Floating pragma is set
Summary
contracts use the floating pragma ^0.8.19.
Vulnerability Details
Contracts should be deployed with the same compiler version and flags that they
have been tested with thoroughly. Locking the pragma helps to ensure
that contracts do not accidentally get deployed using another pragma,
for example, either an outdated pragma version that might introduce bugs
that affect the contract system negatively or a recently released pragma
version which has not been extensively tested.
Impact
Contracts should be deployed using the same compiler version/flags with which they have been tested. Locking the pragma (for e.g. by not using ^ in pragma solidity 0.8.19) ensures that contracts do not accidentally get deployed using an new compiler version with unfixed bugs
Tools Used
manual review
Recommendations
Lock the pragma version to the same version as used in the other contracts and also consider known bugs (https://github.com/ethereum/solidity/releases) for the compiler version that is chosen.
Pragma statements can be allowed to float when a contract is intended for consumption by other developers, as in the case with contracts in a library or EthPM package. Otherwise, the developer would need to manually update the pragma in order to compile it locally.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.