Skip to content

Instantly share code, notes, and snippets.

@bytes032

bytes032/.md Secret

Created May 5, 2023 15:30
Show Gist options
  • Save bytes032/161089af6b155237f266672f79c02bc9 to your computer and use it in GitHub Desktop.
Save bytes032/161089af6b155237f266672f79c02bc9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
.md

Context: Fastswitchboard.sol

Severity: Low Description:  https://github.com/SocketDotTech/socket-DL/blob/7e35397543bade26c3f1bd0b34fe69875cc3b73f/contracts/switchboard/default-switchboards/FastSwitchboard.sol

All the hasRole calls use plain strings instead of the access role constants.

https://github.com/SocketDotTech/socket-DL/blob/7e35397543bade26c3f1bd0b34fe69875cc3b73f/contracts/utils/AccessRoles.sol#L3-L11

bytes32 constant RESCUE_ROLE = keccak256("RESCUE_ROLE");
bytes32 constant WITHDRAW_ROLE = keccak256("WITHDRAW_ROLE");
bytes32 constant TRIP_ROLE = keccak256("TRIP_ROLE");
bytes32 constant UNTRIP_ROLE = keccak256("UNTRIP_ROLE");
bytes32 constant GOVERNANCE_ROLE = keccak256("GOVERNANCE_ROLE");
bytes32 constant GAS_LIMIT_UPDATER_ROLE = keccak256("GAS_LIMIT_UPDATER_ROLE");
bytes32 constant EXECUTOR_ROLE = keccak256("EXECUTOR_ROLE");

Recommendation:

Use the access role constants

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment