OpenZeppelin Blog https://blog.openzeppelin.com en Mon, 23 Dec 2024 18:02:09 GMT 2024-12-23T18:02:09Z en Add Tests To Your Stylus Contracts https://blog.openzeppelin.com/test-your-stylus-contracts-with-motsu <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/test-your-stylus-contracts-with-motsu" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Stylus%20Contracts.png" alt="Add Tests To Your Stylus Contracts" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <p><span style="font-weight: normal;"><span style="font-size: 18px;">Y</span>ou’r</span>e likely already familiar with our <a href="https://hubs.li/Q02-BQ260"><span>Contracts Library for Stylus</span></a>, released in October 2024. While Arbitrum Stylus delivers faster execution and lower gas fees, tools for unit testing smart contracts are limited. Testing is essential to ensure smart contracts function as intended and to minimize the risk of exploits. The immutable nature of blockchain technology requires rigorous security measures, making thorough testing a vital part of the development process.</p> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/test-your-stylus-contracts-with-motsu" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Stylus%20Contracts.png" alt="Add Tests To Your Stylus Contracts" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <p><span style="font-weight: normal;"><span style="font-size: 18px;">Y</span>ou’r</span>e likely already familiar with our <a href="https://hubs.li/Q02-BQ260"><span>Contracts Library for Stylus</span></a>, released in October 2024. While Arbitrum Stylus delivers faster execution and lower gas fees, tools for unit testing smart contracts are limited. Testing is essential to ensure smart contracts function as intended and to minimize the risk of exploits. The immutable nature of blockchain technology requires rigorous security measures, making thorough testing a vital part of the development process.</p> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Ftest-your-stylus-contracts-with-motsu&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> L2's Rust Ecosystem Mon, 23 Dec 2024 18:02:09 GMT sebastian.perez@openzeppelin.com (Sebastian Perez) https://blog.openzeppelin.com/test-your-stylus-contracts-with-motsu 2024-12-23T18:02:09Z Strengthening DeFi: OpenZeppelin and Compound's Security Partnership in 2024 https://blog.openzeppelin.com/strengthening-defi-openzeppelin-and-compounds-security-partnership-in-2024 <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/strengthening-defi-openzeppelin-and-compounds-security-partnership-in-2024" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Case_study-compound.webp" alt="Strengthening DeFi: OpenZeppelin and Compound's Security Partnership in 2024" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <p style="font-size: 20px;"><strong><span style="color: #000000;">TL;DR</span></strong></p> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/strengthening-defi-openzeppelin-and-compounds-security-partnership-in-2024" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Case_study-compound.webp" alt="Strengthening DeFi: OpenZeppelin and Compound's Security Partnership in 2024" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <p style="font-size: 20px;"><strong><span style="color: #000000;">TL;DR</span></strong></p> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Fstrengthening-defi-openzeppelin-and-compounds-security-partnership-in-2024&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Insights Case Study Wed, 18 Dec 2024 16:10:56 GMT khizer.arshad@openzeppelin.com (Khizer Arshad) https://blog.openzeppelin.com/strengthening-defi-openzeppelin-and-compounds-security-partnership-in-2024 2024-12-18T16:10:56Z Origin OUSD Audit https://blog.openzeppelin.com/origin-ousd-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/origin-ousd-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Group%201000003816-1.png" alt="Origin OUSD Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#yield-delegation">Yield Delegation</a></li> </ul> </li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#users-lack-control-over-yield-delegation">Users Lack Control Over Yield Delegation</a></li> <li><a href="#missing-docstrings">Missing Docstrings</a></li> <li><a href="#floating-pragma">Floating Pragma</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#redundant-code">Redundant Code</a></li> <li><a href="#incomplete-docstrings">Incomplete Docstrings</a></li> <li><a href="#missing-named-parameters-in-mappings">Missing Named Parameters in Mappings</a></li> <li><a href="#multiple-optimizable-storage-operations">Multiple Optimizable Storage Operations</a></li> <li><a href="#typographical-errors">Typographical Errors</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/origin-ousd-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Group%201000003816-1.png" alt="Origin OUSD Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#yield-delegation">Yield Delegation</a></li> </ul> </li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#users-lack-control-over-yield-delegation">Users Lack Control Over Yield Delegation</a></li> <li><a href="#missing-docstrings">Missing Docstrings</a></li> <li><a href="#floating-pragma">Floating Pragma</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#redundant-code">Redundant Code</a></li> <li><a href="#incomplete-docstrings">Incomplete Docstrings</a></li> <li><a href="#missing-named-parameters-in-mappings">Missing Named Parameters in Mappings</a></li> <li><a href="#multiple-optimizable-storage-operations">Multiple Optimizable Storage Operations</a></li> <li><a href="#typographical-errors">Typographical Errors</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Forigin-ousd-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Solidity Wed, 18 Dec 2024 15:59:29 GMT https://blog.openzeppelin.com/origin-ousd-audit 2024-12-18T15:59:29Z OpenZeppelin Security Sonic Gateway Audit https://blog.openzeppelin.com/sonic-gateway-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/sonic-gateway-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Group%201000003816.png" alt="Sonic Gateway&nbsp;Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#privileged-roles-and-trust-assumptions">Privileged Roles and Trust Assumptions</a></li> <li><a href="#security-model">Security Model</a></li> </ul> </li> <li><a href="#high-severity">High Severity</a> <ul> <li><a href="#incorrect-update-order-in-updatemanager">Incorrect Update Order in UpdateManager</a></li> </ul> </li> <li><a href="#medium-severity">Medium Severity</a> <ul> <li><a href="#user-provided-deposit-and-withdraw-ids-can-cause-collisions">User-Provided Deposit and Withdraw IDs Can Cause Collisions</a></li> <li><a href="#users-with-account-abstraction-wallets-may-lose-bridged-funds-due-to-address-mismatch">Users with Account Abstraction Wallets May Lose Bridged Funds Due to Address Mismatch</a></li> <li><a href="#payfastlane-could-be-continuously-blocked-by-exploiting-selfdestruct">payFastLane Could Be Continuously Blocked by Exploiting selfdestruct</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#lack-of-deregistration-mechanism-for-tokenpairs">Lack of Deregistration Mechanism for TokenPairs</a></li> <li><a href="#floating-pragma">Floating Pragma</a></li> <li><a href="#missing-zero-address-checks">Missing Zero-Address Checks</a></li> <li><a href="#possible-precision-loss-due-to-division-before-multiplication">Possible Precision Loss Due to Division Before Multiplication</a></li> <li><a href="#extendvalidatorsarray-can-create-gaps-in-validatoraddress-array">extendValidatorsArray Can Create Gaps in validatorAddress Array</a></li> <li><a href="#infinite-loop-in-subscription-retry-mechanism">Infinite Loop in Subscription Retry Mechanism</a></li> <li><a href="#quorum-calculation-rounds-down-allowing-insufficient-validator-approval">Quorum Calculation Rounds Down, Allowing Insufficient Validator Approval</a></li> <li><a href="#updating-too-many-validator-in-a-single-update-may-cause-out-of-gas-error">Updating Too Many Validator in a Single Update May Cause Out-of-Gas Error</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#lack-of-length-check-on-proof-items-in-mptproofverifier">Lack of Length Check on Proof Items in MPTProofVerifier</a></li> <li><a href="#missing-length-check-for-public-key-in-sfcupdateverifier">Missing Length Check for Public Key in SFCUpdateVerifier</a></li> <li><a href="#improper-node-id-handling-in-merkletrie-library">Improper Node ID Handling in MerkleTrie Library</a></li> <li><a href="#missing-docstrings">Missing Docstrings</a></li> <li><a href="#move-checks-to-fail-earlier">Move Checks to Fail Earlier</a></li> <li><a href="#lack-of-security-contact">Lack of Security Contact</a></li> <li><a href="#missing-named-parameters-in-mappings">Missing Named Parameters in Mappings</a></li> <li><a href="#non-explicit-imports">Non-Explicit Imports</a></li> <li><a href="#unnecessary-casts">Unnecessary Casts</a></li> <li><a href="#variables-could-be-immutable">Variables Could Be immutable</a></li> <li><a href="#lack-of-indexed-event-parameters">Lack of Indexed Event Parameters</a></li> <li><a href="#use-calldata-instead-of-memory">Use calldata Instead of memory</a></li> <li><a href="#functions-updating-state-without-event-emissions">Functions Updating State Without Event Emissions</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/sonic-gateway-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Group%201000003816.png" alt="Sonic Gateway&nbsp;Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#privileged-roles-and-trust-assumptions">Privileged Roles and Trust Assumptions</a></li> <li><a href="#security-model">Security Model</a></li> </ul> </li> <li><a href="#high-severity">High Severity</a> <ul> <li><a href="#incorrect-update-order-in-updatemanager">Incorrect Update Order in UpdateManager</a></li> </ul> </li> <li><a href="#medium-severity">Medium Severity</a> <ul> <li><a href="#user-provided-deposit-and-withdraw-ids-can-cause-collisions">User-Provided Deposit and Withdraw IDs Can Cause Collisions</a></li> <li><a href="#users-with-account-abstraction-wallets-may-lose-bridged-funds-due-to-address-mismatch">Users with Account Abstraction Wallets May Lose Bridged Funds Due to Address Mismatch</a></li> <li><a href="#payfastlane-could-be-continuously-blocked-by-exploiting-selfdestruct">payFastLane Could Be Continuously Blocked by Exploiting selfdestruct</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#lack-of-deregistration-mechanism-for-tokenpairs">Lack of Deregistration Mechanism for TokenPairs</a></li> <li><a href="#floating-pragma">Floating Pragma</a></li> <li><a href="#missing-zero-address-checks">Missing Zero-Address Checks</a></li> <li><a href="#possible-precision-loss-due-to-division-before-multiplication">Possible Precision Loss Due to Division Before Multiplication</a></li> <li><a href="#extendvalidatorsarray-can-create-gaps-in-validatoraddress-array">extendValidatorsArray Can Create Gaps in validatorAddress Array</a></li> <li><a href="#infinite-loop-in-subscription-retry-mechanism">Infinite Loop in Subscription Retry Mechanism</a></li> <li><a href="#quorum-calculation-rounds-down-allowing-insufficient-validator-approval">Quorum Calculation Rounds Down, Allowing Insufficient Validator Approval</a></li> <li><a href="#updating-too-many-validator-in-a-single-update-may-cause-out-of-gas-error">Updating Too Many Validator in a Single Update May Cause Out-of-Gas Error</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#lack-of-length-check-on-proof-items-in-mptproofverifier">Lack of Length Check on Proof Items in MPTProofVerifier</a></li> <li><a href="#missing-length-check-for-public-key-in-sfcupdateverifier">Missing Length Check for Public Key in SFCUpdateVerifier</a></li> <li><a href="#improper-node-id-handling-in-merkletrie-library">Improper Node ID Handling in MerkleTrie Library</a></li> <li><a href="#missing-docstrings">Missing Docstrings</a></li> <li><a href="#move-checks-to-fail-earlier">Move Checks to Fail Earlier</a></li> <li><a href="#lack-of-security-contact">Lack of Security Contact</a></li> <li><a href="#missing-named-parameters-in-mappings">Missing Named Parameters in Mappings</a></li> <li><a href="#non-explicit-imports">Non-Explicit Imports</a></li> <li><a href="#unnecessary-casts">Unnecessary Casts</a></li> <li><a href="#variables-could-be-immutable">Variables Could Be immutable</a></li> <li><a href="#lack-of-indexed-event-parameters">Lack of Indexed Event Parameters</a></li> <li><a href="#use-calldata-instead-of-memory">Use calldata Instead of memory</a></li> <li><a href="#functions-updating-state-without-event-emissions">Functions Updating State Without Event Emissions</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Fsonic-gateway-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Solidity Fri, 13 Dec 2024 18:52:41 GMT https://blog.openzeppelin.com/sonic-gateway-audit 2024-12-13T18:52:41Z OpenZeppelin Security Protocol Defense Audit https://blog.openzeppelin.com/protocol-defense-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/protocol-defense-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Protocol%20Defense%20Audit.png" alt="Protocol Defense Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#introduction">Introduction</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#misleading-errors">Misleading Errors</a></li> <li><a href="#inconsistent-input-validation">Inconsistent Input Validation</a></li> <li><a href="#getallhyperchains-function-reverts-due-to-invalid-key-access">getAllHyperchains Function Reverts Due to Invalid Key Access</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#standardize-custom-error-for-consistency">Standardize Custom Error for Consistency</a></li> <li><a href="#typographical-errors">Typographical Errors</a></li> <li><a href="#duplicate-error-import">Duplicate Error Import</a></li> <li><a href="#risk-with-floating-pragma-and-yul-optimizer-bug">Risk with Floating Pragma and Yul Optimizer Bug</a></li> <li><a href="#unused-errors">Unused Errors</a></li> <li><a href="#improved-organization-of-error-files">Improved Organization of Error Files</a></li> <li><a href="#naming-issues">Naming Issues</a></li> <li><a href="#unnamed-error-parameters">Unnamed Error Parameters</a></li> <li><a href="#misleading-use-of-i-prefix-in-abstract-contract">Misleading Use of "I" Prefix in Abstract Contract</a></li> <li><a href="#unused-enum">Unused Enum</a></li> <li><a href="#file-and-contract-names-mismatch">File and Contract Names Mismatch</a></li> <li><a href="#misplaced-error-declarations">Misplaced Error Declarations</a></li> <li><a href="#unused-named-return-variable">Unused Named Return Variable</a></li> <li><a href="#constants-not-using-upper_case-format">Constants Not Using UPPER_CASE Format</a></li> <li><a href="#unnecessary-casts">Unnecessary Casts</a></li> <li><a href="#risk-of-disabling-valid-warnings">Risk of Disabling Valid Warnings</a></li> <li><a href="#unjustified-use-of-solhint-disable-comments">Unjustified Use of solhint-disable Comments</a></li> <li><a href="#inconsistent-application-of-solhint-rule-gas-length-in-loops">Inconsistent Application of Solhint Rule gas-length-in-loops</a></li> <li><a href="#duplicate-code">Duplicate Code</a></li> <li><a href="#overly-exposed-state-variable">Overly Exposed State Variable</a></li> <li><a href="#inconsistent-initialization-of-local-variables">Inconsistent Initialization of Local Variables</a></li> <li><a href="#todo-comments-in-the-code">Todo Comments in the Code</a></li> <li><a href="#misleading-documentation">Misleading Documentation</a></li> <li><a href="#lack-of-indexed-event-parameters">Lack of Indexed Event Parameters</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/protocol-defense-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Protocol%20Defense%20Audit.png" alt="Protocol Defense Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#introduction">Introduction</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#misleading-errors">Misleading Errors</a></li> <li><a href="#inconsistent-input-validation">Inconsistent Input Validation</a></li> <li><a href="#getallhyperchains-function-reverts-due-to-invalid-key-access">getAllHyperchains Function Reverts Due to Invalid Key Access</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#standardize-custom-error-for-consistency">Standardize Custom Error for Consistency</a></li> <li><a href="#typographical-errors">Typographical Errors</a></li> <li><a href="#duplicate-error-import">Duplicate Error Import</a></li> <li><a href="#risk-with-floating-pragma-and-yul-optimizer-bug">Risk with Floating Pragma and Yul Optimizer Bug</a></li> <li><a href="#unused-errors">Unused Errors</a></li> <li><a href="#improved-organization-of-error-files">Improved Organization of Error Files</a></li> <li><a href="#naming-issues">Naming Issues</a></li> <li><a href="#unnamed-error-parameters">Unnamed Error Parameters</a></li> <li><a href="#misleading-use-of-i-prefix-in-abstract-contract">Misleading Use of "I" Prefix in Abstract Contract</a></li> <li><a href="#unused-enum">Unused Enum</a></li> <li><a href="#file-and-contract-names-mismatch">File and Contract Names Mismatch</a></li> <li><a href="#misplaced-error-declarations">Misplaced Error Declarations</a></li> <li><a href="#unused-named-return-variable">Unused Named Return Variable</a></li> <li><a href="#constants-not-using-upper_case-format">Constants Not Using UPPER_CASE Format</a></li> <li><a href="#unnecessary-casts">Unnecessary Casts</a></li> <li><a href="#risk-of-disabling-valid-warnings">Risk of Disabling Valid Warnings</a></li> <li><a href="#unjustified-use-of-solhint-disable-comments">Unjustified Use of solhint-disable Comments</a></li> <li><a href="#inconsistent-application-of-solhint-rule-gas-length-in-loops">Inconsistent Application of Solhint Rule gas-length-in-loops</a></li> <li><a href="#duplicate-code">Duplicate Code</a></li> <li><a href="#overly-exposed-state-variable">Overly Exposed State Variable</a></li> <li><a href="#inconsistent-initialization-of-local-variables">Inconsistent Initialization of Local Variables</a></li> <li><a href="#todo-comments-in-the-code">Todo Comments in the Code</a></li> <li><a href="#misleading-documentation">Misleading Documentation</a></li> <li><a href="#lack-of-indexed-event-parameters">Lack of Indexed Event Parameters</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Fprotocol-defense-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits L2's Solidity Wed, 11 Dec 2024 14:45:44 GMT https://blog.openzeppelin.com/protocol-defense-audit 2024-12-11T14:45:44Z OpenZeppelin Security Sonic Opera Native Token Bridge Audit https://blog.openzeppelin.com/sonic-opera-native-token-bridge-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/sonic-opera-native-token-bridge-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Sonic%20Opera%20Native%20Token%20Bridge%20Audit%20.png" alt="Sonic Opera Native Token Bridge Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#the-opera-bridge">The Opera Bridge</a></li> </ul> </li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> </ul> </li> <li><a href="#deployment-script">Deployment Script</a></li> <li><a href="#medium-severity">Medium Severity</a> <ul> <li><a href="#missing-chain-id-and-contract-address-in-message-hash">Missing Chain ID and Contract Address in Message Hash</a></li> <li><a href="#incorrect-chain-id-values-in-operats-and-paramsjson">Incorrect Chain ID Values in opera.ts and params.json</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#potential-impact-of-eip-7702-on-eoa-assumption">Potential Impact of EIP-7702 on EOA Assumption</a></li> <li><a href="#missing-verification-for-total-sum-of-user-withdrawals">Missing Verification for Total Sum of User Withdrawals</a></li> <li><a href="#fee-can-change-during-deposit">Fee Can Change During Deposit</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#variable-could-be-immutable">Variable Could Be immutable</a></li> <li><a href="#lack-of-security-contact">Lack of Security Contact</a></li> <li><a href="#incorrect-order-of-modifiers">Incorrect Order of Modifiers</a></li> <li><a href="#file-and-interface-name-mismatch">File and Interface Name Mismatch</a></li> <li><a href="#incomplete-docstrings">Incomplete Docstrings</a></li> <li><a href="#variable-name-suggestion">Variable Name Suggestion</a></li> <li><a href="#inefficient-use-of-uint16-type">Inefficient Use of uint16 Type</a></li> <li><a href="#unused-error">Unused Error</a></li> <li><a href="#functions-are-updating-the-state-without-event-emissions">Functions Are Updating the State Without Event Emissions</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/sonic-opera-native-token-bridge-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Sonic%20Opera%20Native%20Token%20Bridge%20Audit%20.png" alt="Sonic Opera Native Token Bridge Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#the-opera-bridge">The Opera Bridge</a></li> </ul> </li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> </ul> </li> <li><a href="#deployment-script">Deployment Script</a></li> <li><a href="#medium-severity">Medium Severity</a> <ul> <li><a href="#missing-chain-id-and-contract-address-in-message-hash">Missing Chain ID and Contract Address in Message Hash</a></li> <li><a href="#incorrect-chain-id-values-in-operats-and-paramsjson">Incorrect Chain ID Values in opera.ts and params.json</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#potential-impact-of-eip-7702-on-eoa-assumption">Potential Impact of EIP-7702 on EOA Assumption</a></li> <li><a href="#missing-verification-for-total-sum-of-user-withdrawals">Missing Verification for Total Sum of User Withdrawals</a></li> <li><a href="#fee-can-change-during-deposit">Fee Can Change During Deposit</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#variable-could-be-immutable">Variable Could Be immutable</a></li> <li><a href="#lack-of-security-contact">Lack of Security Contact</a></li> <li><a href="#incorrect-order-of-modifiers">Incorrect Order of Modifiers</a></li> <li><a href="#file-and-interface-name-mismatch">File and Interface Name Mismatch</a></li> <li><a href="#incomplete-docstrings">Incomplete Docstrings</a></li> <li><a href="#variable-name-suggestion">Variable Name Suggestion</a></li> <li><a href="#inefficient-use-of-uint16-type">Inefficient Use of uint16 Type</a></li> <li><a href="#unused-error">Unused Error</a></li> <li><a href="#functions-are-updating-the-state-without-event-emissions">Functions Are Updating the State Without Event Emissions</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Fsonic-opera-native-token-bridge-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Solidity Mon, 09 Dec 2024 13:46:34 GMT https://blog.openzeppelin.com/sonic-opera-native-token-bridge-audit 2024-12-09T13:46:34Z OpenZeppelin Security LineaRollup and TokenBridge Role Upgrade https://blog.openzeppelin.com/linearollup-and-tokenbridge-role-upgrade <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/linearollup-and-tokenbridge-role-upgrade" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Linea%20audit-1.png" alt="LineaRollup and TokenBridge Role Upgrade" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <p>December 4, 2024</p> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/linearollup-and-tokenbridge-role-upgrade" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Linea%20audit-1.png" alt="LineaRollup and TokenBridge Role Upgrade" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <p>December 4, 2024</p> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Flinearollup-and-tokenbridge-role-upgrade&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Solidity Thu, 28 Nov 2024 14:55:36 GMT https://blog.openzeppelin.com/linearollup-and-tokenbridge-role-upgrade 2024-11-28T14:55:36Z OpenZeppelin Security Tesseract Protocol Audit https://blog.openzeppelin.com/tesseract-protocol-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/tesseract-protocol-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Tesseract%20audit.png" alt="Tesseract Protocol Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a></li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> <li><a href="#compatibility">Compatibility</a></li> </ul> </li> <li><a href="#high-severity">High Severity</a> <ul> <li><a href="#native-token-bridge-functionality-is-unsupported">Native Token Bridge Functionality is Unsupported</a></li> <li><a href="#cross-function-reentrancy-in-yakswapcell">Cross-Function Reentrancy in YakSwapCell</a></li> </ul> </li> <li><a href="#medium-severity">Medium Severity</a> <ul> <li><a href="#zero-fee-in-yakswapcell_swap-causes-revert-when-fee-is-enabled">Zero Fee in YakSwapCell._swap Causes Revert When Fee Is Enabled</a></li> <li><a href="#incompatibility-with-tokens-that-implement-approval-race-protection">Incompatibility with Tokens That Implement Approval Race Protection</a></li> <li><a href="#abi-decode-might-produce-unexpected-reverts">ABI Decode Might Produce Unexpected Reverts</a></li> <li><a href="#fixed-gas-limit-in-single-hop-transfers">Fixed Gas Limit in Single-Hop Transfers</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#incorrect-handling-of-secondaryfee-for-single-hops">Incorrect Handling of secondaryFee for Single Hops</a></li> <li><a href="#unrestricted-access-to-the-receivetokens">Unrestricted Access to the receiveTokens</a></li> <li><a href="#lack-of-input-validation">Lack of Input Validation</a></li> <li><a href="#swapfailed-event-redundancy">SwapFailed Event Redundancy</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#use-of-custom-errors">Use of Custom Errors</a></li> <li><a href="#non-explicit-import-are-used">Non Explicit Import Are Used</a></li> <li><a href="#missing-validation-for-hop-index">Missing Validation for Hop Index</a></li> <li><a href="#unused-import">Unused Import</a></li> <li><a href="#redundant-indexing-of-amount-in-rollback-event">Redundant Indexing of amount in Rollback Event</a></li> <li><a href="#excessive-data-in-multihop-payload-transmission">Excessive Data in Multihop Payload Transmission</a></li> <li><a href="#excessive-complexity-of-the-cell-contract">Excessive Complexity of the Cell Contract</a></li> <li><a href="#redundant-value-returned-by-route-function-in-yakswapcell-contract">Redundant Value Returned by route Function in YakSwapCell Contract</a></li> <li><a href="#potential-panic-error-in-yakswapcell-contracts-route-function">Potential Panic Error in YakSwapCell Contract's route Function</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> <li><a href="#appendix">Appendix</a> <ul> <li><a href="#out-of-scope-issues">Out of Scope Issues</a></li> </ul> </li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/tesseract-protocol-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Tesseract%20audit.png" alt="Tesseract Protocol Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a></li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> <li><a href="#compatibility">Compatibility</a></li> </ul> </li> <li><a href="#high-severity">High Severity</a> <ul> <li><a href="#native-token-bridge-functionality-is-unsupported">Native Token Bridge Functionality is Unsupported</a></li> <li><a href="#cross-function-reentrancy-in-yakswapcell">Cross-Function Reentrancy in YakSwapCell</a></li> </ul> </li> <li><a href="#medium-severity">Medium Severity</a> <ul> <li><a href="#zero-fee-in-yakswapcell_swap-causes-revert-when-fee-is-enabled">Zero Fee in YakSwapCell._swap Causes Revert When Fee Is Enabled</a></li> <li><a href="#incompatibility-with-tokens-that-implement-approval-race-protection">Incompatibility with Tokens That Implement Approval Race Protection</a></li> <li><a href="#abi-decode-might-produce-unexpected-reverts">ABI Decode Might Produce Unexpected Reverts</a></li> <li><a href="#fixed-gas-limit-in-single-hop-transfers">Fixed Gas Limit in Single-Hop Transfers</a></li> </ul> </li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#incorrect-handling-of-secondaryfee-for-single-hops">Incorrect Handling of secondaryFee for Single Hops</a></li> <li><a href="#unrestricted-access-to-the-receivetokens">Unrestricted Access to the receiveTokens</a></li> <li><a href="#lack-of-input-validation">Lack of Input Validation</a></li> <li><a href="#swapfailed-event-redundancy">SwapFailed Event Redundancy</a></li> </ul> </li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#use-of-custom-errors">Use of Custom Errors</a></li> <li><a href="#non-explicit-import-are-used">Non Explicit Import Are Used</a></li> <li><a href="#missing-validation-for-hop-index">Missing Validation for Hop Index</a></li> <li><a href="#unused-import">Unused Import</a></li> <li><a href="#redundant-indexing-of-amount-in-rollback-event">Redundant Indexing of amount in Rollback Event</a></li> <li><a href="#excessive-data-in-multihop-payload-transmission">Excessive Data in Multihop Payload Transmission</a></li> <li><a href="#excessive-complexity-of-the-cell-contract">Excessive Complexity of the Cell Contract</a></li> <li><a href="#redundant-value-returned-by-route-function-in-yakswapcell-contract">Redundant Value Returned by route Function in YakSwapCell Contract</a></li> <li><a href="#potential-panic-error-in-yakswapcell-contracts-route-function">Potential Panic Error in YakSwapCell Contract's route Function</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> <li><a href="#appendix">Appendix</a> <ul> <li><a href="#out-of-scope-issues">Out of Scope Issues</a></li> </ul> </li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Ftesseract-protocol-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Solidity Thu, 28 Nov 2024 14:23:34 GMT https://blog.openzeppelin.com/tesseract-protocol-audit 2024-11-28T14:23:34Z OpenZeppelin Security Cross Chain Swaps Audit https://blog.openzeppelin.com/cross-chain-swaps-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/cross-chain-swaps-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Cross%20Chain%20Swaps%20Audit.png" alt="Cross Chain Swaps Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> </ul> </li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a></li> <li><a href="#general-recommendations">General Recommendations</a></li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#missing-docstrings">Missing Docstrings</a></li> <li><a href="#incomplete-docstrings">Incomplete Docstrings</a></li> <li><a href="#gas-optimization">Gas Optimization</a></li> <li><a href="#lack-of-sensitive-event-emission">Lack of Sensitive Event Emission</a></li> <li><a href="#floating-pragma">Floating Pragma</a></li> <li><a href="#publicwithdraw-can-happen-during-cancellation">publicWithdraw Can Happen During Cancellation</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/cross-chain-swaps-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Cross%20Chain%20Swaps%20Audit.png" alt="Cross Chain Swaps Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a> <ul> <li><a href="#privileged-roles">Privileged Roles</a></li> </ul> </li> <li><a href="#security-model-and-trust-assumptions">Security Model and Trust Assumptions</a></li> <li><a href="#general-recommendations">General Recommendations</a></li> <li><a href="#low-severity">Low Severity</a> <ul> <li><a href="#missing-docstrings">Missing Docstrings</a></li> <li><a href="#incomplete-docstrings">Incomplete Docstrings</a></li> <li><a href="#gas-optimization">Gas Optimization</a></li> <li><a href="#lack-of-sensitive-event-emission">Lack of Sensitive Event Emission</a></li> <li><a href="#floating-pragma">Floating Pragma</a></li> <li><a href="#publicwithdraw-can-happen-during-cancellation">publicWithdraw Can Happen During Cancellation</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Fcross-chain-swaps-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Solidity Thu, 14 Nov 2024 14:37:03 GMT https://blog.openzeppelin.com/cross-chain-swaps-audit 2024-11-14T14:37:03Z OpenZeppelin Security Dojo Namespace Diff Audit https://blog.openzeppelin.com/dojo-namespace-diff-audit <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/dojo-namespace-diff-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Dojo%20Audit.png" alt="Dojo Namespace Diff Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a></li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#incomplete-comment">Incomplete Comment</a></li> <li><a href="#naming-suggestion">Naming Suggestion</a></li> <li><a href="#todo-comments">TODO Comments</a></li> <li><a href="#code-simplification">Code Simplification</a></li> <li><a href="#unused-code">Unused code</a></li> <li><a href="#typographical-error">Typographical Error</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <div class="hs-featured-image-wrapper"> <a href="https://blog.openzeppelin.com/dojo-namespace-diff-audit" title="" class="hs-featured-image-link"> <img src="https://blog.openzeppelin.com/hubfs/Dojo%20Audit.png" alt="Dojo Namespace Diff Audit" class="hs-featured-image" style="width:auto !important; max-width:50%; float:left; margin:0 15px 15px 0;"> </a> </div> <h2>Table of Contents</h2> <div class="toc"> <ul> <li><a href="#table-of-contents">Table of Contents</a></li> <li><a href="#summary">Summary</a></li> <li><a href="#scope">Scope</a></li> <li><a href="#system-overview">System Overview</a></li> <li><a href="#notes-additional-information">Notes &amp; Additional Information</a> <ul> <li><a href="#incomplete-comment">Incomplete Comment</a></li> <li><a href="#naming-suggestion">Naming Suggestion</a></li> <li><a href="#todo-comments">TODO Comments</a></li> <li><a href="#code-simplification">Code Simplification</a></li> <li><a href="#unused-code">Unused code</a></li> <li><a href="#typographical-error">Typographical Error</a></li> </ul> </li> <li><a href="#conclusion">Conclusion</a></li> </ul> </div> <img src="https://track.hubspot.com/__ptq.gif?a=7795250&amp;k=14&amp;r=https%3A%2F%2Fblog.openzeppelin.com%2Fdojo-namespace-diff-audit&amp;bu=https%253A%252F%252Fblog.openzeppelin.com&amp;bvt=rss" alt="" width="1" height="1" style="min-height:1px!important;width:1px!important;border-width:0!important;margin-top:0!important;margin-bottom:0!important;margin-right:0!important;margin-left:0!important;padding-top:0!important;padding-bottom:0!important;padding-right:0!important;padding-left:0!important; "> Security Audits Gaming Cairo Tue, 12 Nov 2024 14:22:19 GMT https://blog.openzeppelin.com/dojo-namespace-diff-audit 2024-11-12T14:22:19Z OpenZeppelin Security