-
-
Save maxsam4/f6d0a55e41721512bafb917040201f7e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
'npx buidler compile' running | |
All contracts have already been compiled, skipping compilation. | |
ERROR:ContractSolcParsing:Missing inheritance <slither.solc_parsing.declarations.contract.ContractSolc object at 0x7f1b6ce37f98> | |
ERROR:ConvertToIR:Function not found getFreeTokens(address,uint256) | |
ERROR:ContractSolcParsing:Impossible to generate IR for MockTokenMarketDeployer.addLiquidity | |
ERROR:ConvertToIR:Function not found getFreeTokens(address,uint256) | |
ERROR:ContractSolcParsing:Impossible to generate IR for MockTokenMarketDeployer.deployPoolMarketWithLiquidity | |
ERROR:ConvertToIR:Function not found getFreeTokens(address,uint256) | |
ERROR:ContractSolcParsing:Impossible to generate IR for MockTokenMarketDeployer.addPoolMarketLiquidity | |
ERROR:ConvertToIR:Function not found getFreeTokens(address,uint256) | |
ERROR:ContractSolcParsing:Impossible to generate IR for MockTokenMarketDeployer.mintPoolTokens | |
INFO:Detectors:[91m | |
IERC20 is re-used: | |
- contracts/interfaces/IERC20.sol#3-17 | |
- contracts/balancer/BToken.sol#8-27 | |
SafeMath is re-used: | |
- contracts/openzeppelin/SafeMath.sol#18-159 | |
- contracts/lib/SafeMath.sol#5-17 | |
MockERC20 (contracts/mocks/MockERC20.sol#5-29) inherits from a contract for which the name is reused. | |
- Slither could not determine which contract has a duplicate name: | |
-BaseERC20 (contracts/openzeppelin/BaseERC20.sol#32-272) | |
- Check if: | |
- A inherited contract is missing from this list, | |
- The contract are imported from the correct files. | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#name-reused[0m | |
INFO:Detectors:[91m | |
BaseERC20._totalSupply (contracts/openzeppelin/BaseERC20.sol#39) is never initialized. It is used in: | |
- BaseERC20.totalSupply() (contracts/openzeppelin/BaseERC20.sol#95-97) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-state-variables[0m | |
INFO:Detectors:[93m | |
PoolController.reindexPool(uint256,uint256) (contracts/PoolController.sol#126-156) performs a multiplication on the result of a division: | |
-minimumBalances[i] = prices[i].reciprocal().mul(totalValue / 25).decode144() (contracts/PoolController.sol#148-150) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply[0m | |
INFO:Detectors:[93m | |
BPool._pullUnderlying(address,address,uint256) (contracts/balancer/BPool.sol#1086-1098) uses a dangerous strict equality: | |
- require(bool,string)(success && (data.length == 0 || abi.decode(data,(bool))),ERR_ERC20_FALSE) (contracts/balancer/BPool.sol#1094-1097) | |
BPool._pushUnderlying(address,address,uint256) (contracts/balancer/BPool.sol#1100-1112) uses a dangerous strict equality: | |
- require(bool,string)(success && (data.length == 0 || abi.decode(data,(bool))),ERR_ERC20_FALSE) (contracts/balancer/BPool.sol#1108-1111) | |
BNum.bdiv(uint256,uint256) (contracts/balancer/BNum.sol#49-57) uses a dangerous strict equality: | |
- require(bool,string)(a == 0 || c0 / a == BONE,ERR_DIV_INTERNAL) (contracts/balancer/BNum.sol#52) | |
BNum.bmul(uint256,uint256) (contracts/balancer/BNum.sol#40-47) uses a dangerous strict equality: | |
- require(bool,string)(a == 0 || c0 / a == b,ERR_MUL_OVERFLOW) (contracts/balancer/BNum.sol#42) | |
BNum.bpow(uint256,uint256) (contracts/balancer/BNum.sol#76-91) uses a dangerous strict equality: | |
- remain == 0 (contracts/balancer/BNum.sol#85) | |
BNum.bpowApprox(uint256,uint256,uint256) (contracts/balancer/BNum.sol#93-126) uses a dangerous strict equality: | |
- term == 0 (contracts/balancer/BNum.sol#114) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#dangerous-strict-equalities[0m | |
INFO:Detectors:[93m | |
Reentrancy in BaseERC20._transfer(address,address,uint256) (contracts/openzeppelin/BaseERC20.sol#214-223): | |
External calls: | |
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (contracts/openzeppelin/BaseERC20.sol#220) | |
State variables written after the call(s): | |
- _balances[recipient] = _balances[recipient].add(amount) (contracts/openzeppelin/BaseERC20.sol#221) | |
Reentrancy in BPool.exitswapExternAmountOut(address,uint256,uint256) (contracts/balancer/BPool.sol#503-543): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#531) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
State variables written after the call(s): | |
- _burnPoolShare(bsub(poolAmountIn,exitFee)) (contracts/balancer/BPool.sol#538) | |
- _totalSupply = bsub(_totalSupply,amt) (contracts/balancer/BToken.sol#47) | |
Reentrancy in BPool.exitswapPoolAmountIn(address,uint256,uint256) (contracts/balancer/BPool.sol#455-494): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#483) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
State variables written after the call(s): | |
- _burnPoolShare(bsub(poolAmountIn,exitFee)) (contracts/balancer/BPool.sol#489) | |
- _totalSupply = bsub(_totalSupply,amt) (contracts/balancer/BToken.sol#47) | |
Reentrancy in BPool.flashBorrow(IFlashLoanRecipient,address,uint256,bytes) (contracts/balancer/BPool.sol#583-617): | |
External calls: | |
- _pushUnderlying(token,address(recipient),amount) (contracts/balancer/BPool.sol#596) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
- recipient.receiveFlashLoan(data) (contracts/balancer/BPool.sol#597) | |
State variables written after the call(s): | |
- _records[token].balance = balEnd (contracts/balancer/BPool.sol#605) | |
- _records[token].ready = true (contracts/balancer/BPool.sol#612) | |
- _records[token].denorm = uint96(MIN_WEIGHT) (contracts/balancer/BPool.sol#613) | |
Reentrancy in PoolController.reindexPool(uint256,uint256) (contracts/PoolController.sol#126-156): | |
External calls: | |
- BPool(poolAddress).reindexTokens(tokens,denormalizedWeights,minimumBalances) (contracts/PoolController.sol#153) | |
State variables written after the call(s): | |
- _poolUpdateRecords[poolAddress] = record (contracts/PoolController.sol#155) | |
Reentrancy in PoolController.reweighPool(address) (contracts/PoolController.sol#162-183): | |
External calls: | |
- BPool(poolAddress).reweighTokens(tokens,denormalizedWeights) (contracts/PoolController.sol#180) | |
State variables written after the call(s): | |
- _poolUpdateRecords[poolAddress] = record (contracts/PoolController.sol#182) | |
Reentrancy in BPool.swapExactAmountIn(address,uint256,address,uint256,uint256) (contracts/balancer/BPool.sol#626-695): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#668) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
State variables written after the call(s): | |
- _records[tokenOut].balance = outRecord.balance (contracts/balancer/BPool.sol#672) | |
Reentrancy in BPool.swapExactAmountOut(address,uint256,address,uint256,uint256) (contracts/balancer/BPool.sol#703-772): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#745) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
State variables written after the call(s): | |
- _records[tokenOut].balance = outRecord.balance (contracts/balancer/BPool.sol#749) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-1[0m | |
INFO:Detectors:[93m | |
FixedPoint.mul(FixedPoint.uq112x112,uint256).z (contracts/lib/FixedPoint.sol#44) is a local variable never initialized | |
UniswapV2Library.getAmountsOut(address,uint256,address[]).i (contracts/lib/UniswapV2Library.sol#135) is a local variable never initialized | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#uninitialized-local-variables[0m | |
INFO:Detectors:[93m | |
PoolController.deployIndexPool(uint256,uint256,string,string,uint256) (contracts/PoolController.sol#85-120) ignores return value by IERC20(tokens[i]).approve(bpoolAddress,balances[i]) (contracts/PoolController.sol#110) | |
MockTokenMarketDeployer.deployTokenAndMarketWithLiquidity(string,string,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#54-64) ignores return value by factory.createPair(address(token),address(weth)) (contracts/mocks/MockTokenMarketDeployer.sol#62) | |
MockTokenMarketDeployer.deployPoolMarketWithLiquidity(BPool,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#87-98) ignores return value by factory.createPair(address(pool),address(weth)) (contracts/mocks/MockTokenMarketDeployer.sol#93) | |
MockTokenMarketDeployer.deployPoolMarketWithLiquidity(BPool,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#87-98) ignores return value by pool.approve(address(router),amountPool) (contracts/mocks/MockTokenMarketDeployer.sol#95) | |
MockTokenMarketDeployer.addPoolMarketLiquidity(BPool,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#100-119) ignores return value by pool.approve(address(router),amountPool) (contracts/mocks/MockTokenMarketDeployer.sol#106) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-return[0m | |
INFO:Detectors:[92m | |
MarketOracle.constructor(address,address,address)._uniswapFactory (contracts/MarketOracle.sol#37) shadows: | |
- UniSwapV2PriceOracle._uniswapFactory (contracts/UniSwapV2PriceOracle.sol#37) (state variable) | |
MarketOracle.constructor(address,address,address)._weth (contracts/MarketOracle.sol#38) shadows: | |
- UniSwapV2PriceOracle._weth (contracts/UniSwapV2PriceOracle.sol#40) (state variable) | |
BPool.initialize(address,string,string,address[],uint256[],uint96[]).name (contracts/balancer/BPool.sol#121) shadows: | |
- BToken.name() (contracts/balancer/BToken.sol#88-90) (function) | |
BPool.initialize(address,string,string,address[],uint256[],uint96[]).symbol (contracts/balancer/BPool.sol#122) shadows: | |
- BToken.symbol() (contracts/balancer/BToken.sol#92-94) (function) | |
BToken._initializeToken(string,string).name (contracts/balancer/BToken.sol#77) shadows: | |
- BToken.name() (contracts/balancer/BToken.sol#88-90) (function) | |
BToken._initializeToken(string,string).symbol (contracts/balancer/BToken.sol#77) shadows: | |
- BToken.symbol() (contracts/balancer/BToken.sol#92-94) (function) | |
BaseERC20.constructor(string,string).name (contracts/openzeppelin/BaseERC20.sol#54) shadows: | |
- BaseERC20.name() (contracts/openzeppelin/BaseERC20.sol#63-65) (function) | |
BaseERC20.constructor(string,string).symbol (contracts/openzeppelin/BaseERC20.sol#54) shadows: | |
- BaseERC20.symbol() (contracts/openzeppelin/BaseERC20.sol#71-73) (function) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#local-variable-shadowing[0m | |
INFO:Detectors:[92m | |
PoolController.deployIndexPool(uint256,uint256,string,string,uint256) (contracts/PoolController.sol#85-120) has external calls inside a loop: IERC20(tokens[i]).approve(bpoolAddress,balances[i]) (contracts/PoolController.sol#110) | |
IndexLibrary.computePoolValue(address,address[],FixedPoint.uq112x112[]) (contracts/lib/IndexLibrary.sol#95-106) has external calls inside a loop: balance = token.balanceOf(poolAddress) (contracts/lib/IndexLibrary.sol#103) | |
MockTokenMarketDeployer.computePoolValue(MarketOracle,BPool) (contracts/mocks/MockTokenMarketDeployer.sol#39-52) has external calls inside a loop: bal = pool.getBalance(token) (contracts/mocks/MockTokenMarketDeployer.sol#47) | |
MockTokenMarketDeployer.computePoolValue(MarketOracle,BPool) (contracts/mocks/MockTokenMarketDeployer.sol#39-52) has external calls inside a loop: balValue = oracle.computeAverageAmountOut(token,bal) (contracts/mocks/MockTokenMarketDeployer.sol#48) | |
MockTokenMarketDeployer.testMintPoolTokens(BPool,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#121-138) has external calls inside a loop: usedBalance = pool.getUsedBalance(token) (contracts/mocks/MockTokenMarketDeployer.sol#133) | |
MockTokenMarketDeployer.mintPoolTokens(BPool,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#140-160) has external calls inside a loop: usedBalance = pool.getUsedBalance(token) (contracts/mocks/MockTokenMarketDeployer.sol#150) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation/#calls-inside-a-loop[0m | |
INFO:Detectors:[92m | |
Reentrancy in BPool.exitswapExternAmountOut(address,uint256,uint256) (contracts/balancer/BPool.sol#503-543): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#531) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
State variables written after the call(s): | |
- _pullPoolShare(msg.sender,poolAmountIn) (contracts/balancer/BPool.sol#537) | |
- _balance[src] = bsub(_balance[src],amt) (contracts/balancer/BToken.sol#57) | |
- _balance[dst] = badd(_balance[dst],amt) (contracts/balancer/BToken.sol#58) | |
- _burnPoolShare(bsub(poolAmountIn,exitFee)) (contracts/balancer/BPool.sol#538) | |
- _balance[address(this)] = bsub(_balance[address(this)],amt) (contracts/balancer/BToken.sol#46) | |
- _pushPoolShare(_controller,exitFee) (contracts/balancer/BPool.sol#539) | |
- _balance[src] = bsub(_balance[src],amt) (contracts/balancer/BToken.sol#57) | |
- _balance[dst] = badd(_balance[dst],amt) (contracts/balancer/BToken.sol#58) | |
Reentrancy in BPool.exitswapPoolAmountIn(address,uint256,uint256) (contracts/balancer/BPool.sol#455-494): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#483) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
State variables written after the call(s): | |
- _pullPoolShare(msg.sender,poolAmountIn) (contracts/balancer/BPool.sol#488) | |
- _balance[src] = bsub(_balance[src],amt) (contracts/balancer/BToken.sol#57) | |
- _balance[dst] = badd(_balance[dst],amt) (contracts/balancer/BToken.sol#58) | |
- _burnPoolShare(bsub(poolAmountIn,exitFee)) (contracts/balancer/BPool.sol#489) | |
- _balance[address(this)] = bsub(_balance[address(this)],amt) (contracts/balancer/BToken.sol#46) | |
- _pushPoolShare(_controller,exitFee) (contracts/balancer/BPool.sol#490) | |
- _balance[src] = bsub(_balance[src],amt) (contracts/balancer/BToken.sol#57) | |
- _balance[dst] = badd(_balance[dst],amt) (contracts/balancer/BToken.sol#58) | |
Reentrancy in BPool.flashBorrow(IFlashLoanRecipient,address,uint256,bytes) (contracts/balancer/BPool.sol#583-617): | |
External calls: | |
- _pushUnderlying(token,address(recipient),amount) (contracts/balancer/BPool.sol#596) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
- recipient.receiveFlashLoan(data) (contracts/balancer/BPool.sol#597) | |
State variables written after the call(s): | |
- _minimumBalances[token] = 0 (contracts/balancer/BPool.sol#611) | |
- _totalWeight = badd(_totalWeight,MIN_WEIGHT) (contracts/balancer/BPool.sol#614) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-2[0m | |
INFO:Detectors:[92m | |
Reentrancy in BaseERC20._transfer(address,address,uint256) (contracts/openzeppelin/BaseERC20.sol#214-223): | |
External calls: | |
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (contracts/openzeppelin/BaseERC20.sol#220) | |
Event emitted after the call(s): | |
- Transfer(sender,recipient,amount) (contracts/openzeppelin/BaseERC20.sol#222) | |
Reentrancy in BPool._unbind(address) (contracts/balancer/BPool.sol#1159-1186): | |
External calls: | |
- _pushUnderlying(token,_controller,tokenBalance) (contracts/balancer/BPool.sol#1184) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
Event emitted after the call(s): | |
- LOG_TOKEN_REMOVED(token) (contracts/balancer/BPool.sol#1185) | |
Reentrancy in BPool.exitswapExternAmountOut(address,uint256,uint256) (contracts/balancer/BPool.sol#503-543): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#531) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
Event emitted after the call(s): | |
- LOG_EXIT(msg.sender,tokenOut,tokenAmountOut) (contracts/balancer/BPool.sol#535) | |
- Transfer(src,dst,amt) (contracts/balancer/BToken.sol#59) | |
- _pushPoolShare(_controller,exitFee) (contracts/balancer/BPool.sol#539) | |
- Transfer(address(this),address(0),amt) (contracts/balancer/BToken.sol#48) | |
- _burnPoolShare(bsub(poolAmountIn,exitFee)) (contracts/balancer/BPool.sol#538) | |
- Transfer(src,dst,amt) (contracts/balancer/BToken.sol#59) | |
- _pullPoolShare(msg.sender,poolAmountIn) (contracts/balancer/BPool.sol#537) | |
Reentrancy in BPool.exitswapPoolAmountIn(address,uint256,uint256) (contracts/balancer/BPool.sol#455-494): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#483) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
Event emitted after the call(s): | |
- LOG_EXIT(msg.sender,tokenOut,tokenAmountOut) (contracts/balancer/BPool.sol#486) | |
- Transfer(src,dst,amt) (contracts/balancer/BToken.sol#59) | |
- _pushPoolShare(_controller,exitFee) (contracts/balancer/BPool.sol#490) | |
- Transfer(address(this),address(0),amt) (contracts/balancer/BToken.sol#48) | |
- _burnPoolShare(bsub(poolAmountIn,exitFee)) (contracts/balancer/BPool.sol#489) | |
- Transfer(src,dst,amt) (contracts/balancer/BToken.sol#59) | |
- _pullPoolShare(msg.sender,poolAmountIn) (contracts/balancer/BPool.sol#488) | |
Reentrancy in BPool.swapExactAmountIn(address,uint256,address,uint256,uint256) (contracts/balancer/BPool.sol#626-695): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#668) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
Event emitted after the call(s): | |
- LOG_SWAP(msg.sender,tokenIn,tokenOut,tokenAmountIn,tokenAmountOut) (contracts/balancer/BPool.sol#689) | |
Reentrancy in BPool.swapExactAmountOut(address,uint256,address,uint256,uint256) (contracts/balancer/BPool.sol#703-772): | |
External calls: | |
- _decreaseDenorm(outRecord,tokenOut) (contracts/balancer/BPool.sol#745) | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
Event emitted after the call(s): | |
- LOG_SWAP(msg.sender,tokenIn,tokenOut,tokenAmountIn,tokenAmountOut) (contracts/balancer/BPool.sol#766) | |
Reentrancy in BaseERC20.transferFrom(address,address,uint256) (contracts/openzeppelin/BaseERC20.sol#150-158): | |
External calls: | |
- _transfer(sender,recipient,amount) (contracts/openzeppelin/BaseERC20.sol#151) | |
- _balances[sender] = _balances[sender].sub(amount,ERC20: transfer amount exceeds balance) (contracts/openzeppelin/BaseERC20.sol#220) | |
- _approve(sender,msg.sender,_allowances[sender][msg.sender].sub(amount,ERC20: transfer amount exceeds allowance)) (contracts/openzeppelin/BaseERC20.sol#152-156) | |
Event emitted after the call(s): | |
- Approval(owner,spender,amount) (contracts/openzeppelin/BaseERC20.sol#243) | |
- _approve(sender,msg.sender,_allowances[sender][msg.sender].sub(amount,ERC20: transfer amount exceeds allowance)) (contracts/openzeppelin/BaseERC20.sol#152-156) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#reentrancy-vulnerabilities-3[0m | |
INFO:Detectors:[92m | |
MarketOracle.getTopCategoryTokens(uint256,uint256) (contracts/MarketOracle.sol#94-114) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(now - lastCategoryUpdate[categoryID] <= MAX_SORT_DELAY,ERR_CATEGORY_NOT_READY) (contracts/MarketOracle.sol#108-111) | |
PoolController.reindexPool(uint256,uint256) (contracts/PoolController.sol#126-156) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)((record.index ++ % (REWEIGHS_BEFORE_REINDEX + 1)) == REWEIGHS_BEFORE_REINDEX,ERR_REWEIGH_INDEX) (contracts/PoolController.sol#130-133) | |
- require(bool,string)(now - record.timestamp >= POOL_REWEIGH_DELAY,ERR_POOL_REWEIGH_DELAY) (contracts/PoolController.sol#134-137) | |
PoolController.reweighPool(address) (contracts/PoolController.sol#162-183) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)((record.index ++ % (REWEIGHS_BEFORE_REINDEX + 1)) != REWEIGHS_BEFORE_REINDEX,ERR_REWEIGH_INDEX) (contracts/PoolController.sol#165-168) | |
- require(bool,string)(now - record.timestamp >= POOL_REWEIGH_DELAY,ERR_POOL_REWEIGH_DELAY) (contracts/PoolController.sol#169-172) | |
BPool.initialize(address,string,string,address[],uint256[],uint96[]) (contracts/balancer/BPool.sol#119-166) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(totalWeight <= MAX_TOTAL_WEIGHT,ERR_MAX_TOTAL_WEIGHT) (contracts/balancer/BPool.sol#161) | |
BPool.unbind(address) (contracts/balancer/BPool.sol#278-282) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(_records[token].bound,ERR_NOT_BOUND) (contracts/balancer/BPool.sol#279) | |
BPool.joinPool(uint256,uint256[]) (contracts/balancer/BPool.sol#292-313) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(ratio != 0,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#299) | |
- require(bool,string)(tokenAmountIn != 0,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#305) | |
- require(bool,string)(tokenAmountIn <= maxAmountsIn[i],ERR_LIMIT_IN) (contracts/balancer/BPool.sol#306) | |
BPool.joinswapExternAmountIn(address,uint256,uint256) (contracts/balancer/BPool.sol#322-361) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountIn <= bmul(inRecord.balance,MAX_IN_RATIO),ERR_MAX_IN_RATIO) (contracts/balancer/BPool.sol#336-339) | |
- require(bool,string)(poolAmountOut >= minPoolAmountOut,ERR_LIMIT_OUT) (contracts/balancer/BPool.sol#350) | |
BPool.joinswapPoolAmountOut(address,uint256,uint256) (contracts/balancer/BPool.sol#369-407) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountIn != 0,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#390) | |
- require(bool,string)(tokenAmountIn <= maxAmountIn,ERR_LIMIT_IN) (contracts/balancer/BPool.sol#391) | |
- require(bool,string)(tokenAmountIn <= bmul(inRecord.balance,MAX_IN_RATIO),ERR_MAX_IN_RATIO) (contracts/balancer/BPool.sol#393-396) | |
BPool.exitPool(uint256,uint256[]) (contracts/balancer/BPool.sol#416-446) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(ratio != 0,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#424) | |
- require(bool,string)(tokenAmountOut != 0,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#435) | |
- require(bool,string)(tokenAmountOut >= minAmountsOut[i],ERR_LIMIT_OUT) (contracts/balancer/BPool.sol#436) | |
BPool.exitswapPoolAmountIn(address,uint256,uint256) (contracts/balancer/BPool.sol#455-494) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountOut >= minAmountOut,ERR_LIMIT_OUT) (contracts/balancer/BPool.sol#475) | |
- require(bool,string)(tokenAmountOut <= bmul(outRecord.balance,MAX_OUT_RATIO),ERR_MAX_OUT_RATIO) (contracts/balancer/BPool.sol#477-480) | |
BPool.exitswapExternAmountOut(address,uint256,uint256) (contracts/balancer/BPool.sol#503-543) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountOut <= bmul(outRecord.balance,MAX_OUT_RATIO),ERR_MAX_OUT_RATIO) (contracts/balancer/BPool.sol#513-516) | |
- require(bool,string)(poolAmountIn != 0,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#527) | |
- require(bool,string)(poolAmountIn <= maxPoolAmountIn,ERR_LIMIT_IN) (contracts/balancer/BPool.sol#528) | |
BPool.flashBorrow(IFlashLoanRecipient,address,uint256,bytes) (contracts/balancer/BPool.sol#583-617) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(balEnd > balStart && fee >= gained,ERR_INSUFFICIENT_PAYMENT) (contracts/balancer/BPool.sol#601-604) | |
BPool.swapExactAmountIn(address,uint256,address,uint256,uint256) (contracts/balancer/BPool.sol#626-695) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountIn <= bmul(inRecord.balance,MAX_IN_RATIO),ERR_MAX_IN_RATIO) (contracts/balancer/BPool.sol#641-644) | |
- require(bool,string)(spotPriceBefore <= maxPrice,ERR_BAD_LIMIT_PRICE) (contracts/balancer/BPool.sol#653) | |
- require(bool,string)(tokenAmountOut >= minAmountOut,ERR_LIMIT_OUT) (contracts/balancer/BPool.sol#664) | |
- require(bool,string)(spotPriceAfter >= spotPriceBefore,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#682) | |
- require(bool,string)(spotPriceAfter <= maxPrice,ERR_LIMIT_PRICE) (contracts/balancer/BPool.sol#683) | |
- require(bool,string)(spotPriceBefore <= bdiv(tokenAmountIn,tokenAmountOut),ERR_MATH_APPROX) (contracts/balancer/BPool.sol#684-687) | |
BPool.swapExactAmountOut(address,uint256,address,uint256,uint256) (contracts/balancer/BPool.sol#703-772) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountOut <= bmul(outRecord.balance,MAX_OUT_RATIO),ERR_MAX_OUT_RATIO) (contracts/balancer/BPool.sol#718-721) | |
- require(bool,string)(spotPriceBefore <= maxPrice,ERR_BAD_LIMIT_PRICE) (contracts/balancer/BPool.sol#730) | |
- require(bool,string)(tokenAmountIn <= maxAmountIn,ERR_LIMIT_IN) (contracts/balancer/BPool.sol#741) | |
- require(bool,string)(spotPriceAfter >= spotPriceBefore,ERR_MATH_APPROX) (contracts/balancer/BPool.sol#759) | |
- require(bool,string)(spotPriceAfter <= maxPrice,ERR_LIMIT_PRICE) (contracts/balancer/BPool.sol#760) | |
- require(bool,string)(spotPriceBefore <= bdiv(tokenAmountIn,tokenAmountOut),ERR_MATH_APPROX) (contracts/balancer/BPool.sol#761-764) | |
BPool.getDenormalizedWeight(address) (contracts/balancer/BPool.sol#846-854) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(_records[token].bound,ERR_NOT_BOUND) (contracts/balancer/BPool.sol#852) | |
BPool.extrapolatePoolValueFromToken() (contracts/balancer/BPool.sol#877-893) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(extrapolatedValue > 0,ERR_NONE_READY) (contracts/balancer/BPool.sol#892) | |
BPool.getInGivenOut(address,address,uint256) (contracts/balancer/BPool.sol#1004-1030) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountOut <= bmul(outRecord.balance,MAX_OUT_RATIO),ERR_MAX_OUT_RATIO) (contracts/balancer/BPool.sol#1018-1021) | |
BPool.getOutGivenIn(address,address,uint256) (contracts/balancer/BPool.sol#1036-1062) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(tokenAmountIn <= bmul(inRecord.balance,MAX_IN_RATIO),ERR_MAX_IN_RATIO) (contracts/balancer/BPool.sol#1050-1053) | |
BPool._pullUnderlying(address,address,uint256) (contracts/balancer/BPool.sol#1086-1098) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(success && (data.length == 0 || abi.decode(data,(bool))),ERR_ERC20_FALSE) (contracts/balancer/BPool.sol#1094-1097) | |
BPool._pushUnderlying(address,address,uint256) (contracts/balancer/BPool.sol#1100-1112) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(success && (data.length == 0 || abi.decode(data,(bool))),ERR_ERC20_FALSE) (contracts/balancer/BPool.sol#1108-1111) | |
BPool._bind(address,uint256,uint96) (contracts/balancer/BPool.sol#1125-1148) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(! _records[token].bound,ERR_IS_BOUND) (contracts/balancer/BPool.sol#1130) | |
BPool._unbind(address) (contracts/balancer/BPool.sol#1159-1186) uses timestamp for comparisons | |
Dangerous comparisons: | |
- index != last (contracts/balancer/BPool.sol#1169) | |
BPool._setDesiredDenorm(address,uint96) (contracts/balancer/BPool.sol#1188-1201) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(record.bound,ERR_NOT_BOUND) (contracts/balancer/BPool.sol#1190) | |
BPool._increaseDenorm(BPool.Record,address) (contracts/balancer/BPool.sol#1203-1227) uses timestamp for comparisons | |
Dangerous comparisons: | |
- record.denorm >= record.desiredDenorm || ! record.ready || now - record.lastDenormUpdate < WEIGHT_UPDATE_DELAY (contracts/balancer/BPool.sol#1207-1209) | |
- diff > maxDiff (contracts/balancer/BPool.sol#1215) | |
- require(bool,string)(_totalWeight <= MAX_TOTAL_WEIGHT,ERR_MAX_TOTAL_WEIGHT) (contracts/balancer/BPool.sol#1220) | |
BPool._decreaseDenorm(BPool.Record,address) (contracts/balancer/BPool.sol#1229-1261) uses timestamp for comparisons | |
Dangerous comparisons: | |
- record.denorm <= record.desiredDenorm || ! record.ready || now - record.lastDenormUpdate < WEIGHT_UPDATE_DELAY (contracts/balancer/BPool.sol#1232-1234) | |
- diff > maxDiff (contracts/balancer/BPool.sol#1240) | |
- denorm <= MIN_WEIGHT (contracts/balancer/BPool.sol#1244) | |
BPool._getInputToken(address) (contracts/balancer/BPool.sol#1274-1290) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(record.bound,ERR_NOT_BOUND) (contracts/balancer/BPool.sol#1280) | |
BPool._getOutputToken(address) (contracts/balancer/BPool.sol#1292-1302) uses timestamp for comparisons | |
Dangerous comparisons: | |
- require(bool,string)(record.bound,ERR_NOT_BOUND) (contracts/balancer/BPool.sol#1298) | |
- require(bool,string)(record.ready,ERR_OUT_NOT_READY) (contracts/balancer/BPool.sol#1301) | |
BPool._updateBalanceIn(address,BPool.Record,uint256) (contracts/balancer/BPool.sol#1324-1362) uses timestamp for comparisons | |
Dangerous comparisons: | |
- realBalance >= record.balance (contracts/balancer/BPool.sol#1333) | |
UniswapV2OracleLibrary.currentCumulativePrices(address) (contracts/lib/UniswapV2OracleLibrary.sol#17-51) uses timestamp for comparisons | |
Dangerous comparisons: | |
- blockTimestampLast != blockTimestamp (contracts/lib/UniswapV2OracleLibrary.sol#36) | |
UniswapV2OracleLibrary.currentCumulativePrice0(address) (contracts/lib/UniswapV2OracleLibrary.sol#55-79) uses timestamp for comparisons | |
Dangerous comparisons: | |
- blockTimestampLast != blockTimestamp (contracts/lib/UniswapV2OracleLibrary.sol#69) | |
UniswapV2OracleLibrary.currentCumulativePrice1(address) (contracts/lib/UniswapV2OracleLibrary.sol#83-107) uses timestamp for comparisons | |
Dangerous comparisons: | |
- blockTimestampLast != blockTimestamp (contracts/lib/UniswapV2OracleLibrary.sol#97) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp[0m | |
INFO:Detectors:[92m | |
BPool.getCurrentDesiredTokens() (contracts/balancer/BPool.sol#824-841) uses assembly | |
- INLINE ASM (contracts/balancer/BPool.sol#840) | |
Create2.deploy(uint256,bytes32,bytes) (contracts/lib/Create2.sol#27-36) uses assembly | |
- INLINE ASM (contracts/lib/Create2.sol#31-33) | |
ProxyLib.getProxyDeploymentCode(address) (contracts/lib/ProxyLib.sol#54-63) uses assembly | |
- INLINE ASM (contracts/lib/ProxyLib.sol#56-61) | |
MockProxyFactory.compareCodeHash(bytes32) (contracts/mocks/MockProxyFactory.sol#20-25) uses assembly | |
- INLINE ASM (contracts/mocks/MockProxyFactory.sol#23) | |
MockProxyFactory.getProxyRuntimeCode() (contracts/mocks/MockProxyFactory.sol#32-42) uses assembly | |
- INLINE ASM (contracts/mocks/MockProxyFactory.sol#35-40) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage[0m | |
INFO:Detectors:[92m | |
Different versions of Solidity is used in : | |
- Version used: ['>=0.4.0', '>=0.5.0', '>=0.6.0', '>=0.6.2', '^0.6.0'] | |
- ^0.6.0 (contracts/MarketOracle.sol#1) | |
- ABIEncoderV2 (contracts/MarketOracle.sol#2) | |
- ^0.6.0 (contracts/PoolController.sol#1) | |
- ABIEncoderV2 (contracts/PoolController.sol#2) | |
- ^0.6.0 (contracts/UniSwapV2PriceOracle.sol#1) | |
- ABIEncoderV2 (contracts/UniSwapV2PriceOracle.sol#2) | |
- ^0.6.0 (contracts/balancer/BConst.sol#2) | |
- ^0.6.0 (contracts/balancer/BMath.sol#2) | |
- ^0.6.0 (contracts/balancer/BNum.sol#2) | |
- ^0.6.0 (contracts/balancer/BPool.sol#2) | |
- ABIEncoderV2 (contracts/balancer/BPool.sol#3) | |
- ^0.6.0 (contracts/balancer/BToken.sol#2) | |
- ^0.6.0 (contracts/interfaces/IBPool.sol#2) | |
- ABIEncoderV2 (contracts/interfaces/IBPool.sol#3) | |
- >=0.5.0 (contracts/interfaces/IERC20.sol#1) | |
- ^0.6.0 (contracts/interfaces/IFlashLoanRecipient.sol#1) | |
- ^0.6.0 (contracts/interfaces/IUniSwap.sol#1) | |
- ^0.6.0 (contracts/interfaces/IUniswapV2Factory.sol#1) | |
- ^0.6.0 (contracts/interfaces/IUniswapV2Library.sol#1) | |
- ^0.6.0 (contracts/interfaces/IUniswapV2Pair.sol#1) | |
- >=0.6.2 (contracts/interfaces/IUniswapV2Router01.sol#1) | |
- >=0.6.2 (contracts/interfaces/IUniswapV2Router02.sol#1) | |
- >=0.4.0 (contracts/lib/Babylonian.sol#3) | |
- ^0.6.0 (contracts/lib/Create2.sol#1) | |
- >=0.4.0 (contracts/lib/FixedPoint.sol#3) | |
- ^0.6.0 (contracts/lib/IndexLibrary.sol#1) | |
- ABIEncoderV2 (contracts/lib/IndexLibrary.sol#2) | |
- ^0.6.0 (contracts/lib/ProxyLib.sol#1) | |
- ^0.6.0 (contracts/lib/SafeMath.sol#1) | |
- >=0.6.0 (contracts/lib/UniswapV2Library.sol#1) | |
- ^0.6.0 (contracts/lib/UniswapV2OracleLibrary.sol#1) | |
- ^0.6.0 (contracts/mocks/MockERC20.sol#1) | |
- ^0.6.0 (contracts/mocks/MockProxyFactory.sol#1) | |
- ^0.6.0 (contracts/mocks/MockProxyLogic.sol#1) | |
- ^0.6.0 (contracts/mocks/MockTokenMarketDeployer.sol#1) | |
- ABIEncoderV2 (contracts/mocks/MockTokenMarketDeployer.sol#2) | |
- ^0.6.0 (contracts/openzeppelin/BaseERC20.sol#3) | |
- ^0.6.0 (contracts/openzeppelin/SafeMath.sol#3) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#different-pragma-directives-are-used[0m | |
INFO:Detectors:[92m | |
Pragma version^0.6.0 (contracts/MarketOracle.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/PoolController.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/UniSwapV2PriceOracle.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/balancer/BConst.sol#2) allows old versions | |
Pragma version^0.6.0 (contracts/balancer/BMath.sol#2) allows old versions | |
Pragma version^0.6.0 (contracts/balancer/BNum.sol#2) allows old versions | |
Pragma version^0.6.0 (contracts/balancer/BPool.sol#2) allows old versions | |
Pragma version^0.6.0 (contracts/balancer/BToken.sol#2) allows old versions | |
Pragma version^0.6.0 (contracts/interfaces/IBPool.sol#2) allows old versions | |
Pragma version>=0.5.0 (contracts/interfaces/IERC20.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/interfaces/IFlashLoanRecipient.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/interfaces/IUniSwap.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/interfaces/IUniswapV2Factory.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/interfaces/IUniswapV2Library.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/interfaces/IUniswapV2Pair.sol#1) allows old versions | |
Pragma version>=0.6.2 (contracts/interfaces/IUniswapV2Router01.sol#1) allows old versions | |
Pragma version>=0.6.2 (contracts/interfaces/IUniswapV2Router02.sol#1) allows old versions | |
Pragma version>=0.4.0 (contracts/lib/Babylonian.sol#3) allows old versions | |
Pragma version^0.6.0 (contracts/lib/Create2.sol#1) allows old versions | |
Pragma version>=0.4.0 (contracts/lib/FixedPoint.sol#3) allows old versions | |
Pragma version^0.6.0 (contracts/lib/IndexLibrary.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/lib/ProxyLib.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/lib/SafeMath.sol#1) allows old versions | |
Pragma version>=0.6.0 (contracts/lib/UniswapV2Library.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/lib/UniswapV2OracleLibrary.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/mocks/MockERC20.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/mocks/MockProxyFactory.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/mocks/MockProxyLogic.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/mocks/MockTokenMarketDeployer.sol#1) allows old versions | |
Pragma version^0.6.0 (contracts/openzeppelin/BaseERC20.sol#3) allows old versions | |
Pragma version^0.6.0 (contracts/openzeppelin/SafeMath.sol#3) allows old versions | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity[0m | |
INFO:Detectors:[92m | |
Low level call in BPool._pullUnderlying(address,address,uint256) (contracts/balancer/BPool.sol#1086-1098): | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_FROM_SELECTOR,from,address(this),amount)) (contracts/balancer/BPool.sol#1091-1093) | |
Low level call in BPool._pushUnderlying(address,address,uint256) (contracts/balancer/BPool.sol#1100-1112): | |
- (success,data) = erc20.call(abi.encodeWithSelector(TRANSFER_SELECTOR,to,amount)) (contracts/balancer/BPool.sol#1105-1107) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls[0m | |
INFO:Detectors:[92m | |
Variable MarketOracle._categoryTokens (contracts/MarketOracle.sol#24) is not in mixedCase | |
Variable MarketOracle._tokenCategories (contracts/MarketOracle.sol#26) is not in mixedCase | |
Event PoolControllerLOG_NEW_POOL(address,address,uint256,uint256) (contracts/PoolController.sol#34-39) is not in CapWords | |
Event PoolControllerLOG_MANAGER(address) (contracts/PoolController.sol#41) is not in CapWords | |
Variable PoolController._manager (contracts/PoolController.sol#45) is not in mixedCase | |
Variable PoolController._poolContract (contracts/PoolController.sol#46) is not in mixedCase | |
Variable PoolController._isBPool (contracts/PoolController.sol#47) is not in mixedCase | |
Variable PoolController._poolUpdateRecords (contracts/PoolController.sol#48) is not in mixedCase | |
Variable UniSwapV2PriceOracle._uniswapFactory (contracts/UniSwapV2PriceOracle.sol#37) is not in mixedCase | |
Variable UniSwapV2PriceOracle._weth (contracts/UniSwapV2PriceOracle.sol#40) is not in mixedCase | |
Variable UniSwapV2PriceOracle._priceObservations (contracts/UniSwapV2PriceOracle.sol#43-45) is not in mixedCase | |
Event BPoolLOG_SWAP(address,address,address,uint256,uint256) (contracts/balancer/BPool.sol#36-42) is not in CapWords | |
Event BPoolLOG_JOIN(address,address,uint256) (contracts/balancer/BPool.sol#44-48) is not in CapWords | |
Event BPoolLOG_EXIT(address,address,uint256) (contracts/balancer/BPool.sol#50-54) is not in CapWords | |
Event BPoolLOG_DENORM_UPDATED(address,uint256) (contracts/balancer/BPool.sol#56) is not in CapWords | |
Event BPoolLOG_DESIRED_DENORM_SET(address,uint256) (contracts/balancer/BPool.sol#58) is not in CapWords | |
Event BPoolLOG_TOKEN_REMOVED(address) (contracts/balancer/BPool.sol#60) is not in CapWords | |
Event BPoolLOG_TOKEN_ADDED(address,uint256,uint256) (contracts/balancer/BPool.sol#62-66) is not in CapWords | |
Event BPoolLOG_TOKEN_READY(address) (contracts/balancer/BPool.sol#68) is not in CapWords | |
Variable BPool._mutex (contracts/balancer/BPool.sol#96) is not in mixedCase | |
Variable BPool._controller (contracts/balancer/BPool.sol#98) is not in mixedCase | |
Variable BPool._publicSwap (contracts/balancer/BPool.sol#102) is not in mixedCase | |
Variable BPool._swapFee (contracts/balancer/BPool.sol#105) is not in mixedCase | |
Variable BPool._tokens (contracts/balancer/BPool.sol#107) is not in mixedCase | |
Variable BPool._records (contracts/balancer/BPool.sol#109) is not in mixedCase | |
Variable BPool._totalWeight (contracts/balancer/BPool.sol#110) is not in mixedCase | |
Variable BPool._minimumBalances (contracts/balancer/BPool.sol#113) is not in mixedCase | |
Modifier BPool._lock_() (contracts/balancer/BPool.sol#72-77) is not in mixedCase | |
Modifier BPool._viewlock_() (contracts/balancer/BPool.sol#79-82) is not in mixedCase | |
Modifier BPool._control_() (contracts/balancer/BPool.sol#84-87) is not in mixedCase | |
Modifier BPool._public_() (contracts/balancer/BPool.sol#89-92) is not in mixedCase | |
Variable BTokenBase._balance (contracts/balancer/BToken.sol#31) is not in mixedCase | |
Variable BTokenBase._allowance (contracts/balancer/BToken.sol#32) is not in mixedCase | |
Variable BTokenBase._totalSupply (contracts/balancer/BToken.sol#33) is not in mixedCase | |
Function IUniswapV2Pair.DOMAIN_SEPARATOR() (contracts/interfaces/IUniswapV2Pair.sol#18) is not in mixedCase | |
Function IUniswapV2Pair.PERMIT_TYPEHASH() (contracts/interfaces/IUniswapV2Pair.sol#19) is not in mixedCase | |
Function IUniswapV2Pair.MINIMUM_LIQUIDITY() (contracts/interfaces/IUniswapV2Pair.sol#36) is not in mixedCase | |
Function IUniswapV2Router01.WETH() (contracts/interfaces/IUniswapV2Router01.sol#6) is not in mixedCase | |
Struct FixedPoint.uq112x112 (contracts/lib/FixedPoint.sol#11-13) is not in CapWords | |
Struct FixedPoint.uq144x112 (contracts/lib/FixedPoint.sol#17-19) is not in CapWords | |
Variable MockProxyLogic._value (contracts/mocks/MockProxyLogic.sol#4) is not in mixedCase | |
Variable BaseERC20._balances (contracts/openzeppelin/BaseERC20.sol#35) is not in mixedCase | |
Variable BaseERC20._allowances (contracts/openzeppelin/BaseERC20.sol#37) is not in mixedCase | |
Variable BaseERC20._totalSupply (contracts/openzeppelin/BaseERC20.sol#39) is not in mixedCase | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformity-to-solidity-naming-conventions[0m | |
INFO:Detectors:[92m | |
ProxyLib.getProxyDeploymentCode(address) (contracts/lib/ProxyLib.sol#54-63) uses literals with too many digits: | |
- mstore(uint256,uint256)(ptr,0x602e598160098239f35959365936595937730000000000000000000000000000) (contracts/lib/ProxyLib.sol#58) | |
ProxyLib.getProxyDeploymentCode(address) (contracts/lib/ProxyLib.sol#54-63) uses literals with too many digits: | |
- mstore(uint256,uint256)(ptr + 38,0x5af460003d3d82803e9161002c57fd5bf3000000000000000000000000000000) (contracts/lib/ProxyLib.sol#60) | |
MockProxyFactory.getProxyRuntimeCode() (contracts/mocks/MockProxyFactory.sol#32-42) uses literals with too many digits: | |
- mstore(uint256,uint256)(ptr,0x5959365936595937730000000000000000000000000000000000000000000000) (contracts/mocks/MockProxyFactory.sol#37) | |
MockProxyFactory.getProxyRuntimeCode() (contracts/mocks/MockProxyFactory.sol#32-42) uses literals with too many digits: | |
- mstore(uint256,uint256)(ptr + 29,0x5af460003d3d82803e9161002c57fd5bf3000000000000000000000000000000) (contracts/mocks/MockProxyFactory.sol#39) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#too-many-digits[0m | |
INFO:Detectors:[92m | |
BConst.TRANSFER_SELECTOR (contracts/balancer/BConst.sol#8-10) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.TRANSFER_FROM_SELECTOR (contracts/balancer/BConst.sol#12-14) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.WEIGHT_UPDATE_DELAY (contracts/balancer/BConst.sol#16) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MIN_FEE (contracts/balancer/BConst.sol#23) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MAX_FEE (contracts/balancer/BConst.sol#24) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.EXIT_FEE (contracts/balancer/BConst.sol#25) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MIN_WEIGHT (contracts/balancer/BConst.sol#27) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MAX_WEIGHT (contracts/balancer/BConst.sol#28) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MAX_TOTAL_WEIGHT (contracts/balancer/BConst.sol#29) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MIN_BALANCE (contracts/balancer/BConst.sol#30) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.INIT_POOL_SUPPLY (contracts/balancer/BConst.sol#32) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MAX_IN_RATIO (contracts/balancer/BConst.sol#38) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.MAX_OUT_RATIO (contracts/balancer/BConst.sol#39) is never used in PoolController (contracts/PoolController.sol#13-268) | |
BConst.TRANSFER_SELECTOR (contracts/balancer/BConst.sol#8-10) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.TRANSFER_FROM_SELECTOR (contracts/balancer/BConst.sol#12-14) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.WEIGHT_UPDATE_DELAY (contracts/balancer/BConst.sol#16) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MIN_BOUND_TOKENS (contracts/balancer/BConst.sol#20) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MAX_BOUND_TOKENS (contracts/balancer/BConst.sol#21) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MIN_FEE (contracts/balancer/BConst.sol#23) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MAX_FEE (contracts/balancer/BConst.sol#24) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MIN_WEIGHT (contracts/balancer/BConst.sol#27) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MAX_WEIGHT (contracts/balancer/BConst.sol#28) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MAX_TOTAL_WEIGHT (contracts/balancer/BConst.sol#29) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MIN_BALANCE (contracts/balancer/BConst.sol#30) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.INIT_POOL_SUPPLY (contracts/balancer/BConst.sol#32) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MAX_IN_RATIO (contracts/balancer/BConst.sol#38) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
BConst.MAX_OUT_RATIO (contracts/balancer/BConst.sol#39) is never used in MockTokenMarketDeployer (contracts/mocks/MockTokenMarketDeployer.sol#12-161) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#unused-state-variables[0m | |
INFO:Detectors:[92m | |
BToken._decimals (contracts/balancer/BToken.sol#75) should be constant | |
BaseERC20._totalSupply (contracts/openzeppelin/BaseERC20.sol#39) should be constant | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#state-variables-that-could-be-declared-constant[0m | |
INFO:Detectors:[92m | |
addToken(address,uint256) should be declared external: | |
- MarketOracle.addToken(address,uint256) (contracts/MarketOracle.sol#133-143) | |
orderCategoryTokensByMarketCap(uint256,address[]) should be declared external: | |
- MarketOracle.orderCategoryTokensByMarketCap(uint256,address[]) (contracts/MarketOracle.sol#175-211) | |
updatePrices(address[]) should be declared external: | |
- UniSwapV2PriceOracle.updatePrices(address[]) (contracts/UniSwapV2PriceOracle.sol#93-101) | |
computeAveragePrices(address[]) should be declared external: | |
- UniSwapV2PriceOracle.computeAveragePrices(address[]) (contracts/UniSwapV2PriceOracle.sol#228-238) | |
name() should be declared external: | |
- BToken.name() (contracts/balancer/BToken.sol#88-90) | |
symbol() should be declared external: | |
- BToken.symbol() (contracts/balancer/BToken.sol#92-94) | |
decimals() should be declared external: | |
- BToken.decimals() (contracts/balancer/BToken.sol#96-98) | |
deployProxy(bytes32) should be declared external: | |
- MockProxyFactory.deployProxy(bytes32) (contracts/mocks/MockProxyFactory.sol#27-30) | |
deployTokenAndMarketWithLiquidity(string,string,uint256,uint256) should be declared external: | |
- MockTokenMarketDeployer.deployTokenAndMarketWithLiquidity(string,string,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#54-64) | |
deployPoolMarketWithLiquidity(BPool,uint256,uint256) should be declared external: | |
- MockTokenMarketDeployer.deployPoolMarketWithLiquidity(BPool,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#87-98) | |
addPoolMarketLiquidity(BPool,uint256,uint256) should be declared external: | |
- MockTokenMarketDeployer.addPoolMarketLiquidity(BPool,uint256,uint256) (contracts/mocks/MockTokenMarketDeployer.sol#100-119) | |
name() should be declared external: | |
- BaseERC20.name() (contracts/openzeppelin/BaseERC20.sol#63-65) | |
symbol() should be declared external: | |
- BaseERC20.symbol() (contracts/openzeppelin/BaseERC20.sol#71-73) | |
decimals() should be declared external: | |
- BaseERC20.decimals() (contracts/openzeppelin/BaseERC20.sol#88-90) | |
balanceOf(address) should be declared external: | |
- BaseERC20.balanceOf(address) (contracts/openzeppelin/BaseERC20.sol#102-104) | |
transfer(address,uint256) should be declared external: | |
- BaseERC20.transfer(address,uint256) (contracts/openzeppelin/BaseERC20.sol#114-117) | |
allowance(address,address) should be declared external: | |
- BaseERC20.allowance(address,address) (contracts/openzeppelin/BaseERC20.sol#122-124) | |
approve(address,uint256) should be declared external: | |
- BaseERC20.approve(address,uint256) (contracts/openzeppelin/BaseERC20.sol#133-136) | |
transferFrom(address,address,uint256) should be declared external: | |
- BaseERC20.transferFrom(address,address,uint256) (contracts/openzeppelin/BaseERC20.sol#150-158) | |
increaseAllowance(address,uint256) should be declared external: | |
- BaseERC20.increaseAllowance(address,uint256) (contracts/openzeppelin/BaseERC20.sol#172-175) | |
decreaseAllowance(address,uint256) should be declared external: | |
- BaseERC20.decreaseAllowance(address,uint256) (contracts/openzeppelin/BaseERC20.sol#191-198) | |
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-external[0m | |
INFO:Slither:. analyzed (31 contracts with 46 detectors), 218 result(s) found | |
INFO:Slither:[94mUse https://crytic.io/ to get access to additional detectors and Github integration[0m |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment