Dria
Swan
NFTHardhat
21,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Avoid using floating pragma solidity versions `pragma solidity ^0.8.20`

aye__aye

Summary

Using a floating version might compile the contract with a version that has unresolved security issues, especially if the floating range includes old versions.

Vulnerability Details

pragma solidity ^0.8.20

- `contracts/swan/BuyerAgent.sol`
- `contracts/swan/Swan.sol`
- `contracts/swan/SwanAsset.sol`
- `contracts/swan/SwanManager.sol`
- `contracts/libraries/Statistics.sol`
- `contracts/llm/LLMOracleCoordinator.sol`
- `contracts/llm/LLMOracleManager.sol`
- `contracts/llm/LLMOracleRegistry.sol`
- `contracts/llm/LLMOracleTask.sol`

Impact

Version constraint ^0.8.20 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- VerbatimInvalidDeduplication
- FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess.

Tools Used

manual review, slither

Recommendations

use a fixed stable version of Solidity.

eg;- pragma solidity 0.8.24

Updates

Lead Judging Commences

inallhonesty Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.