Stratax Contracts

First Flight #57
Beginner FriendlyDeFi
100 EXP
Submission Details
Impact: low
Likelihood: low

Floating Pragma May Lead to Inconsistent Compilation both contracts (Stratax and StrataxOracle)

Author Revealed upon completion

Floating Pragma May Lead to Inconsistent Compilation both contracts (Stratax and StrataxOracle)

Description:
The contract uses a floating Solidity pragma:

@> pragma solidity ^0.8.13;

Using the caret (^) allows the code to be compiled with any future compatible version (e.g., 0.8.14, 0.8.20, etc.).
Different compiler versions may introduce changes in:

  • Optimizer behavior

  • Code generation

  • Security checks

  • Edge-case semantics

This can result in the contracts being compiled differently across environments (local, CI, auditors, or future deployments).

Impact:
While not an immediate vulnerability, floating pragmas create build non-determinism, which:

  • Makes audits non-reproducible

  • Can introduce unnoticed behavioral changes when recompiling

  • Increases long-term maintenance and deployment risk

Recommended Mitigation:
Pin the Solidity version to an exact compiler to ensure deterministic builds:

pragma solidity 0.8.13;

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!