Omniscia Native Audit

Compilation

Compilation

The project utilizes hardhat as its development pipeline tool, containing an array of tests and scripts coded in TypeScript.

To compile the project, the compile command needs to be issued via the npx CLI tool to hardhat:

npx hardhat compile

The hardhat tool automatically selects Solidity version 0.8.17 based on the version specified within the hardhat.config.ts file.

The project contains discrepancies with regards to the Solidity version used as the pragma statements of the contracts are open-ended (^0.8.9).

We advise them to be locked to 0.8.17 (=0.8.17), the same version utilized for our static analysis as well as optimizational review of the codebase.

During compilation with the hardhat pipeline, no errors were identified that relate to the syntax or bytecode size of the contracts.

We would like to note that several contracts contained potentially harmful open-ended pragma specifications as they were written prior to the 0.8.X Solidity release and thus may not be compatible with the safe arithmetics that are built-in the version utilized to compile this project, as illustrated in some of the findings in the report.