A known vulnerable compiler version may accidentally be selected or security tools might fall-back to an older compiler version ending up checking a different EVM compilation that is ultimately deployed on the blockchain.
Proof of Concept
wfCashERC4626.sol::2 => pragma solidity ^0.8.0;
Recommendation
Avoid floating pragmas for non-library contracts. It is recommended to pin to a concrete compiler version.
[L-02] Do not use Deprecated Library Functions
Impact
The usage of deprecated library functions should be discouraged.
Low
[L-01] Unspecific Compiler Version Pragma
Impact
A known vulnerable compiler version may accidentally be selected or security tools might fall-back to an older compiler version ending up checking a different EVM compilation that is ultimately deployed on the blockchain.
Proof of Concept
Recommendation
Avoid floating pragmas for non-library contracts. It is recommended to pin to a concrete compiler version.
[L-02] Do not use Deprecated Library Functions
Impact
The usage of deprecated library functions should be discouraged.
Proof of Concept
Recommendation
Use
safeIncreaseAllowance/safeDecreaseAllowanceinstead ofsafeApprove.Non-Critical
[N-01] Missing Natspec
Missing
@returnnatspec throughout the codebaseTools used
manual