Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/byterocket/c4-common-issues

A collection of common security issues and possible gas optimizations in solidity smart contracts
https://github.com/byterocket/c4-common-issues

audit c4 code4rena ethereum evm security solidity

Last synced: 2 months ago
JSON representation

A collection of common security issues and possible gas optimizations in solidity smart contracts

Host: GitHub
URL: https://github.com/byterocket/c4-common-issues
Owner: byterocket
License: other
Created: 2022-01-24T13:03:02.000Z (about 3 years ago)
Default Branch: main
Last Pushed: 2022-10-16T12:07:10.000Z (over 2 years ago)
Last Synced: 2023-11-07T20:24:15.428Z (about 1 year ago)
Topics: audit, c4, code4rena, ethereum, evm, security, solidity
Homepage:
Size: 38.1 KB
Stars: 160
Watchers: 10
Forks: 23
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        
c4-common-issues


This repository aims to provide a list of issues found regularly in [Code4Rena](https://code4rena.com/)

contests.

## Introduction

Code4Rena runs community-driven contests for smart contract audits in which

wardens search for issues and judges allocate awards to wardens based on performance.

A problem currently in the community is how to handle commonly found issues

as they increase the judge's workload.

This repo aims to identify common issues and provide background information.

The goal is, that wardens include the issue's identifier in a contest submission.

This would help judges mark the issues as duplicates and hopefully decrease

their workload.

## Gas Optimization Issues

| Identifier | Title |

|------------|-------|

| [G001](./0-Gas-Optimizations.md/#g001---dont-initialize-variables-with-default-value) | Don't Initialize Variables with Default Value |

| [G002](./0-Gas-Optimizations.md/#g002---cache-array-length-outside-of-loop) | Cache Array Length Outside of Loop |

| [G003](./0-Gas-Optimizations.md/#g003---use--0-instead-of--0-for-unsigned-integer-comparison) | Use `!= 0` instead of `> 0` for Unsigned Integer Comparison |

| [G004](./0-Gas-Optimizations.md/#g004---remove-unused-variables) | Remove Unused Variables |

| [G005](./0-Gas-Optimizations.md/#g005---make-variable-constantimmutable) | Make Variable `constant`/`immutable` |

| [G006](./0-Gas-Optimizations.md/#g006---use-immutable-for-openzeppelin-accesscontrols-roles-declarations) | Use `immutable` for OpenZeppelin `AccessControl`'s Roles Declarations |

| [G007](./0-Gas-Optimizations.md/#g007---long-revert-strings) | Long Revert Strings |

| [G008](./0-Gas-Optimizations.md/#g008---use-shift-rightleft-instead-of-divisionmultiplication-if-possible) | Use Shift Right/Left instead of Division/Multiplication if possible |

| [G009](./0-Gas-Optimizations.md/#g009---make-function-external-instead-of-public) | Make Function `external` instead of `public` |

| [G010](./0-Gas-Optimizations.md/#g010---make-function-payable) | Make Function `payable` |

| [G011](./0-Gas-Optimizations.md/#g011---unnecessary-checked-arithmetic-in-for-loop) | Unnecessary checked arithmetic in for loop |

| [G012](./0-Gas-Optimizations.md/#g012---use-prefix-increment-instead-of-postfix-increment-if-possible) | Use Prefix Increment instead of Postfix Increment if possible |

## Non-Critical Issues

| Identifier | Title |

|------------|-------|

| [NC001](./1-Non-Critial.md#nc001---functions-mutating-storage-should-emit-events) | Functions Mutating Storage Should Emit Events |

## Low Risk Issues

| Identifier | Title |

|------------|-------|

| [L001](./2-Low-Risk.md#l001---unsafe-erc20-operations) | Unsafe ERC20 Operation(s) |

| [L002](./2-Low-Risk.md#l002---feeontransfer-tokens-not-supported) | FeeOnTransfer Tokens not Supported |

| [L003](./2-Low-Risk.md#l003---unspecific-compiler-version-pragma) | Unspecific Compiler Version Pragma |

| [L004](./2-Low-Risk.md#l004---use-two-step-transfer-pattern-for-access-controls) | Use Two-Step Transfer Pattern for Access Controls |

| [L005](./2-Low-Risk.md#l005---do-not-use-deprecated-library-functions) | Do not use Deprecated Library Functions |

| [L006](./2-Low-Risk.md#l006---check-that-contract-exists-before-using-solmates-safetransferlib) | Check that Contract Exists before using `solmate`'s `SafeTransferLib` |

## Contribution

**Any** kind of contribution is highly welcome!

## License

This work is licensed under a [Creative Commons Attribution 4.0 International License](http://creativecommons.org/licenses/by/4.0/).