Cotract --> Contract
addreses --> addresses
DiamondCutProposalCancelation --> DiamondCutProposalCancellation (event name)
recurisiveAggregationInput --> recursiveAggregationInput (many uses in Executor.sol first is shown)
_blockAuxilaryOutput --> _blockAuxiliaryOutput
refference --> reference
exect
initiailize --> initialize
Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.
- DiamondProxy.sol
- DiamondInit.sol
- Config.sol
- Storage.sol
- DiamondCut.sol
- Executor.sol
- Getters.sol
- Base.sol
- Governance.sol
- Mailbox.sol
- L1ERC20Bridge.sol
- L1EthBridge.sol
- AllowList.sol
- AllowListed.sol
- ReentrancyGuard.sol
Even assembly can benefit from using readable constants instead of hex/numeric literals
- Executor.sol#L112
- Executor.sol#L116
- Executor.sol#L121
- Executor.sol#L130
- Executor.sol#L131
- Executor.sol#L135
- Executor.sol#L297
- Executor.sol#L300-L305
Usually lines in source code are limited to 80 characters. Its advised to keep lines lower than 120 characters. Today’s screens are much larger so it’s reasonable to stretch this in some cases. Since the files will most likely reside in GitHub, and GitHub starts using a scroll bar in all cases when the length is over 164 characters, the lines below should be split when they reach that length
Code architecture, incentives, and error handling/reporting questions/issues should be resolved before deployment
Using very old versions of Solidity prevents benefits of bug fixes and newer security checks. Using the latest versions might make contracts susceptible to undiscovered compiler bugs
There are multiple occasions where certain numbers have been hardcoded, either in variables or in the code itself. Large numbers can become hard to read.
Index event fields make the field more quickly accessible to off-chain tools that parse events. However, note that each index field costs extra gas during emission, so it’s not necessarily best to index the maximum allowed per event (three fields). Each event should use three indexed fields if there are three or more fields, and gas usage is not particularly of concern for the events in question. If there are fewer than three fields, all of the fields should be indexed.
11. variable is never used in the contract so it may confuse the reader of code, consider commenting it or removing it to improve readability
Prior to solidity version 0.8.0, hitting an assert consumes the remainder of the transaction’s available gas rather than returning it, as require()/revert() do. assert() should be avoided even past solidity version 0.8.0 as its documentation states that “The assert function creates an error of type Panic(uint256). … Properly functioning code should never create a Panic, not even on invalid external input. If this happens, then there is a bug in your contract which you should fix”.
13. abi.encodePacked() should not be used with dynamic types when passing the result to a hash function such as keccak256()
Use abi.encode instead If all the arguments are strings bytes.concat() should be used
although it uses more gas it will lower readability
Earlier versions of solidity can use uint(-1) instead. Expressions not including the - 1 can often be re-written to accommodate the change