This report was generated by Aderyn, a static analysis tool built by Cyfrin, a blockchain security company. This report is not a substitute for manual audit or security review. It should not be relied upon for any purpose other than to assist in the identification of potential security vulnerabilities.
| Key | Value |
|---|---|
| .sol Files | 1 |
| Total nSLOC | 209 |
| Filepath | nSLOC |
|---|---|
| src/AMM.sol | 209 |
| Total | 209 |
| Category | No. of Issues |
|---|---|
| High | 0 |
| Low | 4 |
Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.
4 Found Instances
-
Found in src/AMM.sol Line: 18
```solidity contract AMM is ReentrancyGuard, Pausable, Ownable { ``` -
Found in src/AMM.sol Line: 64
```solidity function createPair(address _token0, address _token1) external onlyOwner returns (uint256 pairId) { ``` -
Found in src/AMM.sol Line: 252
```solidity function pause() external onlyOwner { ``` -
Found in src/AMM.sol Line: 256
```solidity function unpause() external onlyOwner { ```
ERC20 functions may not behave as expected. For example: return values are not always meaningful. It is recommended to use OpenZeppelin's SafeERC20 library.
1 Found Instances
-
Found in src/AMM.sol Line: 199
```solidity require(weth.transfer(msg.sender, msg.value), "WETH transfer failed"); ```
Instead of marking a function as public, consider marking it as external if it is not used internally.
1 Found Instances
-
Found in src/AMM.sol Line: 212
```solidity function getBalance(uint256 _pairId, address _account) public view returns (uint256) { ```
Index event fields make the field more quickly accessible to off-chain tools that parse events. However, note that each index field costs extra gas during emission, so it's not necessarily best to index the maximum allowed per event (three fields). Each event should use three indexed fields if there are three or more fields, and gas usage is not particularly of concern for the events in question. If there are fewer than three fields, all of the fields should be indexed.
6 Found Instances
-
Found in src/AMM.sol Line: 45
```solidity event PairCreated(address indexed token0, address indexed token1, uint256 pairId); ``` -
Found in src/AMM.sol Line: 46
```solidity event LiquidityAdded(uint256 indexed pairId, address indexed provider, uint256 amount0, uint256 amount1, uint256 shares); ``` -
Found in src/AMM.sol Line: 47
```solidity event LiquidityRemoved(uint256 indexed pairId, address indexed provider, uint256 amount0, uint256 amount1, uint256 shares); ``` -
Found in src/AMM.sol Line: 48
```solidity event Swap(uint256 indexed pairId, address indexed user, address tokenIn, uint256 amountIn, uint256 amountOut); ``` -
Found in src/AMM.sol Line: 49
```solidity event Wrap(address indexed user, uint256 amount); ``` -
Found in src/AMM.sol Line: 50
```solidity event Unwrap(address indexed user, uint256 amount); ```