Omniscia Avant Protocol Audit
AbstractCCIPMessagingUpgradeable Code Style Findings
AbstractCCIPMessagingUpgradeable Code Style Findings
ACC-01C: Generic Typographic Mistake
| Type | Severity | Location |
|---|---|---|
| Code Style |  | AbstractCCIPMessagingUpgradeable.sol:L152 |
Description:
The referenced line contains a typographical mistake (i.e. private variable without an underscore prefix, a non-snake_case module) or generic documentational error (i.e. copy-paste) that should be corrected.
Example:
152* this involves burning tokens on the bridged/destination chain.Recommendation:
We advise this to be done so to enhance the legibility of the codebase.
Alleviation (c5b31e01e4d5cf94e0ef3523780c4aac764127bf):
The referenced documentation was corrected to indicate that the tokens are extracted on the origin chain rather than the target / destination chain.
ACC-02C: Incorrect Exposure of Function
| Type | Severity | Location |
|---|---|---|
| Gas Optimization | | AbstractCCIPMessagingUpgradeable.sol:L288-L290 |
Description:
The AbstractCCIPMessagingUpgradeable::authorizeUpgrade function that has been set as publicly accessible is redundant as it results in a no-op and simply applies access control.
Example:
283/**284 * @notice Authorizes an upgrade to a new implementation.285 * @param newImplementation The address of the new implementation.286 * @dev Only callable by the contract owner.287 */288function authorizeUpgrade(address newImplementation) public {289 _authorizeUpgrade(newImplementation);290}Recommendation:
We advise it to be omitted, optimizing the bytecode size of the contract.
Alleviation (c5b31e01e4d5cf94e0ef3523780c4aac764127bf):
The publicly-available AbstractCCIPMessagingUpgradeable::authorizeUpgrade function has been removed as a result of this exhibit, addressing it in the process.
ACC-03C: Inexistent Configuration of Indexed Arguments
| Type | Severity | Location |
|---|---|---|
| Standard Conformity | | AbstractCCIPMessagingUpgradeable.sol: • I-1: L38 • I-2: L54 • I-3: L65 |
Description:
The referenced events do not emit any indexed arguments rendering off-chain filtering computationally expensive.
Example:
36event CCIPMessageReceived(37 bytes32 messageId,38 uint64 sourceChainSelector,39 address tokenSender,40 address tokenReceiver,41 uint256 tokenAmount42);Recommendation:
We advise the chain ID variables on each argument to be set as indexed, permitting all operations from or toward a particular chain ID to be filtered optimally.
Alleviation (c5b31e01e4d5cf94e0ef3523780c4aac764127bf):
An indexed argument has been introduced across all referenced event declarations, addressing this exhibit.
ACC-04C: Sub-Optimal Contract Initialization
| Type | Severity | Location |
|---|---|---|
| Gas Optimization | | AbstractCCIPMessagingUpgradeable.sol:L115, L128 |
Description:
The AbstractCCIPMessagingUpgradeable::__AbstractCCIPMessagingUpgradeable_init function will invoke the AbstractCCIPMessagingUpgradeable::setCCIPRouter function that applies the OwnableUpgradeable::onlyOwner modifier redundantly.
Example:
106/**107 * @notice Initializes the contract.108 * @param _owner The address of the contract owner.109 * @param _ccipRouter The address of the Chainlink CCIP router.110 * @dev This function should be called during the contract's deployment or upgrade process.111 */112function __AbstractCCIPMessagingUpgradeable_init(address _owner, address _ccipRouter) internal onlyInitializing {113 __Ownable_init(_owner);114 __UUPSUpgradeable_init();115 setCCIPRouter(_ccipRouter);116}117
118// ┌─────────────────────────────────────────────────────────────┐119// | Admin functions |120// └─────────────────────────────────────────────────────────────┘121
122/**123 * @notice Sets the CCIP router address.124 * @param _ccipRouter The new address of the CCIP router.125 * @dev Only callable by the contract owner. Setting to zero disables CCIP bridging.126 * @dev Zero address is allowed (which becomes an 'unset').127 */128function setCCIPRouter(address _ccipRouter) public onlyOwner {129 ccipRouter = _ccipRouter;130 emit CCIPRouterUpdated(_ccipRouter);131}Recommendation:
We advise the code of the AbstractCCIPMessagingUpgradeable::setCCIPRouter function to be internalized to an internal and underscore-prefixed (_) function variant with no access control, permitting both functions to invoke it optimally.
Alleviation (c5b31e01e4d5cf94e0ef3523780c4aac764127bf):
The code was refactored per our recommendation, permitting an internally available AbstractCCIPMessagingUpgradeable::_setCCIPRouter function to be invoked by the AbstractCCIPMessagingUpgradeable::__AbstractCCIPMessagingUpgradeable_init function in an optimal way.