Clearwood
commented
3 years ago An old solidity compiler version is not a bug
Open code423n4 opened 3 years ago
Clearwood
commented
3 years ago An old solidity compiler version is not a bug
ghoul-sol
commented
3 years ago making this a non-critical as it is best practices recommendation
Handle
0xRajeev
Vulnerability details
Impact
The solc version used is 0.6.12 which was released in July 2020 (one year is a long time for Solidity given the fast release pace) and is two breaking releases behind. This misses several optimizations and the built-in arithmetic checks in 0.8.x.
Proof of Concept
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/Auctions/BatchAuction.sol#L1
Tools Used
Manual Analysis
Recommended Mitigation Steps
Consider upgrading to 0.7.x if not 0.8.x.