SupplyCapLSTs

ID: 314
Proposer: 0x329c54289Ff5D6B7b7daE13592C6B1EDA1543eD4
Targets: 0x158a6bC04F0828318821baE797f50B0A1299d45b
Executor: 0xEE56e2B3D491590B5b31738cC34d5232F378a8D5 (Short executor)
Simulation: https://dashboard.tenderly.co/me/simulator/78d17dfb-239a-4804-8b1f-5e2a73341342

Subreports

Polygon

Proposal text

Simple Summary

This proposal seeks to increase the supply cap for the wstETH and stMatic tokens on the AAVE Polygon V3 markets.

This proposal is compatible with the Direct-to-AIP framework.

Motivation

On the AAVE Polygon V3 market, the utilization of the supply cap reached 95% for stMatic and 100% for the wstETH, preventing the deposit of more assets for the latter. By augmenting those caps we would be helping the ecosystems that have been built around those products and increasing the user experience of the AAVE users, resulting in higher TVL and protocol revenue through the borrowing of WMatic and WETH.

The total supplies of those assets increased recently, which allows the adjustement of those caps while staying below 75% of the total supplies.

Specification

The following parameters would be modified for the stMatic and wstETH tokens:

Token	Current supply cap	Proposed supply cap	Increase	Total Supply	Total Supply (%)
stMatic Polygon V3	57M	66M	~16%	88.9M	75%
wstETH Polygon V3	3450	4125	~19%	5.5k	75%

Contract:

stMatic Polygon: 0x3a58a54c066fdc0f2d55fc9c89f0415c92ebf3c4
wstETH Polygon: 0x03b54a6e9a984069379fae1a4fc4dbae93b3bccd

References

Implementation: Polygon
Tests: Polygon
[Snapshot](No snapshot for Direct-to-AIP)
Discussion

Copyright

Copyright and related rights waived via CC0.

Checks

Reports all state changes from the proposal ✅ Passed

Info:

State changes:

# StateSender at `0x28e4F3a7f651294B9564800b2D01f35189A5bFbE`
@@ counter @@
- 2762279
+ 2762280

Check stack trace of the proposal ✅ Passed

Info:

There is no SELFDESTRUCT inside of delegated call

Reports all events emitted from the proposal ✅ Passed

Info:

Events Emitted:
- StateSender at 0x28e4F3a7f651294B9564800b2D01f35189A5bFbE
  - StateSynced(id: 2762280, contractAddress: 0x8397259c983751daf40400790063935a11afa28a, data: 0x000000000000000000000000ee56e2b3d491590b5b31738cc34d5232f378a8d5000000000000000000000000dc9a35b16db4e126cfedc41322b3a36454b1f7720000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000024000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000e0000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000001a0000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000010000000000000000000000009951f4eec081ce1ba383261b1acb2711b5e7631b00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000009657865637574652829000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001)

Check all targets are verified on Etherscan ✅ Passed

Info:

Targets:
- 0x158a6bC04F0828318821baE797f50B0A1299d45b: Contract (not verified)

Check all touched contracts are verified on Etherscan ✅ Passed

Info:

Touched address:
- 0xd73a92be73efbfcf3854433a5fcbabf9c1316073: EOA (verification not applicable)
- 0xec568fffba86c094cf06b22134b23074dfe2252c: Contract (verified) (AaveGovernanceV2)
- 0xee56e2b3d491590b5b31738cc34d5232f378a8d5: Contract (verified) (Executor)
- 0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e: Contract (verified) (GovernanceStrategy)
- 0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9: Contract (verified) (InitializableAdminUpgradeabilityProxy)
- 0x96f68837877fd0414b55050c9e794aecdbcfca59: Contract (verified) (AaveTokenV2)
- 0x158a6bc04f0828318821bae797f50b0a1299d45b: Contract (verified) (CrosschainForwarderPolygon)
- 0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2: Contract (verified) (FxRoot)
- 0x28e4f3a7f651294b9564800b2d01f35189a5bfbe: Contract (verified) (StateSender)

Runs solc against the verified contracts ✅ Passed

Info:

View Details

View warnings for CrosschainForwarderPolygon at `0x158a6bC04F0828318821baE797f50B0A1299d45b`

INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running

View warnings for StateSender at `0x28e4F3a7f651294B9564800b2D01f35189A5bFbE`

INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running

View warnings for InitializableAdminUpgradeabilityProxy (Aave) at `0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9` with implementation AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`

INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9-InitializableAdminUpgradeabilityProxy' running
WARNING:CryticCompile:Warning: contracts/open-zeppelin/Address.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/BaseUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/Proxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/SafeMath.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/UpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol:13:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
  fallback () payable external {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
  fallback () payable external {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, InitializableUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
  fallback () payable external {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: contracts/utils/MockTransferHook.sol:9:25: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    function onTransfer(address from, address to, uint256 amount) external override {
                        ^----------^

Warning: contracts/utils/MockTransferHook.sol:9:39: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    function onTransfer(address from, address to, uint256 amount) external override {
                                      ^--------^

Warning: contracts/utils/MockTransferHook.sol:9:51: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    function onTransfer(address from, address to, uint256 amount) external override {
                                                  ^------------^

View warnings for AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`

INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x96f68837877fd0414b55050c9e794aecdbcfca59-AaveTokenV2' running
WARNING:CryticCompile:Warning: src/contracts/AaveTokenV2.sol:453:18: Warning: This declaration shadows an existing declaration.
    constructor (string memory name, string memory symbol) public {
                 ^----------------^
src/contracts/AaveTokenV2.sol:462:5: The shadowed declaration is here:
    function name() public view returns (string memory) {
    ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:453:38: Warning: This declaration shadows an existing declaration.
    constructor (string memory name, string memory symbol) public {
                                     ^------------------^
src/contracts/AaveTokenV2.sol:470:5: The shadowed declaration is here:
    function symbol() public view returns (string memory) {
    ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:35:3: Warning: Interface functions are implicitly "virtual"
  function delegateByType(address delegatee, DelegationType delegationType) external virtual;
  ^-----------------------------------------------------------------------------------------^

Warning: src/contracts/AaveTokenV2.sol:40:3: Warning: Interface functions are implicitly "virtual"
  function delegate(address delegatee) external virtual;
  ^----------------------------------------------------^

Warning: src/contracts/AaveTokenV2.sol:45:3: Warning: Interface functions are implicitly "virtual"
  function getDelegateeByType(address delegator, DelegationType delegationType)
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:56:3: Warning: Interface functions are implicitly "virtual"
  function getPowerCurrent(address user, DelegationType delegationType)
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:66:3: Warning: Interface functions are implicitly "virtual"
  function getPowerAtBlock(
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:75:3: Warning: Interface functions are implicitly "virtual"
  function totalSupplyAt(uint256 blockNumber) external virtual view returns (uint256);
  ^----------------------------------------------------------------------------------^

Warning: src/contracts/AaveTokenV2.sol:453:5: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
    constructor (string memory name, string memory symbol) public {
    ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:1164:3: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
  constructor() ERC20(NAME, SYMBOL) public {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:913:26: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
  function totalSupplyAt(uint256 blockNumber) external override view returns (uint256) {
                         ^-----------------^

Warning: src/contracts/AaveTokenV2.sol:1079:5: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    uint128 oldValue,
    ^--------------^

View warnings for GovernanceStrategy at `0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e`

INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running

View warnings for FxRoot at `0xfe5e5D361b2ad62c541bAb87C45a0B9B018389a2`

INFO:CryticCompile:'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running

Runs slither against the verified contracts ✅ Passed

Info:

View Details

Slither report for CrosschainForwarderPolygon at `0x158a6bC04F0828318821baE797f50B0A1299d45b`

'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
INFO:Slither:0x158a6bc04f0828318821bae797f50b0a1299d45b analyzed (2 contracts with 82 detectors), 0 result(s) found

Slither report for StateSender at `0x28e4F3a7f651294B9564800b2D01f35189A5bFbE`

'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
INFO:Detectors:
SafeMath.div(uint256,uint256) (crytic-export/etherscan-contracts/0x28e4f3a7f651294b9564800b2d01f35189a5bfbe-StateSender.sol#96-103) is never used and should be removed
SafeMath.mod(uint256,uint256) (crytic-export/etherscan-contracts/0x28e4f3a7f651294b9564800b2d01f35189a5bfbe-StateSender.sol#129-132) is never used and should be removed
SafeMath.mul(uint256,uint256) (crytic-export/etherscan-contracts/0x28e4f3a7f651294b9564800b2d01f35189a5bfbe-StateSender.sol#79-91) is never used and should be removed
SafeMath.sub(uint256,uint256) (crytic-export/etherscan-contracts/0x28e4f3a7f651294b9564800b2d01f35189a5bfbe-StateSender.sol#108-113) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Slither:0x28e4f3a7f651294b9564800b2d01f35189a5bfbe analyzed (3 contracts with 82 detectors), 4 result(s) found

Slither report for InitializableAdminUpgradeabilityProxy (Aave) at `0x7Fc66500c84A76Ad7e9c93437bFc5Ac33E2DDaE9` with implementation AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`

'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9-InitializableAdminUpgradeabilityProxy' running
Warning: contracts/open-zeppelin/Address.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/BaseUpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/Proxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/SafeMath.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/UpgradeabilityProxy.sol: Warning: SPDX license identifier not provided in source file. Before publishing, consider adding a comment containing "SPDX-License-Identifier: <SPDX-License>" to each source file. Use "SPDX-License-Identifier: UNLICENSED" for non-open-source code. Please see https://spdx.org for more information.

Warning: contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol:13:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract BaseAdminUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
  fallback () payable external {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol:11:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableUpgradeabilityProxy is BaseUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
  fallback () payable external {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol:12:1: Warning: This contract has a payable fallback function, but no receive ether function. Consider adding a receive ether function.
contract InitializableAdminUpgradeabilityProxy is BaseAdminUpgradeabilityProxy, InitializableUpgradeabilityProxy {
^ (Relevant source part starts here and spans across multiple lines).
contracts/open-zeppelin/Proxy.sol:15:3: The payable fallback function is defined here.
  fallback () payable external {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: contracts/utils/MockTransferHook.sol:9:25: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    function onTransfer(address from, address to, uint256 amount) external override {
                        ^----------^

Warning: contracts/utils/MockTransferHook.sol:9:39: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    function onTransfer(address from, address to, uint256 amount) external override {
                                      ^--------^

Warning: contracts/utils/MockTransferHook.sol:9:51: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    function onTransfer(address from, address to, uint256 amount) external override {
                                                  ^------------^


INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20-28) uses delegatecall to a input-controlled function id
	- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#controlled-delegatecall
INFO:Detectors:
LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68) ignores return value by LEND.transferFrom(msg.sender,address(this),amount) (contracts/token/LendToAaveMigrator.sol#65)
LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68) ignores return value by AAVE.transfer(msg.sender,amount.div(LEND_AAVE_RATIO)) (contracts/token/LendToAaveMigrator.sol#66)
DoubleTransferHelper.doubleSend(address,uint256,uint256) (contracts/utils/DoubleTransferHelper.sol#14-17) ignores return value by AAVE.transfer(to,amount1) (contracts/utils/DoubleTransferHelper.sol#15)
DoubleTransferHelper.doubleSend(address,uint256,uint256) (contracts/utils/DoubleTransferHelper.sol#14-17) ignores return value by AAVE.transfer(to,amount2) (contracts/utils/DoubleTransferHelper.sol#16)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unchecked-transfer
INFO:Detectors:
AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153) uses a dangerous strict equality:
	- ownerCountOfSnapshots != 0 && snapshotsOwner[ownerCountOfSnapshots.sub(1)].blockNumber == currentBlock (contracts/token/AaveToken.sol#145)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
Reentrancy in AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85):
	External calls:
	- _mint(migrator,MIGRATION_AMOUNT) (contracts/token/AaveToken.sol#83)
		- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
	- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
		- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
	State variables written after the call(s):
	- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
		- _balances[account] = _balances[account].add(amount) (contracts/open-zeppelin/ERC20.sol#235)
	ERC20._balances (contracts/open-zeppelin/ERC20.sol#38) can be used in cross function reentrancies:
	- ERC20._mint(address,uint256) (contracts/open-zeppelin/ERC20.sol#229-237)
	- ERC20._transfer(address,address,uint256) (contracts/open-zeppelin/ERC20.sol#209-218)
	- ERC20.balanceOf(address) (contracts/open-zeppelin/ERC20.sol#105-107)
	- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
		- _countsSnapshots[owner] = ownerCountOfSnapshots.add(1) (contracts/token/AaveToken.sol#149)
	AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38) can be used in cross function reentrancies:
	- AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38)
	- AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153)
	- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
		- snapshotsOwner[ownerCountOfSnapshots.sub(1)].value = newValue (contracts/token/AaveToken.sol#146)
		- snapshotsOwner[ownerCountOfSnapshots] = Snapshot(currentBlock,newValue) (contracts/token/AaveToken.sol#148)
	AaveToken._snapshots (contracts/token/AaveToken.sol#36) can be used in cross function reentrancies:
	- AaveToken._snapshots (contracts/token/AaveToken.sol#36)
	- AaveToken._writeSnapshot(address,uint128,uint128) (contracts/token/AaveToken.sol#138-153)
	- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
		- _totalSupply = _totalSupply.add(amount) (contracts/open-zeppelin/ERC20.sol#234)
	ERC20._totalSupply (contracts/open-zeppelin/ERC20.sol#42) can be used in cross function reentrancies:
	- ERC20._mint(address,uint256) (contracts/open-zeppelin/ERC20.sol#229-237)
	- ERC20.totalSupply() (contracts/open-zeppelin/ERC20.sol#98-100)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
INFO:Detectors:
ERC20.constructor(string,string).name (contracts/open-zeppelin/ERC20.sol#57) shadows:
	- ERC20.name() (contracts/open-zeppelin/ERC20.sol#66-68) (function)
ERC20.constructor(string,string).symbol (contracts/open-zeppelin/ERC20.sol#57) shadows:
	- ERC20.symbol() (contracts/open-zeppelin/ERC20.sol#74-76) (function)
InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._admin (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) shadows:
	- BaseAdminUpgradeabilityProxy._admin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#94-99) (function)
MintableErc20.constructor(string,string,uint8).name (contracts/utils/MintableErc20.sol#11) shadows:
	- ERC20.name() (contracts/open-zeppelin/ERC20.sol#66-68) (function)
MintableErc20.constructor(string,string,uint8).symbol (contracts/utils/MintableErc20.sol#11) shadows:
	- ERC20.symbol() (contracts/open-zeppelin/ERC20.sol#74-76) (function)
MintableErc20.constructor(string,string,uint8).decimals (contracts/utils/MintableErc20.sol#11) shadows:
	- ERC20.decimals() (contracts/open-zeppelin/ERC20.sol#91-93) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) lacks a zero-check on :
		- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes).newImplementation (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#85) lacks a zero-check on :
		- (success) = newImplementation.delegatecall(data) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#87)
UpgradeabilityProxy.constructor(address,bytes)._logic (contracts/open-zeppelin/UpgradeabilityProxy.sol#19) lacks a zero-check on :
		- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/UpgradeabilityProxy.sol#23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Modifier BaseAdminUpgradeabilityProxy.ifAdmin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#34-40) does not always execute _; or revertReference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-modifier
INFO:Detectors:
Reentrancy in AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85):
	External calls:
	- _mint(migrator,MIGRATION_AMOUNT) (contracts/token/AaveToken.sol#83)
		- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
	- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
		- aaveGovernance.onTransfer(from,to,amount) (contracts/token/AaveToken.sol#181)
	Event emitted after the call(s):
	- SnapshotDone(owner,oldValue,newValue) (contracts/token/AaveToken.sol#152)
		- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
	- Transfer(address(0),account,amount) (contracts/open-zeppelin/ERC20.sol#236)
		- _mint(distributor,DISTRIBUTION_AMOUNT) (contracts/token/AaveToken.sol#84)
Reentrancy in LendToAaveMigrator.migrateFromLEND(uint256) (contracts/token/LendToAaveMigrator.sol#61-68):
	External calls:
	- LEND.transferFrom(msg.sender,address(this),amount) (contracts/token/LendToAaveMigrator.sol#65)
	- AAVE.transfer(msg.sender,amount.div(LEND_AAVE_RATIO)) (contracts/token/LendToAaveMigrator.sol#66)
	Event emitted after the call(s):
	- LendMigrated(msg.sender,amount) (contracts/token/LendToAaveMigrator.sol#67)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
AaveToken.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (contracts/token/AaveToken.sol#98-123) uses timestamp for comparisons
	Dangerous comparisons:
	- require(bool,string)(block.timestamp <= deadline,INVALID_EXPIRATION) (contracts/token/AaveToken.sol#109)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.isContract(address) (contracts/open-zeppelin/Address.sol#24-33) uses assembly
	- INLINE ASM (contracts/open-zeppelin/Address.sol#31)
BaseAdminUpgradeabilityProxy._admin() (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#94-99) uses assembly
	- INLINE ASM (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#96-98)
BaseAdminUpgradeabilityProxy._setAdmin(address) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#105-111) uses assembly
	- INLINE ASM (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#108-110)
BaseUpgradeabilityProxy._implementation() (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#30-35) uses assembly
	- INLINE ASM (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#32-34)
BaseUpgradeabilityProxy._setImplementation(address) (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#50-58) uses assembly
	- INLINE ASM (contracts/open-zeppelin/BaseUpgradeabilityProxy.sol#55-57)
Proxy._delegate(address) (contracts/open-zeppelin/Proxy.sol#30-49) uses assembly
	- INLINE ASM (contracts/open-zeppelin/Proxy.sol#31-48)
AaveToken.initialize(address,address,ITransferHook) (contracts/token/AaveToken.sol#59-85) uses assembly
	- INLINE ASM (contracts/token/AaveToken.sol#68-70)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (contracts/open-zeppelin/Address.sol#51-57) is never used and should be removed
Context._msgData() (contracts/open-zeppelin/Context.sol#20-23) is never used and should be removed
ERC20._burn(address,uint256) (contracts/open-zeppelin/ERC20.sol#250-258) is never used and should be removed
SafeMath.mod(uint256,uint256) (contracts/open-zeppelin/SafeMath.sol#131-133) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (contracts/open-zeppelin/SafeMath.sol#146-149) is never used and should be removed
SafeMath.mul(uint256,uint256) (contracts/open-zeppelin/SafeMath.sol#71-83) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (contracts/open-zeppelin/Address.sol#51-57):
	- (success) = recipient.call{value: amount}() (contracts/open-zeppelin/Address.sol#55)
Low level call in BaseAdminUpgradeabilityProxy.upgradeToAndCall(address,bytes) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#85-89):
	- (success) = newImplementation.delegatecall(data) (contracts/open-zeppelin/BaseAdminUpgradeabilityProxy.sol#87)
Low level call in InitializableUpgradeabilityProxy.initialize(address,bytes) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20-28):
	- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#25)
Low level call in UpgradeabilityProxy.constructor(address,bytes) (contracts/open-zeppelin/UpgradeabilityProxy.sol#19-26):
	- (success) = _logic.delegatecall(_data) (contracts/open-zeppelin/UpgradeabilityProxy.sol#23)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
DoubleTransferHelper (contracts/utils/DoubleTransferHelper.sol#6-19) should inherit from VersionedInitializable (contracts/utils/VersionedInitializable.sol#18-44)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-inheritance
INFO:Detectors:
Variable ERC20._name (contracts/open-zeppelin/ERC20.sol#44) is not in mixedCase
Variable ERC20._symbol (contracts/open-zeppelin/ERC20.sol#45) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._logic (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._admin (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableAdminUpgradeabilityProxy.initialize(address,address,bytes)._data (contracts/open-zeppelin/InitializableAdminUpgradeabilityProxy.sol#22) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._logic (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Parameter InitializableUpgradeabilityProxy.initialize(address,bytes)._data (contracts/open-zeppelin/InitializableUpgradeabilityProxy.sol#20) is not in mixedCase
Variable AaveToken._nonces (contracts/token/AaveToken.sol#34) is not in mixedCase
Variable AaveToken._snapshots (contracts/token/AaveToken.sol#36) is not in mixedCase
Variable AaveToken._countsSnapshots (contracts/token/AaveToken.sol#38) is not in mixedCase
Variable AaveToken._aaveGovernance (contracts/token/AaveToken.sol#43) is not in mixedCase
Variable AaveToken.DOMAIN_SEPARATOR (contracts/token/AaveToken.sol#45) is not in mixedCase
Variable LendToAaveMigrator.AAVE (contracts/token/LendToAaveMigrator.sol#17) is not in mixedCase
Variable LendToAaveMigrator.LEND (contracts/token/LendToAaveMigrator.sol#18) is not in mixedCase
Variable LendToAaveMigrator.LEND_AAVE_RATIO (contracts/token/LendToAaveMigrator.sol#19) is not in mixedCase
Variable LendToAaveMigrator._totalLendMigrated (contracts/token/LendToAaveMigrator.sol#22) is not in mixedCase
Variable DoubleTransferHelper.AAVE (contracts/utils/DoubleTransferHelper.sol#8) is not in mixedCase
Variable VersionedInitializable.______gap (contracts/utils/VersionedInitializable.sol#43) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (contracts/open-zeppelin/Context.sol#21)" inContext (contracts/open-zeppelin/Context.sol#15-25)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Slither:0x7fc66500c84a76ad7e9c93437bfc5ac33e2ddae9 analyzed (19 contracts with 82 detectors), 57 result(s) found

Slither report for AaveTokenV2 at `0x96F68837877fd0414B55050c9e794AECdBcfCA59`

'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts/crytic-export/etherscan-contracts/0x96f68837877fd0414b55050c9e794aecdbcfca59-AaveTokenV2' running
Warning: src/contracts/AaveTokenV2.sol:453:18: Warning: This declaration shadows an existing declaration.
    constructor (string memory name, string memory symbol) public {
                 ^----------------^
src/contracts/AaveTokenV2.sol:462:5: The shadowed declaration is here:
    function name() public view returns (string memory) {
    ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:453:38: Warning: This declaration shadows an existing declaration.
    constructor (string memory name, string memory symbol) public {
                                     ^------------------^
src/contracts/AaveTokenV2.sol:470:5: The shadowed declaration is here:
    function symbol() public view returns (string memory) {
    ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:35:3: Warning: Interface functions are implicitly "virtual"
  function delegateByType(address delegatee, DelegationType delegationType) external virtual;
  ^-----------------------------------------------------------------------------------------^

Warning: src/contracts/AaveTokenV2.sol:40:3: Warning: Interface functions are implicitly "virtual"
  function delegate(address delegatee) external virtual;
  ^----------------------------------------------------^

Warning: src/contracts/AaveTokenV2.sol:45:3: Warning: Interface functions are implicitly "virtual"
  function getDelegateeByType(address delegator, DelegationType delegationType)
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:56:3: Warning: Interface functions are implicitly "virtual"
  function getPowerCurrent(address user, DelegationType delegationType)
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:66:3: Warning: Interface functions are implicitly "virtual"
  function getPowerAtBlock(
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:75:3: Warning: Interface functions are implicitly "virtual"
  function totalSupplyAt(uint256 blockNumber) external virtual view returns (uint256);
  ^----------------------------------------------------------------------------------^

Warning: src/contracts/AaveTokenV2.sol:453:5: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
    constructor (string memory name, string memory symbol) public {
    ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:1164:3: Warning: Visibility for constructor is ignored. If you want the contract to be non-deployable, making it "abstract" is sufficient.
  constructor() ERC20(NAME, SYMBOL) public {
  ^ (Relevant source part starts here and spans across multiple lines).

Warning: src/contracts/AaveTokenV2.sol:913:26: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
  function totalSupplyAt(uint256 blockNumber) external override view returns (uint256) {
                         ^-----------------^

Warning: src/contracts/AaveTokenV2.sol:1079:5: Warning: Unused function parameter. Remove or comment out the variable name to silence this warning.
    uint128 oldValue,
    ^--------------^


INFO:Detectors:
AaveTokenV2._votingSnapshots (src/contracts/AaveTokenV2.sol#1137) is never initialized. It is used in:
	- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
AaveTokenV2._votingSnapshotsCounts (src/contracts/AaveTokenV2.sol#1139) is never initialized. It is used in:
	- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
AaveTokenV2._aaveGovernance (src/contracts/AaveTokenV2.sol#1144) is never initialized. It is used in:
	- AaveTokenV2._beforeTokenTransfer(address,address,uint256) (src/contracts/AaveTokenV2.sol#1236-1266)
AaveTokenV2.DOMAIN_SEPARATOR (src/contracts/AaveTokenV2.sol#1146) is never initialized. It is used in:
	- AaveTokenV2.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1194-1218)
	- AaveTokenV2.delegateByTypeBySig(address,IGovernancePowerDelegationToken.DelegationType,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1299-1317)
	- AaveTokenV2.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1328-1344)
AaveTokenV2._propositionPowerSnapshots (src/contracts/AaveTokenV2.sol#1157) is never initialized. It is used in:
	- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
AaveTokenV2._propositionPowerSnapshotsCounts (src/contracts/AaveTokenV2.sol#1158) is never initialized. It is used in:
	- AaveTokenV2._getDelegationDataByType(IGovernancePowerDelegationToken.DelegationType) (src/contracts/AaveTokenV2.sol#1268-1287)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables
INFO:Detectors:
GovernancePowerDelegationERC20._searchByBlockNumber(mapping(address => mapping(uint256 => GovernancePowerDelegationERC20.Snapshot)),mapping(address => uint256),address,uint256) (src/contracts/AaveTokenV2.sol#1012-1050) uses a dangerous strict equality:
	- snapshot.blockNumber == blockNumber (src/contracts/AaveTokenV2.sol#1041)
GovernancePowerDelegationERC20._writeSnapshot(mapping(address => mapping(uint256 => GovernancePowerDelegationERC20.Snapshot)),mapping(address => uint256),address,uint128,uint128) (src/contracts/AaveTokenV2.sol#1075-1097) uses a dangerous strict equality:
	- ownerSnapshotsCount != 0 && snapshotsOwner[ownerSnapshotsCount - 1].blockNumber == currentBlock (src/contracts/AaveTokenV2.sol#1089-1090)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
INFO:Detectors:
ERC20.constructor(string,string).name (src/contracts/AaveTokenV2.sol#453) shadows:
	- ERC20.name() (src/contracts/AaveTokenV2.sol#462-464) (function)
ERC20.constructor(string,string).symbol (src/contracts/AaveTokenV2.sol#453) shadows:
	- ERC20.symbol() (src/contracts/AaveTokenV2.sol#470-472) (function)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
INFO:Detectors:
Reentrancy in AaveTokenV2.initialize(address[],uint256[],address,address,uint256) (src/contracts/AaveTokenV2.sol#1171-1181):
	External calls:
	- IERC20(tokens[i]).safeTransfer(aaveMerkleDistributor,amounts[i]) (src/contracts/AaveTokenV2.sol#1175)
	Event emitted after the call(s):
	- TokensRescued(tokens[i],aaveMerkleDistributor,amounts[i]) (src/contracts/AaveTokenV2.sol#1177)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
INFO:Detectors:
AaveTokenV2.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1194-1218) uses timestamp for comparisons
	Dangerous comparisons:
	- require(bool,string)(block.timestamp <= deadline,INVALID_EXPIRATION) (src/contracts/AaveTokenV2.sol#1205)
AaveTokenV2.delegateByTypeBySig(address,IGovernancePowerDelegationToken.DelegationType,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1299-1317) uses timestamp for comparisons
	Dangerous comparisons:
	- require(bool,string)(block.timestamp <= expiry,INVALID_EXPIRATION) (src/contracts/AaveTokenV2.sol#1315)
AaveTokenV2.delegateBySig(address,uint256,uint256,uint8,bytes32,bytes32) (src/contracts/AaveTokenV2.sol#1328-1344) uses timestamp for comparisons
	Dangerous comparisons:
	- require(bool,string)(block.timestamp <= expiry,INVALID_EXPIRATION) (src/contracts/AaveTokenV2.sol#1341)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
INFO:Detectors:
Address.isContract(address) (src/contracts/AaveTokenV2.sol#368-379) uses assembly
	- INLINE ASM (src/contracts/AaveTokenV2.sol#375-377)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
INFO:Detectors:
Address.sendValue(address,uint256) (src/contracts/AaveTokenV2.sol#397-403) is never used and should be removed
Context._msgData() (src/contracts/AaveTokenV2.sol#94-97) is never used and should be removed
ERC20._beforeTokenTransfer(address,address,uint256) (src/contracts/AaveTokenV2.sol#702) is never used and should be removed
ERC20._burn(address,uint256) (src/contracts/AaveTokenV2.sol#646-654) is never used and should be removed
ERC20._mint(address,uint256) (src/contracts/AaveTokenV2.sol#625-633) is never used and should be removed
ERC20._setupDecimals(uint8) (src/contracts/AaveTokenV2.sol#684-686) is never used and should be removed
SafeERC20.safeApprove(IERC20,address,uint256) (src/contracts/AaveTokenV2.sol#745-755) is never used and should be removed
SafeERC20.safeTransferFrom(IERC20,address,address,uint256) (src/contracts/AaveTokenV2.sol#736-743) is never used and should be removed
SafeMath.div(uint256,uint256) (src/contracts/AaveTokenV2.sol#280-282) is never used and should be removed
SafeMath.div(uint256,uint256,string) (src/contracts/AaveTokenV2.sol#295-306) is never used and should be removed
SafeMath.mod(uint256,uint256) (src/contracts/AaveTokenV2.sol#319-321) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (src/contracts/AaveTokenV2.sol#334-341) is never used and should be removed
SafeMath.mul(uint256,uint256) (src/contracts/AaveTokenV2.sol#255-267) is never used and should be removed
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dead-code
INFO:Detectors:
Low level call in Address.sendValue(address,uint256) (src/contracts/AaveTokenV2.sol#397-403):
	- (success) = recipient.call{value: amount}() (src/contracts/AaveTokenV2.sol#401)
Low level call in SafeERC20.callOptionalReturn(IERC20,bytes) (src/contracts/AaveTokenV2.sol#757-769):
	- (success,returndata) = address(token).call(data) (src/contracts/AaveTokenV2.sol#761)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
INFO:Detectors:
Variable ERC20._name (src/contracts/AaveTokenV2.sol#440) is not in mixedCase
Variable ERC20._symbol (src/contracts/AaveTokenV2.sol#441) is not in mixedCase
Variable VersionedInitializable.______gap (src/contracts/AaveTokenV2.sol#809) is not in mixedCase
Variable AaveTokenV2._nonces (src/contracts/AaveTokenV2.sol#1135) is not in mixedCase
Variable AaveTokenV2._votingSnapshots (src/contracts/AaveTokenV2.sol#1137) is not in mixedCase
Variable AaveTokenV2._votingSnapshotsCounts (src/contracts/AaveTokenV2.sol#1139) is not in mixedCase
Variable AaveTokenV2._aaveGovernance (src/contracts/AaveTokenV2.sol#1144) is not in mixedCase
Variable AaveTokenV2.DOMAIN_SEPARATOR (src/contracts/AaveTokenV2.sol#1146) is not in mixedCase
Variable AaveTokenV2._votingDelegates (src/contracts/AaveTokenV2.sol#1155) is not in mixedCase
Variable AaveTokenV2._propositionPowerSnapshots (src/contracts/AaveTokenV2.sol#1157) is not in mixedCase
Variable AaveTokenV2._propositionPowerSnapshotsCounts (src/contracts/AaveTokenV2.sol#1158) is not in mixedCase
Variable AaveTokenV2._propositionPowerDelegates (src/contracts/AaveTokenV2.sol#1160) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
Redundant expression "this (src/contracts/AaveTokenV2.sol#95)" inContext (src/contracts/AaveTokenV2.sol#89-98)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#redundant-statements
INFO:Detectors:
AaveTokenV2.DECIMALS (src/contracts/AaveTokenV2.sol#1130) is never used in AaveTokenV2 (src/contracts/AaveTokenV2.sol#1124-1346)
AaveTokenV2.EIP712_DOMAIN (src/contracts/AaveTokenV2.sol#1148-1150) is never used in AaveTokenV2 (src/contracts/AaveTokenV2.sol#1124-1346)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variable
INFO:Slither:0x96f68837877fd0414b55050c9e794aecdbcfca59 analyzed (11 contracts with 82 detectors), 45 result(s) found

Slither report for GovernanceStrategy at `0xb7e383ef9B1E9189Fc0F71fb30af8aa14377429e`

'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
INFO:Detectors:
GovernanceStrategy.constructor(address,address).aave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#78) lacks a zero-check on :
		- AAVE = aave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#79)
GovernanceStrategy.constructor(address,address).stkAave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#78) lacks a zero-check on :
		- STK_AAVE = stkAave (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#80)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Variable GovernanceStrategy.AAVE (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#70) is not in mixedCase
Variable GovernanceStrategy.STK_AAVE (crytic-export/etherscan-contracts/0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e-GovernanceStrategy.sol#71) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Slither:0xb7e383ef9b1e9189fc0f71fb30af8aa14377429e analyzed (4 contracts with 82 detectors), 4 result(s) found

Slither report for FxRoot at `0xfe5e5D361b2ad62c541bAb87C45a0B9B018389a2`

'solc --standard-json --allow-paths /home/runner/work/seatbelt-for-ghosts/seatbelt-for-ghosts' running
INFO:Detectors:
FxRoot.setFxChild(address)._fxChild (crytic-export/etherscan-contracts/0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2-FxRoot.sol#24) lacks a zero-check on :
		- fxChild = _fxChild (crytic-export/etherscan-contracts/0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2-FxRoot.sol#26)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
INFO:Detectors:
Parameter FxRoot.setFxChild(address)._fxChild (crytic-export/etherscan-contracts/0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2-FxRoot.sol#24) is not in mixedCase
Parameter FxRoot.sendMessageToChild(address,bytes)._receiver (crytic-export/etherscan-contracts/0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2-FxRoot.sol#29) is not in mixedCase
Parameter FxRoot.sendMessageToChild(address,bytes)._data (crytic-export/etherscan-contracts/0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2-FxRoot.sol#29) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
INFO:Detectors:
FxRoot.stateSender (crytic-export/etherscan-contracts/0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2-FxRoot.sol#17) should be immutable
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-immutable
INFO:Slither:0xfe5e5d361b2ad62c541bab87c45a0b9b018389a2 analyzed (3 contracts with 82 detectors), 5 result(s) found

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

314.md

314.md

SupplyCapLSTs

Subreports

Simple Summary

Motivation

Specification

References

Copyright

Checks

Reports all state changes from the proposal ✅ Passed

Check stack trace of the proposal ✅ Passed

Reports all events emitted from the proposal ✅ Passed

Check all targets are verified on Etherscan ✅ Passed

Check all touched contracts are verified on Etherscan ✅ Passed

Runs solc against the verified contracts ✅ Passed

Runs slither against the verified contracts ✅ Passed

Files

314.md

Latest commit

History

314.md

File metadata and controls

SupplyCapLSTs

Subreports

Simple Summary

Motivation

Specification

References

Copyright

Checks

Reports all state changes from the proposal ✅ Passed

Check stack trace of the proposal ✅ Passed

Reports all events emitted from the proposal ✅ Passed

Check all targets are verified on Etherscan ✅ Passed

Check all touched contracts are verified on Etherscan ✅ Passed

Runs solc against the verified contracts ✅ Passed

Runs slither against the verified contracts ✅ Passed