c4-common-issues
This repository aims to provide a list of issues found regularly in Code4Rena contests.
Introduction
Code4Rena runs community-driven contests for smart contract audits in which wardens search for issues and judges allocate awards to wardens based on performance.
A problem currently in the community is how to handle commonly found issues as they increase the judge's workload.
This repo aims to identify common issues and provide background information.
The goal is, that wardens include the issue's identifier in a contest submittion.
This would help judges mark the issues as duplicates and hopefully decrease their workload.
Gas Optimization Issues
| Identifier | Title |
|---|---|
| G001 | Don't Initialize Variables with Default Value |
| G002 | Cache Array Length Outside of Loop |
| G003 | Use != 0 instead of > 0 for Unsigned Integer Comparison |
| G004 | Remove Unused Variables |
| G005 | Make Variable constant/immutable |
| G006 | Use immutable for OpenZeppelin AccessControl's Roles Declarations |
| G007 | Long Revert Strings |
| G008 | Use Shift Right/Left instead of Division/Multiplication if possible |
| G009 | Make Function external instead of public |
| G010 | Make Function payable |
| G011 | Unnecessary checked arithmetic in for loop |
| G012 | Use Prefix Increment instead of Postfix Increment if possible |
Non-Critical Issues
| Identifier | Title |
|---|---|
| NC001 | Functions Mutating Storage Should Emit Events |
Low Risk Issues
| Identifier | Title |
|---|---|
| L001 | Unsafe ERC20 Operation(s) |
| L002 | FeeOnTransfer Tokens not Supported |
| L003 | Unspecific Compiler Version Pragma |
| L004 | Use Two-Step Transfer Pattern for Access Controls |
| L005 | Do not use Deprecated Library Functions |
| L006 | Check that Contract Exists before using solmate's SafeTransferLib |
Contribution
Any kind of contribution is highly welcome!
License
This work is licensed under a Creative Commons Attribution 4.0 International License.