| SOLIDITY001 |
Storage ABIEncoderV2 Array |
High |
solc versions 0.4.7-0.5.9 contain a compiler bug leading to incorrect ABI encoder usage. |
Use a compiler >= 0.5.10. |
| SOLIDITY002 |
Arbitrary from in transferFrom |
High |
Detects when msg.sender is not used as from in transferFrom. |
Use msg.sender as from in transferFrom. |
| SOLIDITY003 |
Modifying storage array by value |
High |
Detect arrays passed to a function that expects reference to a storage array. |
Ensure the correct usage of memory and storage in the function parameters. |
| SOLIDITY004 |
ABI encodePacked Collision |
High |
Detect collision due to dynamic type usages in abi.encodePacked. |
Do not use more than one dynamic type in abi.encodePacked(). Use abi.encode(), preferably. |
| SOLIDITY005 |
Incorrect shift in assembly |
High |
Detects if the values in a shift operation are reversed. |
Swap the order of parameters. |
| SOLIDITY006 |
Multiple constructor schemes |
High |
Detect multiple constructor definitions in the same contract. |
Only declare one constructor, using the new scheme constructor(...) instead of function (...). |
| SOLIDITY008 |
Public mappings with nested variables |
High |
Public mapping with nested structures returned incorrect values prior to Solidity 0.5. |
Do not use public mapping with nested structures. |
| SOLIDITY009 |
RTLO Character |
High |
Use of right-to-left-override character (U+202E) can manipulate contract logic. |
Special control characters must not be allowed. |
| SOLIDITY010 |
State Variable Shadowing |
High |
Detection of state variables shadowed. |
Remove the state variable shadowing. |
| SOLIDITY011 |
Suicidal |
High |
Unprotected call to a function executing selfdestruct/suicide. |
Protect access to all sensitive functions. |
| SOLIDITY012 |
Uninitialized State Variables |
High |
Uninitialized state variables. |
Initialize all the variables. If a variable is meant to be initialized to zero, explicitly set it to zero. |
| SOLIDITY013 |
Uninitialized Storage Variables |
High |
An uninitialized storage variable will act as a reference to the first state variable, and can override it. |
Initialize all storage variables. |
| SOLIDITY014 |
Unprotected Upgradeable Contract |
High |
Detects logic contract that can be destructed. |
Add a constructor to ensure initialize cannot be called on the logic contract. |
| SOLIDITY015 |
Arbitrary from in TransferFrom Used with Permit |
High |
Detects when msg.sender is not used as from in transferFrom and permit is used. |
Ensure that the underlying ERC20 token correctly implements a permit function. |
| SOLIDITY016 |
Functions that Send Ether to Arbitrary Destinations |
High |
Unprotected call to a function sending Ether to an arbitrary address. |
Ensure that an arbitrary user cannot withdraw unauthorized funds. |
| SOLIDITY017 |
Array Length Assignment |
High |
Detects the direct assignment of an array's length. |
Do not allow array lengths to be directly set; add values as needed. |
| SOLIDITY018 |
Controlled Delegatecall |
High |
Delegatecall or callcode to an address controlled by the user. |
Avoid using delegatecall. Use only trusted destinations. |
| SOLIDITY019 |
Payable Functions Using Delegatecall Inside a Loop |
High |
Detect the use of delegatecall inside a loop in a payable function. |
Carefully check that the function called by delegatecall is not payable. |
| SOLIDITY020 |
Incorrect Exponentiation |
High |
Detect use of bitwise xor ^ instead of exponential **. |
Use the correct operator ** for exponentiation. |
| SOLIDITY021 |
Incorrect Return in Assembly |
High |
Detect if return in an assembly block halts unexpectedly the execution. |
Use the leave statement. |
| SOLIDITY022 |
msg.value Inside a Loop |
High |
Detect the use of msg.value inside a loop. |
Provide explicit amounts alongside the receivers array, matching msg.value. |
| SOLIDITY023 |
Reentrancy Vulnerabilities |
High |
Detection of the reentrancy bug involving Ether. |
Apply the check-effects-interactions pattern. |
| SOLIDITY024 |
Return Instead of Leave in Assembly |
High |
Detect if a return is used where a leave should be used. |
Use the leave statement. |
| SOLIDITY025 |
Storage Signed Integer Array |
High |
solc versions 0.4.7-0.5.9 contain a compiler bug leading to incorrect values in signed integer arrays. |
Use a compiler version >= 0.5.10. |
| SOLIDITY026 |
Unchecked Transfer |
High |
The return value of an external transfer/transferFrom call is not checked. |
Use SafeERC20, or ensure that the transfer/transferFrom return value is checked. |
| SOLIDITY027 |
Weak PRNG |
High |
Weak PRNG due to a modulo on block.timestamp, now, or blockhash. |
Do not use block.timestamp, now, or blockhash as a source of randomness. |
| SOLIDITY029 |
Domain Separator Collision |
Medium |
An ERC20 token function signature collides with EIP-2612's DOMAIN_SEPARATOR(). |
Remove or rename the function that collides with DOMAIN_SEPARATOR(). |
| SOLIDITY030 |
Dangerous Enum Conversion |
Medium |
Detect out-of-range enum conversion. |
Check the enum conversion range. |
| SOLIDITY031 |
Incorrect ERC20 Interface |
Medium |
Incorrect return values for ERC20 functions. |
Set the appropriate return values for ERC20 functions. |
| SOLIDITY032 |
Incorrect ERC721 Interface |
Medium |
Incorrect return values for ERC721 functions. |
Set the appropriate return values for ERC721 functions. |
| SOLIDITY033 |
Dangerous Strict Equalities |
Medium |
Use of strict equalities that can be easily manipulated by an attacker. |
Avoid using strict equality for Ether or token amounts. |
| SOLIDITY034 |
Contracts that Lock Ether |
Medium |
Contract with a payable function, but without a withdrawal capacity. |
Add a withdrawal function or remove the payable attribute. |
| SOLIDITY035 |
Deletion on Mapping Containing a Structure |
Medium |
A deletion in a structure containing a mapping will not delete the mapping. |
Use a lock mechanism instead of a deletion for structures containing a mapping. |
| SOLIDITY036 |
State Variable Shadowing from Abstract Contracts |
Medium |
Detection of state variables shadowed from abstract contracts. |
Remove the state variable shadowing. |
| SOLIDITY037 |
Misuse of a Boolean Constant |
Medium |
Detects the misuse of a Boolean constant. |
Verify and simplify the condition. |
| SOLIDITY040 |
Divide Before Multiply |
Medium |
Performing division before multiplication can lead to precision loss. |
Consider ordering multiplication before division. |
| SOLIDITY041 |
Reentrancy Vulnerabilities (No Ether) |
Medium |
Detection of reentrancy bug that does not involve Ether. |
Apply the check-effects-interactions pattern. |
| SOLIDITY042 |
Reused Base Constructors |
Medium |
Detects if the same base constructor is called with arguments from two different locations. |
Remove the duplicate constructor call. |
| SOLIDITY043 |
Dangerous Usage of tx.origin |
Medium |
tx.origin-based protection can be abused by a malicious contract. |
Do not use tx.origin for authorization. |
| SOLIDITY044 |
Unchecked Low-Level Calls |
Medium |
The return value of a low-level call is not checked. |
Ensure that the return value of a low-level call is checked or logged. |
| SOLIDITY045 |
Unchecked Send |
Medium |
The return value of a send is not checked. |
Ensure that the return value of send is checked or logged. |
| SOLIDITY047 |
Return Bomb |
Low |
A low-level callee may consume all caller's gas unexpectedly. |
Avoid unlimited implicit decoding of returndata. |
| SOLIDITY048 |
Block Timestamp |
Low |
Dangerous usage of block.timestamp, which can be manipulated by miners. |
Avoid relying on block.timestamp for critical logic or randomness. |