Unlocked Pragma Statements

[code423n4]

Handle

tensors

Vulnerability details

It is widely considered best practice to lock the pragma statements to a specific compiler. See, for example, https://swcregistry.io/docs/SWC-103

Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.

Proof of concept

https://github.com/sushiswap/trident/blob/7098ef9ad97fa11d350a15d97740e97ad2ca4649/contracts/pool/ConstantProductPool.sol#L3

[maxsam4]

compiler version is fixed in hardhat config.

[alcueca]

Duplicated with #49