Closed sherlock-admin closed 1 year ago
0xheynacho
medium
https://github.com/sherlock-audit/2022-11-sense/blob/main/contracts/src/AutoRoller.sol#L2 https://github.com/sherlock-audit/2022-11-sense/blob/main/contracts/src/AutoRollerFactory.sol https://github.com/sherlock-audit/2022-11-sense/blob/main/contracts/src/RollerPeriphery.sol
Vulnerability related to ‘Optimizer Bug Regarding Memory Side Effects of Inline Assembly’
ref : https://blog.soliditylang.org/2022/06/15/solidity-0.8.15-release-announcement/ vtvl inherits solidity contracts from openzeppelin and these uses inline assembly, and optimization is enabled while compiling.
Use recent Solidity version 0.8.15 which has the fix for these issues.
Duplicate of #39
0xheynacho
medium
USE OF SOLIDITY VERSION 0.8.13 WHICH HAS KNOWN ISSUES APPLICABLE TO SENSE
Lines of code
https://github.com/sherlock-audit/2022-11-sense/blob/main/contracts/src/AutoRoller.sol#L2 https://github.com/sherlock-audit/2022-11-sense/blob/main/contracts/src/AutoRollerFactory.sol https://github.com/sherlock-audit/2022-11-sense/blob/main/contracts/src/RollerPeriphery.sol
Vulnerability details
Vulnerability related to ‘Optimizer Bug Regarding Memory Side Effects of Inline Assembly’
ref : https://blog.soliditylang.org/2022/06/15/solidity-0.8.15-release-announcement/ vtvl inherits solidity contracts from openzeppelin and these uses inline assembly, and optimization is enabled while compiling.
Recommended Mitigation Steps
Use recent Solidity version 0.8.15 which has the fix for these issues.
Duplicate of #39