Skip to content

Instantly share code, notes, and snippets.

@lmcorbalan
Created November 3, 2021 18:29
Show Gist options
  • Save lmcorbalan/9d6360767df2d4560cfdb43d83857d30 to your computer and use it in GitHub Desktop.
Save lmcorbalan/9d6360767df2d4560cfdb43d83857d30 to your computer and use it in GitHub Desktop.
Aelin Light Audit - Slither Report
Reentrancy in AelinDeal.transfer(address,uint256) (contracts/AelinDeal.sol#365-372):
External calls:
- _claim(msg.sender) (contracts/AelinDeal.sol#369)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
External calls sending eth:
- _claim(msg.sender) (contracts/AelinDeal.sol#369)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
State variables written after the call(s):
- _claim(recipient) (contracts/AelinDeal.sol#369)
- _balances[account] = accountBalance - amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#282)
- super.transfer(recipient,amount) (contracts/AelinDeal.sol#369-371)
- _balances[sender] = senderBalance - amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#233)
- _balances[recipient] += amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#235)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- _totalSupply -= amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#284)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- lastClaim[recipient] = vestingCliff (contracts/AelinDeal.sol#307)
- lastClaim[recipient] = maxTime (contracts/AelinDeal.sol#330)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- totalUnderlyingClaimed += underlyingDealTokensClaimed (contracts/AelinDeal.sol#324-325)
Reentrancy in AelinDeal.transferFrom(address,address,uint256) (contracts/AelinDeal.sol#373-382):
External calls:
- _claim(sender) (contracts/AelinDeal.sol#377-378)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
External calls sending eth:
- _claim(sender) (contracts/AelinDeal.sol#377-378)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
State variables written after the call(s):
- _claim(recipient) (contracts/AelinDeal.sol#378)
- _balances[account] = accountBalance - amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#282)
- super.transferFrom(sender,recipient,amount) (contracts/AelinDeal.sol#378-382)
- _balances[sender] = senderBalance - amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#233)
- _balances[recipient] += amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#235)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- _totalSupply -= amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#284)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- lastClaim[recipient] = vestingCliff (contracts/AelinDeal.sol#307)
- lastClaim[recipient] = maxTime (contracts/AelinDeal.sol#330)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- totalUnderlyingClaimed += underlyingDealTokensClaimed (contracts/AelinDeal.sol#324-325)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities
AelinDeal.claimableTokens(address) (contracts/AelinDeal.sol#245-285) performs a multiplication on the result of a division:
-underlyingClaimable = (underlyingPerDealExchangeRate * dealTokensClaimable) / 1e18 (contracts/AelinDeal.sol#281-284)
-dealTokensClaimable = (balanceOf(purchaser) * timeElapsed) / vestingPeriod (contracts/AelinDeal.sol#275-280)
AelinDeal._claim(address) (contracts/AelinDeal.sol#290-332) performs a multiplication on the result of a division:
-underlyingDealTokensClaimed = (underlyingPerDealExchangeRate * dealTokensClaimed) / 1e18 (contracts/AelinDeal.sol#315-318)
-dealTokensClaimed = (balanceOf(recipient) * timeElapsed) / vestingPeriod (contracts/AelinDeal.sol#310-314)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply
AelinDeal._claim(address) (contracts/AelinDeal.sol#290-332) uses a dangerous strict equality:
- maxTime > vestingCliff || (maxTime == vestingCliff && vestingPeriod == 0 && lastClaim[recipient] == 0) (contracts/AelinDeal.sol#299-303)
AelinDeal.claimableTokens(address) (contracts/AelinDeal.sol#245-285) uses a dangerous strict equality:
- maxTime > vestingCliff || (maxTime == vestingCliff && vestingPeriod == 0 && lastClaim[purchaser] == 0) (contracts/AelinDeal.sol#263-266)
AelinDeal.claimableTokens(address) (contracts/AelinDeal.sol#245-285) uses a dangerous strict equality:
- lastClaimed == 0 (contracts/AelinDeal.sol#269)
AelinPool._acceptDealTokensProRata(address,uint256,bool) (contracts/AelinPool.sol#312-331) uses a dangerous strict equality:
- proRataConversion != 1e18 && maxProRataAvail(recipient) == 0 (contracts/AelinPool.sol#328-330)
AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256) (contracts/AelinPool.sol#156-246) uses a dangerous strict equality:
- proRataConversion == 1e18 (contracts/AelinPool.sol#185)
AelinPool.maxDealAccept(address) (contracts/AelinPool.sol#437-455) uses a dangerous strict equality:
- holderFundingExpiry == 0 || aelinDeal.proRataRedemptionStart() == 0 || (block.timestamp >= aelinDeal.proRataRedemptionExpiry() && aelinDeal.openRedemptionStart() == 0) || (block.timestamp >= aelinDeal.openRedemptionExpiry() && aelinDeal.openRedemptionStart() != 0) (contracts/AelinPool.sol#443-449)
AelinPool.maxProRataAvail(address) (contracts/AelinPool.sol#266-284) uses a dangerous strict equality:
- balanceOf(purchaser) == 0 || holderFundingExpiry == 0 || AelinDeal(aelinDealStorageProxy).proRataRedemptionStart() == 0 || block.timestamp >= AelinDeal(aelinDealStorageProxy).proRataRedemptionExpiry() (contracts/AelinPool.sol#270-277)
AelinPool.purchasePoolTokens(uint256) (contracts/AelinPool.sol#384-412) uses a dangerous strict equality:
- totalPoolAfter == purchaseTokenCap (contracts/AelinPool.sol#404-405)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities
Reentrancy in AelinDeal._claim(address) (contracts/AelinDeal.sol#290-332):
External calls:
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
State variables written after the call(s):
- lastClaim[recipient] = maxTime (contracts/AelinDeal.sol#330)
Reentrancy in AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256) (contracts/AelinPool.sol#156-246):
External calls:
- aelinDeal.initialize(storedName,storedSymbol,_underlyingDealToken,_underlyingDealTokenTotal,_vestingPeriod,_vestingCliff,_proRataRedemptionPeriod,_openRedemptionPeriod,_holder,maxDealTotalSupply) (contracts/AelinPool.sol#211-223)
State variables written after the call(s):
- aelinDealStorageProxy = address(aelinDeal) (contracts/AelinPool.sol#223-224)
Reentrancy in AelinDeal.depositUnderlying(uint256) (contracts/AelinDeal.sol#128-179):
External calls:
- IERC20(underlyingDealToken).safeTransferFrom(msg.sender,address(this),_underlyingDealTokenAmount) (contracts/AelinDeal.sol#136-140)
State variables written after the call(s):
- depositComplete = true (contracts/AelinDeal.sol#156)
Reentrancy in AelinPool.purchasePoolTokens(uint256) (contracts/AelinPool.sol#384-412):
External calls:
- IERC20(purchaseToken).safeTransferFrom(msg.sender,address(this),_purchaseTokenAmount) (contracts/AelinPool.sol#392-393)
State variables written after the call(s):
- purchaseExpiry = block.timestamp (contracts/AelinPool.sol#406)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1
AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._name (contracts/AelinDeal.sol#49-50) shadows:
- ERC20._name (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#41) (state variable)
AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._symbol (contracts/AelinDeal.sol#50-51) shadows:
- ERC20._symbol (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#42) (state variable)
AelinERC20._setNameSymbolAndDecimals(string,string,uint8)._name (contracts/AelinERC20.sol#50) shadows:
- ERC20._name (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#41) (state variable)
AelinERC20._setNameSymbolAndDecimals(string,string,uint8)._symbol (contracts/AelinERC20.sol#51) shadows:
- ERC20._symbol (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#42) (state variable)
AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._name (contracts/AelinPool.sol#59) shadows:
- ERC20._name (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#41) (state variable)
AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._symbol (contracts/AelinPool.sol#60) shadows:
- ERC20._symbol (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#42) (state variable)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing
AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._holder (contracts/AelinDeal.sol#58) lacks a zero-check on :
- holder = _holder (contracts/AelinDeal.sol#65)
AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._underlyingDealToken (contracts/AelinDeal.sol#51-52) lacks a zero-check on :
- underlyingDealToken = _underlyingDealToken (contracts/AelinDeal.sol#65-67)
AelinDeal.setHolder(address)._holder (contracts/AelinDeal.sol#106) lacks a zero-check on :
- futureHolder = _holder (contracts/AelinDeal.sol#107)
AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._purchaseToken (contracts/AelinPool.sol#62) lacks a zero-check on :
- purchaseToken = _purchaseToken (contracts/AelinPool.sol#87)
AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._sponsor (contracts/AelinPool.sol#65) lacks a zero-check on :
- sponsor = _sponsor (contracts/AelinPool.sol#91)
AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._aelinDealLogicAddress (contracts/AelinPool.sol#67) lacks a zero-check on :
- aelinDealLogicAddress = _aelinDealLogicAddress (contracts/AelinPool.sol#92)
AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._aelinRewardsAddress (contracts/AelinPool.sol#68) lacks a zero-check on :
- aelinRewardsAddress = _aelinRewardsAddress (contracts/AelinPool.sol#93)
AelinPool.setSponsor(address)._sponsor (contracts/AelinPool.sol#131) lacks a zero-check on :
- futureSponsor = _sponsor (contracts/AelinPool.sol#132)
AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._holder (contracts/AelinPool.sol#164) lacks a zero-check on :
- holder = _holder (contracts/AelinPool.sol#196-197)
AelinPoolFactory.constructor(address,address)._aelinPoolLogic (contracts/AelinPoolFactory.sol#19) lacks a zero-check on :
- AELIN_POOL_LOGIC = _aelinPoolLogic (contracts/AelinPoolFactory.sol#20)
AelinPoolFactory.constructor(address,address)._aelinDealLogic (contracts/AelinPoolFactory.sol#19) lacks a zero-check on :
- AELIN_DEAL_LOGIC = _aelinDealLogic (contracts/AelinPoolFactory.sol#21)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
Reentrancy in AelinPool._acceptDealTokensProRata(address,uint256,bool) (contracts/AelinPool.sol#312-331):
External calls:
- acceptDealLogic(recipient,acceptAmount) (contracts/AelinPool.sol#328)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- aelinDeal.mint(sponsor,sponsorFeeAmt) (contracts/AelinPool.sol#362-363)
- aelinDeal.mint(aelinRewardsAddress,aelinFeeAmt) (contracts/AelinPool.sol#363-364)
- aelinDeal.mint(recipient,poolTokenDealFormatted - (sponsorFeeAmt + aelinFeeAmt)) (contracts/AelinPool.sol#364-367)
- IERC20(purchaseToken).safeTransfer(holder,poolTokenAmount) (contracts/AelinPool.sol#367-369)
External calls sending eth:
- acceptDealLogic(recipient,acceptAmount) (contracts/AelinPool.sol#328)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
State variables written after the call(s):
- openPeriodEligible[recipient] = true (contracts/AelinPool.sol#330-331)
Reentrancy in AelinDeal._claim(address) (contracts/AelinDeal.sol#290-332):
External calls:
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
State variables written after the call(s):
- totalUnderlyingClaimed += underlyingDealTokensClaimed (contracts/AelinDeal.sol#324-325)
Reentrancy in AelinDeal.depositUnderlying(uint256) (contracts/AelinDeal.sol#128-179):
External calls:
- IERC20(underlyingDealToken).safeTransferFrom(msg.sender,address(this),_underlyingDealTokenAmount) (contracts/AelinDeal.sol#136-140)
State variables written after the call(s):
- openRedemptionExpiry = proRataRedemptionExpiry + openRedemptionPeriod (contracts/AelinDeal.sol#168-170)
- openRedemptionStart = proRataRedemptionExpiry (contracts/AelinDeal.sol#166-167)
- proRataRedemptionExpiry = block.timestamp + proRataRedemptionPeriod (contracts/AelinDeal.sol#160-163)
- proRataRedemptionStart = block.timestamp (contracts/AelinDeal.sol#160)
Reentrancy in AelinPool.purchasePoolTokens(uint256) (contracts/AelinPool.sol#384-412):
External calls:
- IERC20(purchaseToken).safeTransferFrom(msg.sender,address(this),_purchaseTokenAmount) (contracts/AelinPool.sol#392-393)
State variables written after the call(s):
- _mint(msg.sender,purchaseTokenAmount) (contracts/AelinPool.sol#407-408)
- _balances[account] += amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#257)
- _mint(msg.sender,purchaseTokenAmount) (contracts/AelinPool.sol#407-408)
- _totalSupply += amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#256)
Reentrancy in AelinDeal.transferFrom(address,address,uint256) (contracts/AelinDeal.sol#373-382):
External calls:
- _claim(sender) (contracts/AelinDeal.sol#377-378)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
External calls sending eth:
- _claim(sender) (contracts/AelinDeal.sol#377-378)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
State variables written after the call(s):
- super.transferFrom(sender,recipient,amount) (contracts/AelinDeal.sol#378-382)
- _allowances[owner][spender] = amount (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#312)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2
Reentrancy in AelinDeal._claim(address) (contracts/AelinDeal.sol#290-332):
External calls:
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
Event emitted after the call(s):
- ClaimedUnderlyingDealTokens(underlyingDealToken,recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#325-329)
Reentrancy in AelinPool._withdraw(uint256) (contracts/AelinPool.sol#426-435):
External calls:
- IERC20(purchaseToken).safeTransfer(msg.sender,purchaseTokenAmount) (contracts/AelinPool.sol#433-434)
Event emitted after the call(s):
- WithdrawFromPool(msg.sender,address(this),purchaseTokenAmount) (contracts/AelinPool.sol#434-435)
Reentrancy in AelinPool.acceptDealLogic(address,uint256) (contracts/AelinPool.sol#348-374):
External calls:
- aelinDeal.mint(sponsor,sponsorFeeAmt) (contracts/AelinPool.sol#362-363)
- aelinDeal.mint(aelinRewardsAddress,aelinFeeAmt) (contracts/AelinPool.sol#363-364)
- aelinDeal.mint(recipient,poolTokenDealFormatted - (sponsorFeeAmt + aelinFeeAmt)) (contracts/AelinPool.sol#364-367)
- IERC20(purchaseToken).safeTransfer(holder,poolTokenAmount) (contracts/AelinPool.sol#367-369)
Event emitted after the call(s):
- AcceptDeal(recipient,address(this),aelinDealStorageProxy,poolTokenAmount,sponsorFeeAmt,aelinFeeAmt) (contracts/AelinPool.sol#369-374)
Reentrancy in AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256) (contracts/AelinPool.sol#156-246):
External calls:
- aelinDeal.initialize(storedName,storedSymbol,_underlyingDealToken,_underlyingDealTokenTotal,_vestingPeriod,_vestingCliff,_proRataRedemptionPeriod,_openRedemptionPeriod,_holder,maxDealTotalSupply) (contracts/AelinPool.sol#211-223)
Event emitted after the call(s):
- CreateDeal(string(abi.encodePacked(aeDeal-,storedName)),string(abi.encodePacked(aeD-,storedSymbol)),sponsor,address(this),address(aelinDeal)) (contracts/AelinPool.sol#224-232)
- DealDetails(address(aelinDeal),_underlyingDealToken,_purchaseTokenTotalForDeal,_underlyingDealTokenTotal,_vestingPeriod,_vestingCliff,_proRataRedemptionPeriod,_openRedemptionPeriod,_holder,_holderFundingExpiry) (contracts/AelinPool.sol#232-244)
Reentrancy in AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256) (contracts/AelinPoolFactory.sol#27-65):
External calls:
- aelin_pool.initialize(_name,_symbol,_purchaseTokenCap,_purchaseToken,_duration,_sponsorFee,msg.sender,_purchaseExpiry,AELIN_DEAL_LOGIC,AELIN_REWARDS) (contracts/AelinPoolFactory.sol#39-50)
Event emitted after the call(s):
- CreatePool(address(aelin_pool),string(abi.encodePacked(aePool-,_name)),string(abi.encodePacked(aeP-,_symbol)),_purchaseTokenCap,_purchaseToken,_duration,_sponsorFee,msg.sender,_purchaseExpiry) (contracts/AelinPoolFactory.sol#52-62)
Reentrancy in AelinDeal.depositUnderlying(uint256) (contracts/AelinDeal.sol#128-179):
External calls:
- IERC20(underlyingDealToken).safeTransferFrom(msg.sender,address(this),_underlyingDealTokenAmount) (contracts/AelinDeal.sol#136-140)
Event emitted after the call(s):
- DealFullyFunded(aelinPool,address(this),proRataRedemptionStart,proRataRedemptionExpiry,openRedemptionStart,openRedemptionExpiry) (contracts/AelinDeal.sol#171-177)
- DepositDealTokens(underlyingDealToken,msg.sender,address(this),underlyingDealTokenAmount) (contracts/AelinDeal.sol#147-150)
Reentrancy in AelinPool.purchasePoolTokens(uint256) (contracts/AelinPool.sol#384-412):
External calls:
- IERC20(purchaseToken).safeTransferFrom(msg.sender,address(this),_purchaseTokenAmount) (contracts/AelinPool.sol#392-393)
Event emitted after the call(s):
- PurchasePoolToken(msg.sender,address(this),purchaseTokenAmount) (contracts/AelinPool.sol#409-412)
- Transfer(address(0),account,amount) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#258)
- _mint(msg.sender,purchaseTokenAmount) (contracts/AelinPool.sol#407-408)
Reentrancy in AelinDeal.transfer(address,uint256) (contracts/AelinDeal.sol#365-372):
External calls:
- _claim(msg.sender) (contracts/AelinDeal.sol#369)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
External calls sending eth:
- _claim(msg.sender) (contracts/AelinDeal.sol#369)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
Event emitted after the call(s):
- ClaimedUnderlyingDealTokens(underlyingDealToken,recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#325-329)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- Transfer(account,address(0),amount) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#286)
- _claim(recipient) (contracts/AelinDeal.sol#369)
- Transfer(sender,recipient,amount) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#237)
- super.transfer(recipient,amount) (contracts/AelinDeal.sol#369-371)
Reentrancy in AelinDeal.transferFrom(address,address,uint256) (contracts/AelinDeal.sol#373-382):
External calls:
- _claim(sender) (contracts/AelinDeal.sol#377-378)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- returndata = address(token).functionCall(data,SafeERC20: low-level call failed) (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#92)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- IERC20(underlyingDealToken).safeTransfer(recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#321-324)
External calls sending eth:
- _claim(sender) (contracts/AelinDeal.sol#377-378)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
Event emitted after the call(s):
- Approval(owner,spender,amount) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#313)
- super.transferFrom(sender,recipient,amount) (contracts/AelinDeal.sol#378-382)
- ClaimedUnderlyingDealTokens(underlyingDealToken,recipient,underlyingDealTokensClaimed) (contracts/AelinDeal.sol#325-329)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- Transfer(account,address(0),amount) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#286)
- _claim(recipient) (contracts/AelinDeal.sol#378)
- Transfer(sender,recipient,amount) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#237)
- super.transferFrom(sender,recipient,amount) (contracts/AelinDeal.sol#378-382)
Reentrancy in AelinDeal.withdraw() (contracts/AelinDeal.sol#197-206):
External calls:
- IERC20(underlyingDealToken).safeTransfer(holder,withdrawAmount) (contracts/AelinDeal.sol#201-203)
Event emitted after the call(s):
- WithdrawUnderlyingDealTokens(underlyingDealToken,holder,address(this),withdrawAmount) (contracts/AelinDeal.sol#203-206)
Reentrancy in AelinDeal.withdrawExpiry() (contracts/AelinDeal.sol#214-235):
External calls:
- IERC20(underlyingDealToken).safeTransfer(holder,withdrawAmount) (contracts/AelinDeal.sol#230-231)
Event emitted after the call(s):
- WithdrawUnderlyingDealTokens(underlyingDealToken,holder,address(this),withdrawAmount) (contracts/AelinDeal.sol#231-235)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3
AelinDeal.withdrawExpiry() (contracts/AelinDeal.sol#214-235) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(proRataRedemptionExpiry > 0,redemption period not started) (contracts/AelinDeal.sol#215-217)
- openRedemptionExpiry > 0 (contracts/AelinDeal.sol#217-225)
- require(bool,string)(block.timestamp >= openRedemptionExpiry,redeem window still active) (contracts/AelinDeal.sol#217-225)
- require(bool,string)(block.timestamp >= proRataRedemptionExpiry,redeem window still active) (contracts/AelinDeal.sol#217-225)
AelinDeal.claimableTokens(address) (contracts/AelinDeal.sol#245-285) uses timestamp for comparisons
Dangerous comparisons:
- maxTime > vestingCliff || (maxTime == vestingCliff && vestingPeriod == 0 && lastClaim[purchaser] == 0) (contracts/AelinDeal.sol#263-266)
- lastClaimed == 0 (contracts/AelinDeal.sol#269)
- lastClaimed >= maxTime && vestingPeriod != 0 (contracts/AelinDeal.sol#272-273)
- block.timestamp > vestingExpiry (contracts/AelinDeal.sol#256-263)
AelinDeal._claim(address) (contracts/AelinDeal.sol#290-332) uses timestamp for comparisons
Dangerous comparisons:
- balanceOf(recipient) > 0 (contracts/AelinDeal.sol#292)
- maxTime > vestingCliff || (maxTime == vestingCliff && vestingPeriod == 0 && lastClaim[recipient] == 0) (contracts/AelinDeal.sol#299-303)
- dealTokensClaimed > 0 (contracts/AelinDeal.sol#319)
- block.timestamp > vestingExpiry (contracts/AelinDeal.sol#292-299)
AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256) (contracts/AelinPool.sol#156-246) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp >= purchaseExpiry,pool still in purchase mode) (contracts/AelinPool.sol#167-170)
AelinPool.maxProRataAvail(address) (contracts/AelinPool.sol#266-284) uses timestamp for comparisons
Dangerous comparisons:
- balanceOf(purchaser) == 0 || holderFundingExpiry == 0 || AelinDeal(aelinDealStorageProxy).proRataRedemptionStart() == 0 || block.timestamp >= AelinDeal(aelinDealStorageProxy).proRataRedemptionExpiry() (contracts/AelinPool.sol#270-277)
AelinPool._acceptDealTokens(address,uint256,bool) (contracts/AelinPool.sol#292-311) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp >= aelinDeal.proRataRedemptionStart() && block.timestamp < aelinDeal.proRataRedemptionExpiry() (contracts/AelinPool.sol#300-303)
- aelinDeal.openRedemptionStart() > 0 && block.timestamp < aelinDeal.openRedemptionExpiry() (contracts/AelinPool.sol#306-308)
AelinPool.purchasePoolTokens(uint256) (contracts/AelinPool.sol#384-412) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp < purchaseExpiry,not in purchase window) (contracts/AelinPool.sol#388-389)
AelinPool._withdraw(uint256) (contracts/AelinPool.sol#426-435) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp >= poolExpiry,not yet withdraw period) (contracts/AelinPool.sol#429-430)
AelinPool.maxDealAccept(address) (contracts/AelinPool.sol#437-455) uses timestamp for comparisons
Dangerous comparisons:
- holderFundingExpiry == 0 || aelinDeal.proRataRedemptionStart() == 0 || (block.timestamp >= aelinDeal.proRataRedemptionExpiry() && aelinDeal.openRedemptionStart() == 0) || (block.timestamp >= aelinDeal.openRedemptionExpiry() && aelinDeal.openRedemptionStart() != 0) (contracts/AelinPool.sol#443-449)
- block.timestamp < aelinDeal.proRataRedemptionExpiry() (contracts/AelinPool.sol#450)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp
Address.isContract(address) (node_modules/@openzeppelin/contracts/utils/Address.sol#26-36) uses assembly
- INLINE ASM (node_modules/@openzeppelin/contracts/utils/Address.sol#32-34)
Address.verifyCallResult(bool,bytes,string) (node_modules/@openzeppelin/contracts/utils/Address.sol#195-215) uses assembly
- INLINE ASM (node_modules/@openzeppelin/contracts/utils/Address.sol#207-210)
MinimalProxyFactory._cloneAsMinimalProxy(address,string) (contracts/MinimalProxyFactory.sol#6-22) uses assembly
- INLINE ASM (contracts/MinimalProxyFactory.sol#12-18)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
AelinDeal.depositUnderlying(uint256) (contracts/AelinDeal.sol#128-179) compares to a boolean constant:
-depositComplete == true (contracts/AelinDeal.sol#157-159)
AelinDeal.initOnce() (contracts/AelinDeal.sol#94-97) compares to a boolean constant:
-require(bool,string)(calledInitialize == false,can only initialize once) (contracts/AelinDeal.sol#95-97)
AelinDeal.finalizeDepositOnce() (contracts/AelinDeal.sol#97-103) compares to a boolean constant:
-require(bool,string)(depositComplete == false,deposit already complete) (contracts/AelinDeal.sol#101)
AelinERC20.initInfoOnce() (contracts/AelinERC20.sol#27-30) compares to a boolean constant:
-require(bool,string)(setInfo == false,can only initialize once) (contracts/AelinERC20.sol#28)
AelinERC20.lock() (contracts/AelinERC20.sol#66-71) compares to a boolean constant:
-require(bool,string)(locked == false,AelinV1: LOCKED) (contracts/AelinERC20.sol#67)
AelinPool.dealReady() (contracts/AelinPool.sol#97-106) compares to a boolean constant:
-require(bool,string)(AelinDeal(aelinDealStorageProxy).depositComplete() == false && block.timestamp >= holderFundingExpiry,cant create new deal) (contracts/AelinPool.sol#99-103)
AelinPool.initOnce() (contracts/AelinPool.sol#108-112) compares to a boolean constant:
-require(bool,string)(calledInitialize == false,can only initialize once) (contracts/AelinPool.sol#109)
AelinPool.dealFunded() (contracts/AelinPool.sol#119-126) compares to a boolean constant:
-require(bool,string)(holderFundingExpiry > 0 && AelinDeal(aelinDealStorageProxy).depositComplete() == true,deal not yet funded) (contracts/AelinPool.sol#120-124)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#boolean-equality
Different versions of Solidity is used:
- Version used: ['0.8.6', '>=0.6.0<0.8.7', '^0.8.0']
- ^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#3)
- ^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/IERC20.sol#3)
- ^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#3)
- ^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#3)
- ^0.8.0 (node_modules/@openzeppelin/contracts/utils/Address.sol#3)
- ^0.8.0 (node_modules/@openzeppelin/contracts/utils/Context.sol#3)
- 0.8.6 (contracts/AelinDeal.sol#2)
- 0.8.6 (contracts/AelinERC20.sol#2)
- 0.8.6 (contracts/AelinPool.sol#2)
- 0.8.6 (contracts/AelinPoolFactory.sol#2)
- >=0.6.0<0.8.7 (contracts/MinimalProxyFactory.sol#2)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used
Pragma version^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/IERC20.sol#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version^0.8.0 (node_modules/@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version^0.8.0 (node_modules/@openzeppelin/contracts/utils/Address.sol#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version^0.8.0 (node_modules/@openzeppelin/contracts/utils/Context.sol#3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version0.8.6 (contracts/AelinDeal.sol#2) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version0.8.6 (contracts/AelinERC20.sol#2) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version0.8.6 (contracts/AelinPool.sol#2) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version0.8.6 (contracts/AelinPoolFactory.sol#2) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6
Pragma version>=0.6.0<0.8.7 (contracts/MinimalProxyFactory.sol#2) is too complex
solc-0.8.6 is not recommended for deployment
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity
Low level call in Address.sendValue(address,uint256) (node_modules/@openzeppelin/contracts/utils/Address.sol#54-59):
- (success) = recipient.call{value: amount}() (node_modules/@openzeppelin/contracts/utils/Address.sol#57)
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (node_modules/@openzeppelin/contracts/utils/Address.sol#122-133):
- (success,returndata) = target.call{value: value}(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#131)
Low level call in Address.functionStaticCall(address,bytes,string) (node_modules/@openzeppelin/contracts/utils/Address.sol#151-160):
- (success,returndata) = target.staticcall(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#158)
Low level call in Address.functionDelegateCall(address,bytes,string) (node_modules/@openzeppelin/contracts/utils/Address.sol#178-187):
- (success,returndata) = target.delegatecall(data) (node_modules/@openzeppelin/contracts/utils/Address.sol#185)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._name (contracts/AelinDeal.sol#49-50) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._symbol (contracts/AelinDeal.sol#50-51) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._underlyingDealToken (contracts/AelinDeal.sol#51-52) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._underlyingDealTokenTotal (contracts/AelinDeal.sol#53-54) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._vestingPeriod (contracts/AelinDeal.sol#54) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._vestingCliff (contracts/AelinDeal.sol#55) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._proRataRedemptionPeriod (contracts/AelinDeal.sol#55-57) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._openRedemptionPeriod (contracts/AelinDeal.sol#57) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._holder (contracts/AelinDeal.sol#58) is not in mixedCase
Parameter AelinDeal.initialize(string,string,address,uint256,uint256,uint256,uint256,uint256,address,uint256)._maxDealTotalSupply (contracts/AelinDeal.sol#58-59) is not in mixedCase
Parameter AelinDeal.setHolder(address)._holder (contracts/AelinDeal.sol#106) is not in mixedCase
Parameter AelinDeal.depositUnderlying(uint256)._underlyingDealTokenAmount (contracts/AelinDeal.sol#128) is not in mixedCase
Variable AelinERC20._custom_name (contracts/AelinERC20.sol#20) is not in mixedCase
Variable AelinERC20._custom_symbol (contracts/AelinERC20.sol#21) is not in mixedCase
Variable AelinERC20._custom_decimals (contracts/AelinERC20.sol#22) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._name (contracts/AelinPool.sol#59) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._symbol (contracts/AelinPool.sol#60) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._purchaseTokenCap (contracts/AelinPool.sol#61) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._purchaseToken (contracts/AelinPool.sol#62) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._duration (contracts/AelinPool.sol#63) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._sponsorFee (contracts/AelinPool.sol#64) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._sponsor (contracts/AelinPool.sol#65) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._purchaseExpiry (contracts/AelinPool.sol#66) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._aelinDealLogicAddress (contracts/AelinPool.sol#67) is not in mixedCase
Parameter AelinPool.initialize(string,string,uint256,address,uint256,uint256,address,uint256,address,address)._aelinRewardsAddress (contracts/AelinPool.sol#68) is not in mixedCase
Parameter AelinPool.setSponsor(address)._sponsor (contracts/AelinPool.sol#131) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._underlyingDealToken (contracts/AelinPool.sol#157) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._purchaseTokenTotalForDeal (contracts/AelinPool.sol#158) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._underlyingDealTokenTotal (contracts/AelinPool.sol#159) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._vestingPeriod (contracts/AelinPool.sol#160) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._vestingCliff (contracts/AelinPool.sol#161) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._proRataRedemptionPeriod (contracts/AelinPool.sol#162) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._openRedemptionPeriod (contracts/AelinPool.sol#163) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._holder (contracts/AelinPool.sol#164) is not in mixedCase
Parameter AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256)._holderFundingExpiry (contracts/AelinPool.sol#165) is not in mixedCase
Parameter AelinPool.purchasePoolTokens(uint256)._purchaseTokenAmount (contracts/AelinPool.sol#385-387) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._name (contracts/AelinPoolFactory.sol#28) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._symbol (contracts/AelinPoolFactory.sol#29) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._purchaseTokenCap (contracts/AelinPoolFactory.sol#30) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._purchaseToken (contracts/AelinPoolFactory.sol#31) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._duration (contracts/AelinPoolFactory.sol#32) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._sponsorFee (contracts/AelinPoolFactory.sol#33) is not in mixedCase
Parameter AelinPoolFactory.createPool(string,string,uint256,address,uint256,uint256,uint256)._purchaseExpiry (contracts/AelinPoolFactory.sol#34) is not in mixedCase
Variable AelinPoolFactory.AELIN_POOL_LOGIC (contracts/AelinPoolFactory.sol#16) is not in mixedCase
Variable AelinPoolFactory.AELIN_DEAL_LOGIC (contracts/AelinPoolFactory.sol#17) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
name() should be declared external:
- AelinERC20.name() (contracts/AelinERC20.sol#37-39)
- ERC20.name() (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#61-63)
symbol() should be declared external:
- AelinERC20.symbol() (contracts/AelinERC20.sol#41-43)
- ERC20.symbol() (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#69-71)
decimals() should be declared external:
- AelinERC20.decimals() (contracts/AelinERC20.sol#45-47)
- ERC20.decimals() (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#86-88)
allowance(address,address) should be declared external:
- ERC20.allowance(address,address) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#120-122)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#131-134)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#177-180)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (node_modules/@openzeppelin/contracts/token/ERC20/ERC20.sol#196-204)
claim() should be declared external:
- AelinDeal.claim() (contracts/AelinDeal.sol#289-290)
createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256) should be declared external:
- AelinPool.createDeal(address,uint256,uint256,uint256,uint256,uint256,uint256,address,uint256) (contracts/AelinPool.sol#156-246)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-external
. analyzed (12 contracts with 75 detectors), 140 result(s) found
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment