kitty-the-kat
commented
3 years ago Good comment regarding style, but there is no actual issue specified.
Open code423n4 opened 3 years ago
kitty-the-kat
commented
3 years ago Good comment regarding style, but there is no actual issue specified.
ghoul-sol
commented
3 years ago This is best practices rather than specific issue. Degrading this to non-critical issue.
Handle
shw
Vulnerability details
Impact
Most of the contracts include an unlocked pragma, e.g.,
pragma solidity >=0.6.0 <0.7.0;. Locking the pragma helps ensure that contracts are not accidentally deployed using an old compiler version with unfixed bugs.Proof of Concept
Referenced code: Please use
grep -R pragma .to find the unlocked pragma statements.Recommended Mitigation Steps
Lock pragmas to a specific Solidity version. Consider the compiler bugs in the following lists and ensure that they do not affect the contracts. It is also recommended to use the latest version of Solidity when writing and deploying contracts (see Solidity docs).
Solidity compiler bugs: Solidity repo - known bugs Solidity repo - bugs by version