Compilation

The project utilizes hardhat as its development pipeline tool, containing an array of tests and scripts coded in TypeScript.

To compile the project, the compile command needs to be issued via the npx CLI tool to hardhat:

Copy
npx hardhat compile

The hardhat tool automatically selects Solidity version 0.8.5 based on the version specified within the hardhat.config.ts file.

The project contains discrepancies with regards to the Solidity version used as the pragma statements are open-ended (^0.8.5).

We advise the Keyko team to lock the pragma statements to 0.8.5 (=0.8.5), the same version utilized for our static analysis as well as optimizational review of the codebase.

During compilation with the hardhat pipeline, no errors were identified that relate to the syntax or bytecode size of the contracts.

In order to execute static analysis on the codebase, we had to adjust the codebase to a different compilation architecture that produces compliant compilation artifacts with our toolkit and as a result, discrepancies between the static analysis findings we have detected and an independent analysis may detect are expected.