{"id":22189285,"url":"https://github.com/byterocket/c4-common-issues","last_synced_at":"2026-03-05T09:32:58.018Z","repository":{"id":44772863,"uuid":"451466471","full_name":"byterocket/c4-common-issues","owner":"byterocket","description":"A collection of common security issues and possible gas optimizations in solidity smart contracts","archived":false,"fork":false,"pushed_at":"2022-10-16T12:07:10.000Z","size":39,"stargazers_count":157,"open_issues_count":1,"forks_count":22,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-10-10T22:30:07.525Z","etag":null,"topics":["audit","c4","code4rena","ethereum","evm","security","solidity"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/byterocket.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-01-24T13:03:02.000Z","updated_at":"2025-08-19T11:12:22.000Z","dependencies_parsed_at":"2023-01-20T04:15:56.630Z","dependency_job_id":null,"html_url":"https://github.com/byterocket/c4-common-issues","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/byterocket/c4-common-issues","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byterocket%2Fc4-common-issues","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byterocket%2Fc4-common-issues/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byterocket%2Fc4-common-issues/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byterocket%2Fc4-common-issues/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/byterocket","download_url":"https://codeload.github.com/byterocket/c4-common-issues/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/byterocket%2Fc4-common-issues/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30117714,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T08:19:04.902Z","status":"ssl_error","status_checked_at":"2026-03-05T08:17:37.148Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","c4","code4rena","ethereum","evm","security","solidity"],"created_at":"2024-12-02T11:17:13.653Z","updated_at":"2026-03-05T09:32:57.977Z","avatar_url":"https://github.com/byterocket.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=center\u003e\u003ccode\u003ec4-common-issues\u003c/code\u003e\u003c/h1\u003e\n\nThis repository aims to provide a list of issues found regularly in [Code4Rena](https://code4rena.com/)\ncontests.\n\n## Introduction\n\nCode4Rena runs community-driven contests for smart contract audits in which\nwardens search for issues and judges allocate awards to wardens based on performance.\n\nA problem currently in the community is how to handle commonly found issues\nas they increase the judge's workload.\n\nThis repo aims to identify common issues and provide background information.\n\nThe goal is, that wardens include the issue's identifier in a contest submission.\n\nThis would help judges mark the issues as duplicates and hopefully decrease\ntheir workload.\n\n\n## Gas Optimization Issues\n\n| Identifier | Title |\n|------------|-------|\n| [G001](./0-Gas-Optimizations.md/#g001---dont-initialize-variables-with-default-value) | Don't Initialize Variables with Default Value |\n| [G002](./0-Gas-Optimizations.md/#g002---cache-array-length-outside-of-loop) | Cache Array Length Outside of Loop |\n| [G003](./0-Gas-Optimizations.md/#g003---use--0-instead-of--0-for-unsigned-integer-comparison) | Use `!= 0` instead of `\u003e 0` for Unsigned Integer Comparison |\n| [G004](./0-Gas-Optimizations.md/#g004---remove-unused-variables) | Remove Unused Variables |\n| [G005](./0-Gas-Optimizations.md/#g005---make-variable-constantimmutable) | Make Variable `constant`/`immutable` |\n| [G006](./0-Gas-Optimizations.md/#g006---use-immutable-for-openzeppelin-accesscontrols-roles-declarations) | Use `immutable` for OpenZeppelin `AccessControl`'s Roles Declarations |\n| [G007](./0-Gas-Optimizations.md/#g007---long-revert-strings) | Long Revert Strings |\n| [G008](./0-Gas-Optimizations.md/#g008---use-shift-rightleft-instead-of-divisionmultiplication-if-possible) | Use Shift Right/Left instead of Division/Multiplication if possible |\n| [G009](./0-Gas-Optimizations.md/#g009---make-function-external-instead-of-public) | Make Function `external` instead of `public` |\n| [G010](./0-Gas-Optimizations.md/#g010---make-function-payable) | Make Function `payable` |\n| [G011](./0-Gas-Optimizations.md/#g011---unnecessary-checked-arithmetic-in-for-loop) | Unnecessary checked arithmetic in for loop |\n| [G012](./0-Gas-Optimizations.md/#g012---use-prefix-increment-instead-of-postfix-increment-if-possible) | Use Prefix Increment instead of Postfix Increment if possible |\n\n\n## Non-Critical Issues\n\n| Identifier | Title |\n|------------|-------|\n| [NC001](./1-Non-Critial.md#nc001---functions-mutating-storage-should-emit-events) | Functions Mutating Storage Should Emit Events |\n\n\n## Low Risk Issues\n\n| Identifier | Title |\n|------------|-------|\n| [L001](./2-Low-Risk.md#l001---unsafe-erc20-operations) | Unsafe ERC20 Operation(s) |\n| [L002](./2-Low-Risk.md#l002---feeontransfer-tokens-not-supported) | FeeOnTransfer Tokens not Supported |\n| [L003](./2-Low-Risk.md#l003---unspecific-compiler-version-pragma) | Unspecific Compiler Version Pragma |\n| [L004](./2-Low-Risk.md#l004---use-two-step-transfer-pattern-for-access-controls) | Use Two-Step Transfer Pattern for Access Controls |\n| [L005](./2-Low-Risk.md#l005---do-not-use-deprecated-library-functions) | Do not use Deprecated Library Functions |\n| [L006](./2-Low-Risk.md#l006---check-that-contract-exists-before-using-solmates-safetransferlib) | Check that Contract Exists before using `solmate`'s `SafeTransferLib` |\n\n\n## Contribution\n\n**Any** kind of contribution is highly welcome!\n\n\n## License\n\nThis work is licensed under a [Creative Commons Attribution 4.0 International License](http://creativecommons.org/licenses/by/4.0/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbyterocket%2Fc4-common-issues","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbyterocket%2Fc4-common-issues","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbyterocket%2Fc4-common-issues/lists"}