Submission Details
Severity:
Variable shadowing in the Asset constructor
Summary
There are two local variables (name and symbol) in the constructor in the Asset.sol contract that are shadowing (hiding) others functions called name() and symbol ().
Vulnerability Details
Asset.constructor(address,string,string).name - line 11
shadows:
- ERC20.name() (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#62-64) (function)
- IERC20Metadata.name() (node_modules/@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#17) (function)
Asset.constructor(address,string,string).symbol - line 11
shadows:
- ERC20.symbol() (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#70-72) (function)
- IERC20Metadata.symbol() (node_modules/@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#22) (function)
Impact
In Solidity, shadowing occurs when a local variable or function parameter has the same name as a variable or function in an outer scope. This can lead to confusion and potential bugs because the local variable or parameter will take precedence over the outer variable or function.
Tools Used
Slither
Recommendations
Rename the name field in the eip712Domain() function to avoid the shadowing.
Prize pool breakdown
Total prize
55,000 USDC
nSLOC
3,36516 USDC / LOC
50,000 USDC
5,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.