QA Report #105
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
QA Report
Non-Critical Issues
safeApprove()
is deprecatedWith reference to
SafeERC20.sol
,safeApprove()
is deprecated in favor ofsafeIncreaseAllowance()
andsafeDecreaseAllowance()
.Consider using these functions instead of
safeApprove()
in these instances:Use of
block.timestamp
Block timestamps have historically been used for a variety of applications, such as entropy for random numbers (see the Entropy Illusion for further details), locking funds for periods of time, and various state-changing conditional statements that are time-dependent. Miners have the ability to adjust timestamps slightly, which can prove to be dangerous if block timestamps are used incorrectly in smart contracts.
Recommended Mitigation Steps
Block timestamps should not be used for entropy or generating random numbers — i.e., they should not be the deciding factor (either directly or through some derivation) for winning a game or changing an important state.
Time-sensitive logic is sometimes required; e.g., for unlocking contracts (time-locking), completing an ICO after a few weeks, or enforcing expiry dates. It is sometimes recommended to use block.number and an average block time to estimate times; with a 10 second block time, 1 week equates to approximately, 60480 blocks. Thus, specifying a block number at which to change a contract state can be more secure, as miners are unable to easily manipulate the block number.
Instances where
block.timestamp
is used:Use modifiers instead of require statements for access roles
Instead of using a
require
statement to check thatmsg.sender
belongs to a certain role (e.g.msg.sender
is owner), consider using modifiers. This would help improve code clarity and prevent accidental mistakes in future code.For example, to check that
msg.sender
isowner
, a modifier can be written as such:Functions can then use
isOwner
to validatemsg.sender
, for example:can be rewritten to:
Other instances of this include:
event
is missingindexed
fieldsEach
event
should use threeindexed
fields if there are three or more fields:The text was updated successfully, but these errors were encountered: