in mixedCase
Parameter Lib_BytesUtils.slice(bytes,uint256)._start (contracts/libraries/utils/Lib_BytesUtils.sol#79) is not in mixedCase
Parameter Lib_BytesUtils.toBytes32(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#87) is not in mixedCase
Parameter Lib_BytesUtils.toUint256(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#99) is not in mixedCase
Parameter Lib_BytesUtils.toNibbles(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#103) is not in mixedCase
Parameter Lib_BytesUtils.fromNibbles(bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#114) is not in mixedCase
Parameter Lib_BytesUtils.equal(bytes,bytes)._bytes (contracts/libraries/utils/Lib_BytesUtils.sol#124) is not in mixedCase
Parameter Lib_BytesUtils.equal(bytes,bytes)._other (contracts/libraries/utils/Lib_BytesUtils.sol#124) is not in mixedCase
Constant AddressAliasHelper.offset (contracts/standards/AddressAliasHelper.sol#22) is not in UPPER_CASE_WITH_UNDERSCORES
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x8bf439ef7167023f009e24b21719ca5f768ecb36 analyzed (27 contracts with 82 detectors), 228 result(s) found
Slither report for Lib_AddressManager at `0x918778e825747a892b17C66fe7D24C618262867d`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x918778e825747a892b17c66fe7d24c618262867d-Lib_AddressManager' running
INFO:Detectors:
Context._msgData() (@openzeppelin/contracts/utils/Context.sol#20-22) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Contract Lib_AddressManager (contracts/libraries/resolver/Lib_AddressManager.sol#10-61) is not in CapWords
Parameter Lib_AddressManager.setAddress(string,address)._name (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.setAddress(string,address)._address (contracts/libraries/resolver/Lib_AddressManager.sol#32) is not in mixedCase
Parameter Lib_AddressManager.getAddress(string)._name (contracts/libraries/resolver/Lib_AddressManager.sol#45) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0x918778e825747a892b17c66fe7d24c618262867d analyzed (3 contracts with 82 detectors), 5 result(s) found
Slither report for AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x96f68837877fd0414b55050c9e794aecdbcfca59-AaveTokenV2' running
Warning: src/contracts/AaveTokenV2.sol:453:18: Warning: This declaration shadows an existing declaration.
constructor (string memory name, string memory symbol) public {
^----------------^
src/contracts/AaveTokenV2.sol:462:5: The shadowed declaration is here:
function name() public view returns (string memory) {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:453:38: Warning: This declaration shadows an existing declaration.
constructor (string memory name, string memory symbol) public {
^------------------^
src/contracts/AaveTokenV2.sol:470:5: The shadowed declaration is here:
function symbol() public view returns (string memory) {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:35:3: Warning: Interface functions are implicitly "virtual"
function delegateByType(address delegatee, DelegationType delegationType) external virtual;
^-----------------------------------------------------------------------------------------^
Warning: src/contracts/AaveTokenV2.sol:40:3: Warning: Interface functions are implicitly "virtual"
function delegate(address delegatee) external virtual;
^----------------------------------------------------^
Warning: src/contracts/AaveTokenV2.sol:45:3: Warning: Interface functions are implicitly "virtual"
function getDelegateeByType(address delegator, DelegationType delegationType)
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:56:3: Warning: Interface functions are implicitly "virtual"
function getPowerCurrent(address user, DelegationType delegationType)
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:66:3: Warning: Interface functions are implicitly "virtual"
function getPowerAtBlock(
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:75:3: Warning: Interface functions are implicitly "virtual"
function totalSupplyAt(uint256 blockNumber) external virtual view returns (uint256);
^----------------------------------------------------------------------------------^
Warning: src/contracts/AaveTokenV2.sol:453:5: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
constructor (string memory name, string memory symbol) public {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:1164:3: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
constructor() ERC20(NAME, SYMBOL) public {
^ (Relevant source part starts here and spans across multiple lines).
Warning: src/contracts/AaveTokenV2.sol:913:26: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
function totalSupplyAt(uint256 blockNumber) external override view returns (uint256) {
^-----------------^
Warning: src/contracts/AaveTokenV2.sol:1079:5: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
uint128 oldValue,
^--------------^
INFO:Detectors:
AaveTokenV2._votingSnapshots (src/contracts/AaveTokenV2.sol#1137) is never initialized. It is used in:
- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
AaveTokenV2._votingSnapshotsCounts (src/contracts/AaveTokenV2.sol#1139) is never initialized. It is used in:
- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
AaveTokenV2._aaveGovernance (src/contracts/AaveTokenV2.sol#1144) is never initialized. It is used in:
- AaveTokenV2._beforeTokenTransfer(address,address,uint256) (src/contracts/AaveTokenV2.sol#1236-1266)
AaveTokenV2.DOMAIN_SEPARATOR (src/contracts/AaveTokenV2.sol#1146) is never initialized. It is used in:
- AaveTokenV2.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1194-1218)
- AaveTokenV2.delegateByTypeBySig(address,IGovernancePowerDelegationToken.DelegationType,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1299-1317)
- AaveTokenV2.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1328-1344)
AaveTokenV2._propositionPowerSnapshots (src/contracts/AaveTokenV2.sol#1157) is never initialized. It is used in:
- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
AaveTokenV2._propositionPowerSnapshotsCounts (src/contracts/AaveTokenV2.sol#1158) is never initialized. It is used in:
- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables
INFO:Detectors:
GovernancePowerDelegationERC20._searchByBlockNumber(mapping(address => mapping(uint256 => GovernancePowerDelegationERC20.Snapshot)),mapping(address => uint256),address,uint256) (src/contracts/AaveTokenV2.sol#1012-1050) uses a dangerous strict equality:
- snapshot.blockNumber == blockNumber (src/contracts/AaveTokenV2.sol#1041)
GovernancePowerDelegationERC20._writeSnapshot(mapping(address => mapping(uint256 => GovernancePowerDelegationERC20.Snapshot)),mapping(address => uint256),address,uint128,uint128) (src/contracts/AaveTokenV2.sol#1075-1097) uses a dangerous strict equality:
- ownerSnapshotsCount != 0 && snapshotsOwner[ownerSnapshotsCount - 1].blockNumber == currentBlock (src/contracts/AaveTokenV2.sol#1089-1090)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
ERC20.constructor(string,string).name (src/contracts/AaveTokenV2.sol#453) shadows:
- ERC20.name() (src/contracts/AaveTokenV2.sol#462-464) (function)
ERC20.constructor(string,string).symbol (src/contracts/AaveTokenV2.sol#453) shadows:
- ERC20.symbol() (src/contracts/AaveTokenV2.sol#470-472) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
Reentrancy in AaveTokenV2.initialize(address[],uint256[],address,address,uint256) (src/contracts/AaveTokenV2.sol#1171-1181):
External calls:
- IERC20(tokens[i]).safeTransfer(aaveMerkleDistributor,amounts[i]) (src/contracts/AaveTokenV2.sol#1175)
Event emitted after the call(s):
- TokensRescued(tokens[i],aaveMerkleDistributor,amounts[i]) (src/contracts/AaveTokenV2.sol#1177)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
AaveTokenV2.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1194-1218) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,INVALID_EXPIRATION) (src/contracts/AaveTokenV2.sol#1205)
AaveTokenV2.delegateByTypeBySig(address,IGovernancePowerDelegationToken.DelegationType,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1299-1317) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= expiry,INVALID_EXPIRATION) (src/contracts/AaveTokenV2.sol#1315)
AaveTokenV2.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1328-1344) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= expiry,INVALID_EXPIRATION) (src/contracts/AaveTokenV2.sol#1341)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.isContract(address) (src/contracts/AaveTokenV2.sol#368-379) uses assembly
- INLINE ASM (src/contracts/AaveTokenV2.sol#375-377)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (src/contracts/AaveTokenV2.sol#397-403) is never used and should be removed
Context._msgData() (src/contracts/AaveTokenV2.sol#94-97) is never used and should be removed
ERC20._beforeTokenTransfer(address,address,uint256) (src/contracts/AaveTokenV2.sol#702) is never used and should be removed
ERC20._burn(address,uint256) (src/contracts/AaveTokenV2.sol#646-654) is never used and should be removed
ERC20._mint(address,uint256) (src/contracts/AaveTokenV2.sol#625-633) is never used and should be removed
ERC20._setupDecimals(uint8) (src/contracts/AaveTokenV2.sol#684-686) is never used and should be removed
SafeERC20.safeApprove(IERC20,address,uint256) (src/contracts/AaveTokenV2.sol#745-755) is never used and should be removed
SafeERC20.safeTransferFrom(IERC20,address,address,uint256) (src/contracts/AaveTokenV2.sol#736-743) is never used and should be removed
SafeMath.div(uint256,uint256) (src/contracts/AaveTokenV2.sol#280-282) is never used and should be removed
SafeMath.div(uint256,uint256,string) (src/contracts/AaveTokenV2.sol#295-306) is never used and should be removed
SafeMath.mod(uint256,uint256) (src/contracts/AaveTokenV2.sol#319-321) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (src/contracts/AaveTokenV2.sol#334-341) is never used and should be removed
SafeMath.mul(uint256,uint256) (src/contracts/AaveTokenV2.sol#255-267) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (src/contracts/AaveTokenV2.sol#397-403):
- (success) = recipient.call{value: amount}() (src/contracts/AaveTokenV2.sol#401)
Low level call in SafeERC20.callOptionalReturn(IERC20,bytes) (src/contracts/AaveTokenV2.sol#757-769):
- (success,returndata) = address(token).call(data) (src/contracts/AaveTokenV2.sol#761)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Variable ERC20._name (src/contracts/AaveTokenV2.sol#440) is not in mixedCase
Variable ERC20._symbol (src/contracts/AaveTokenV2.sol#441) is not in mixedCase
Variable VersionedInitializable.______gap (src/contracts/AaveTokenV2.sol#809) is not in mixedCase
Variable AaveTokenV2._nonces (src/contracts/AaveTokenV2.sol#1135) is not in mixedCase
Variable AaveTokenV2._votingSnapshots (src/contracts/AaveTokenV2.sol#1137) is not in mixedCase
Variable AaveTokenV2._votingSnapshotsCounts (src/contracts/AaveTokenV2.sol#1139) is not in mixedCase
Variable AaveTokenV2._aaveGovernance (src/contracts/AaveTokenV2.sol#1144) is not in mixedCase
Variable AaveTokenV2.DOMAIN_SEPARATOR (src/contracts/AaveTokenV2.sol#1146) is not in mixedCase
Variable AaveTokenV2._votingDelegates (src/contracts/AaveTokenV2.sol#1155) is not in mixedCase
Variable AaveTokenV2._propositionPowerSnapshots (src/contracts/AaveTokenV2.sol#1157) is not in mixedCase
Variable AaveTokenV2._propositionPowerSnapshotsCounts (src/contracts/AaveTokenV2.sol#1158) is not in mixedCase
Variable AaveTokenV2._propositionPowerDelegates (src/contracts/AaveTokenV2.sol#1160) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (src/contracts/AaveTokenV2.sol#95)" inContext (src/contracts/AaveTokenV2.sol#89-98)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Detectors:
AaveTokenV2.DECIMALS (src/contracts/AaveTokenV2.sol#1130) is never used in AaveTokenV2 (src/contracts/AaveTokenV2.sol#1124-1346)
AaveTokenV2.EIP712_DOMAIN (src/contracts/AaveTokenV2.sol#1148-1150) is never used in AaveTokenV2 (src/contracts/AaveTokenV2.sol#1124-1346)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variable
INFO:Slither:0x96f68837877fd0414b55050c9e794aecdbcfca59 analyzed (11 contracts with 82 detectors), 45 result(s) found
Slither report for GovernanceStrategy at `0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e`
'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
INFO:Detectors:
GovernanceStrategy.constructor(address,address).aave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#78) lacks a zero-check on :
- AAVE = aave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#79)
GovernanceStrategy.constructor(address,address).stkAave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#78) lacks a zero-check on :
- STK_AAVE = stkAave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#80)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Variable GovernanceStrategy.AAVE (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#70) is not in mixedCase
Variable GovernanceStrategy.STK_AAVE (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#71) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e analyzed (4 contracts with 82 detectors), 4 result(s) found