- L01 - Floating pragma
- L02 - Should not use assert
- NC01 - Event is missing indexed fields
- NC02 - Outdated compiler version
- NC03 - Public functions that are not used in the contract should be declared as external
- NC04 - File is missing NatSpec
- NC05 - Missing checks for address(0x0) when assigning values to address state variables
The contracts have the pragma solidity directive ^0.8.0. It is recommended to specify a fixed compiler version to ensure that the bytecode produced does not vary between builds. This is especially important if you rely on bytecode-level verification of the code.
Lock the pragma.
DiamondProxy.sol#L3 DiamondInit.sol#L3 Config.sol#L3 Storage.sol#L3 Base.sol#L3 DiamondCut.sol#L3 Executor.sol#L3 Getters.sol#L3 Governance.sol#L3 Mailbox.sol#L3 Diamond.sol#L3 Merkle.sol#L3 PriorityQueue.sol#L3 IDiamondCut.sol#L3 IExecutor.sol#L3 IGetters.sol#L3 IGovernance.sol#L3 IMailbox.sol#L3 IZkSync.sol#L3 L1ERC20Bridge.sol#L3 L1EthBridge.sol#L3 IL1Bridge.sol#L3 IL2Bridge.sol#L3 AllowList.sol#L3 IAllowList.sol#L3 AllowListed.sol#L3 L2ContractHelper.sol#L3 ReentrancyGuard.sol#L3 UncheckedMath.sol#L3 UnsafeBytes.sol#L3
Use require / revert instead of assert
Index event fields make the field more quickly accessible to off-chain tools that parse events. However, note that each index field costs extra gas during emission, so it's not necessarily best to index the maximum allowed per event (threefields). Each event should use three indexed fields if there are three or more fields, and gas usage is not particularly of concern for the events in question. If there are fewer than three fields, all of the fields should be indexed.
IDiamondCut.sol#L20-L35 Diamond.sol#L16 IMailbox.sol#L95-L100
The project is using the solidity version 0.8.0. It's a best practice to use the latest release version. You can consult it in the following link
Update the solidity version to 0.8.17
DiamondProxy.sol#L3 DiamondInit.sol#L3 Config.sol#L3 Storage.sol#L3 Base.sol#L3 DiamondCut.sol#L3 Executor.sol#L3 Getters.sol#L3 Governance.sol#L3 Mailbox.sol#L3 Diamond.sol#L3 Merkle.sol#L3 PriorityQueue.sol#L3 IDiamondCut.sol#L3 IExecutor.sol#L3 IGetters.sol#L3 IGovernance.sol#L3 IMailbox.sol#L3 IZkSync.sol#L3 L1ERC20Bridge.sol#L3 L1EthBridge.sol#L3 IL1Bridge.sol#L3 IL2Bridge.sol#L3 AllowList.sol#L3 IAllowList.sol#L3 AllowListed.sol#L3 L2ContractHelper.sol#L3 ReentrancyGuard.sol#L3 UncheckedMath.sol#L3 UnsafeBytes.sol#L3
L1ERC20Bridge.sol#L282 L1EthBridge.sol#L243
IDiamondCut.sol IGetters.sol IGovernance.sol IZkSync.sol IAllowList.sol