Floating Pragma (^0.8.24) May Introduce Unintended Behavior in Future Compiler Versions.
Description
The contract needs to be compiled with Solidity 0.8.24, ensuring consistent behavior across deployments and environments.The use of a floating pragma ^0.8.24 allows compilation with any minor version ≥0.8.24. Future compiler versions may introduce optimizations or behavioral changes that could alter contract execution in unpredictable ways. Using a fixed version ensures consistent behavior across environments.
Risk
Likelihood:
-
When the contract is recompiled with a newer minor version
-
When different team members use different compiler versions during development
Impact:
-
Unexpected reverts due to compiler changes
-
Could result in unexpected behavior, or security issues in critical functions.
Proof of Concept
Compiling with a future minor version might alter execution unexpectedly. This illustrate the risk of using a floating pragma.
Recommended Mitigation
By specifying a fixed compiler version the contract always compiles with exactly 0.8.24. This prevents future compiler updates from introducing unexpected changes and ensures consistent execution across deployments and development environments.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.