Skip to content

Latest commit

 

History

History
223 lines (145 loc) · 6.94 KB

mcwildy-Q.md

File metadata and controls

223 lines (145 loc) · 6.94 KB

Qa Report

ZKSYNC

ToDo:s should be cleaned

Code architecture, incentives and error handling questions should be resolved before deployment

IExecutor.sol:

line#L56:  /// TODO: The verifier integration is not finished yet, change the structure for compatibility later

Use higher solidity version

Optimizations, bug fixes and additional features come with each solidity patch version update

Use external visibility modifier for function that are not being invoked by the contract

L2ETHBridge.sol:

line#L79:  function l2TokenAddress(address) public pure returns (address) {

line#L84:  function l1TokenAddress(address) public pure override returns (address) {

L2StandardERC20.sol:

line#L126: function decimals() public view override returns (uint8) {

Mailbox.sol:

line#L89:  function l2TransactionBaseCost(

L1EthBridge.sol:

line#L243: function l2TokenAddress(address) public pure returns (address) {

L1ERC20Bridge.sol:

line#L274: require(bytes4(functionSignature) == this.finalizeWithdrawal.selector, "nt");

line#L282: function l2TokenAddress(address _l1Token) public view returns (address) {

Events should use all three indexed keywords for their parameters

Diamond.sol:

line#L16:  event DiamondCut(FacetCut[] facetCuts, address initAddress, bytes initCalldata);

L2StandardERC20.sol:

line#L12:  event BridgeInitialization(address indexed l1Token, string name, string symbol, uint8 decimals);

IExecutor.sol:

line#L85:  event BlocksRevert(uint256 totalBlocksCommitted, uint256 totalBlocksVerified, uint256 totalBlocksExecuted);

Contracts should use a fixed compiler version to avoid potential bugs

DiamondCut.sol:

line#L3:   pragma solidity ^0.8.0;

Mailbox.sol:

line#L3:   pragma solidity ^0.8.0;

Base.sol:

line#L3:   pragma solidity ^0.8.0;

Governance.sol:

line#L3:   pragma solidity ^0.8.0;

Config.sol:

line#L3:   pragma solidity ^0.8.0;

DiamondProxy.sol:

line#L3:   pragma solidity ^0.8.0;

L2ERC20Bridge.sol:

line#L3:   pragma solidity ^0.8.0;

L1EthBridge.sol:

line#L3:   pragma solidity ^0.8.0;

L2ETHBridge.sol:

line#L3:   pragma solidity ^0.8.0;

AllowListed.sol:

line#L3:   pragma solidity ^0.8.0;

Executor.sol:

line#L3:   pragma solidity ^0.8.0;

Storage.sol:

line#L3:   pragma solidity ^0.8.0;

AllowList.sol:

line#L3:   pragma solidity ^0.8.0;

DiamondInit.sol:

line#L3:   pragma solidity ^0.8.0;

L1ERC20Bridge.sol:

line#L3:   pragma solidity ^0.8.0;

L2StandardERC20.sol:

line#L3:   pragma solidity ^0.8.0;

Getters.sol:

line#L3:   pragma solidity ^0.8.0;

ReentrancyGuard.sol:

line#L3:   pragma solidity ^0.8.0;

Missing natspec comments

https://docs.soliditylang.org/en/develop/natspec-format.html

L2ContractHelper.sol:

line#L1:   // SPDX-License-Identifier: MIT OR Apache-2.0

UncheckedMath.sol:

line#L1:   // SPDX-License-Identifier: MIT OR Apache-2.0

IZkSync.sol:

line#L1:   // SPDX-License-Identifier: MIT OR Apache-2.0

IDiamondCut.sol:

line#L1:   // SPDX-License-Identifier: MIT OR Apache-2.0

IL2EthInitializable.sol:

line#L1:   // SPDX-License-Identifier: MIT OR Apache-2.0

IL2StandardToken.sol:

line#L1:   // SPDX-License-Identifier: MIT OR Apache-2.0