Add files via upload

src/issues/H/delegateCallInLoop.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.H,
+  title: 'Using `delegatecall` inside a loop',
+  impact: 'When calling `delegatecall` the same `msg.value` amount will be accredited multiple times.',
+  regex: /for[^\(]?\([^\)]*\)?.\{((.*[^\}])\n)*.*delegatecall/g,
+};
+
+export default issue;

src/issues/L/0.8.20.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Solidity version 0.8.20 may not work on other chains due to PUSH0',
+  description:"In Solidity 0.8.20's compiler, the default target EVM version has been changed to Shanghai. This version introduces a new op code called PUSH0.\n However, not all Layer 2 solutions have implemented this op code yet, leading to deployment failures on these chains. To overcome this problem, it is recommended to utilize an earlier EVM version.",
+  regex: /pragma solidity 0.8.1[1-8];/gm,
+};
+
+export default issue;

src/issues/L/2StepOwner.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Use Ownable2Step rather than Ownable',
+  description:"[`Ownable2Step`](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/3d7a93876a2e5e1d7fe29b5a0e96e222afdc4cfa/contracts/access/Ownable2Step.sol#L31-L56) and [`Ownable2StepUpgradeable`](https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/25aabd286e002a1526c345c8db259d57bdf0ad28/contracts/access/Ownable2StepUpgradeable.sol#L47-L63) prevent the contract ownership from mistakenly being transferred to an address that cannot handle it (e.g. due to a typo in the address), by requiring that the recipient of the owner permissions actively accept via a contract call of its own.",
+  regex: /(Ownable | OwnableUpgradeable)/g,
+};
+
+export default issue;

src/issues/L/BoundingForLoop.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Consider bounding input array length',
+  regex: /\bfor\s*\([^;]*;[^;]*;[^)]*\)/g,
+  description:"The functions below take in an unbounded array, and make function calls for entries in the array. While the function will revert if it eventually runs out of gas, it may be a nicer user experience to require() that the length of the array is below some reasonable maximum, so that the user doesn't have to use up a full transaction's gas only to see that the transaction reverts.",
+};
+
+export default issue;

src/issues/L/BugOppenzeplinVersion.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Project has vulnarable NPM dependency version',
+  description:"Upgrade Openzeppelin versi,on to version 4.9.2 or higher. \n Check https://security.snyk.io/package/npm/@openzeppelin%2Fcontracts and \n https://security.snyk.io/package/npm/@openzeppelin%2Fcontracts-upgradeable for more information.",
+  regex: /("@openzeppelin\/contracts"\s*([<:>]+)\s*\s*"(4\.[0-8](\.\d+)?)",|"@openzeppelin\/contracts-upgradeable"\s*([<:>]+)\s*"(\s*(4\.[0-8](\.\d+)?))",)/gm,
+};
+
+export default issue;

src/issues/L/DoubleTypeCast.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Double type casts create complexity within the code',
+  description:"Double type casting should be avoided in Solidity contracts to prevent unintended consequences and ensure accurate data representation. Performing multiple type casts in succession can lead to unexpected truncation, rounding errors, or loss of precision, potentially compromising the contract's functionality and reliability./n Furthermore, double type casting can make the code less readable and harder to maintain, increasing the likelihood of errors and misunderstandings during development and debugging. To ensure precise and consistent data handling, developers should use appropriate data types and avoid unnecessary or excessive type casting, promoting a more robust and dependable contract execution.",
+  regex: /(uint|int)[0-9]+\((uint|int)[0-9]+/gm,
+};
+
+export default issue;

src/issues/L/EmptyReciverFallback.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'No access control on receive/payable fallback',
+  regex: /fallback|receive\(\)\s+\w+(?:\s+\w+)*\s+\{[^\}]*\}/g,
+  description:"Users may send ETH by mistake to these contracts. As there is no access control on these functions, the funds will be permanently lost.",
+};
+
+export default issue;

src/issues/L/SafeApproveTypeMax.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Approve type(uint256).max not work with some tokens',
+  description:"Source: https://github.com/d-xo/weird-erc20#revert-on-large-approvals--transfers.",
+  regex: /.*safeApprove.*type\(uint256\)\.max.*;/gm,
+};
+
+export default issue;

src/issues/L/avoidEncodePacked.ts

@@ -0,0 +1,13 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title:
+    ' `abi.encodePacked()` should not be used with dynamic types when passing the result to a hash function such as `keccak256()`',
+  description:
+    'Use `abi.encode()` instead which will pad items to 32 bytes, which will [prevent hash collisions](https://docs.soliditylang.org/en/v0.8.13/abi-spec.html#non-standard-packed-mode) (e.g. `abi.encodePacked(0x123,0x456)` => `0x123456` => `abi.encodePacked(0x1,0x23456)`, but `abi.encode(0x123,0x456)` => `0x0...1230...456`). "Unless there is a compelling reason, `abi.encode` should be preferred". If there is only one argument to `abi.encodePacked()` it can often be cast to `bytes()` or `bytes32()` [instead](https://ethereum.stackexchange.com/questions/30912/how-to-compare-strings-in-solidity#answer-82739).\nIf all arguments are strings and or bytes, `bytes.concat()` should be used instead',
+  regex: /keccak(256)?.?\(abi.encodePacked/g,
+};
+
+export default issue;

src/issues/L/deprecatedFunctions.ts

@@ -0,0 +1,10 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Do not use deprecated library functions',
+  regex: /_setupRole\(|safeApprove\(/g,
+};
+
+export default issue;

src/issues/L/don'tUseBlockTimeStamp.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Truncating block.timestamp can reduce the lifespan of a contract',
+  description:'Consider removing the casting to extend the lifespan of these contracts.',
+  regex: /uint64\(block\.timestamp\)/gm,
+};
+
+export default issue;

src/issues/L/draftContracts.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Draft OpenZeppelin Dependencies',
+  description:"OpenZeppelin contracts may be considered draft contracts if they have not received adequate security auditing or are liable to change with future development.",
+  regex: /\draft/gm,
+};
+
+export default issue;

src/issues/L/emptyBody.ts

@@ -0,0 +1,10 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Empty Function Body - Consider commenting why',
+  regex: /(\{\})|(\{ \})/g,
+};
+
+export default issue;

src/issues/L/ercrecover.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Use of ecrecover is susceptible to signature malleability',
+  description:"The built-in EVM precompile ecrecover is susceptible to signature malleability, which could lead to [replay attacks](https://medium.com/cryptronics/signature-replay-vulnerabilities-in-smart-contracts-3b6f7596df57).\n Consider using OpenZeppelin’s [ECDSA library](https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol#L125-L128) instead of the built-in function.",
+  regex: /ecrecover\(/gm,
+};
+
+export default issue;

src/issues/L/frontRunnableInitializer.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Initializers could be front-run',
+  description: "Initializers could be front-run, allowing an attacker to either set their own values, take ownership of the contract, and in the best case forcing a re-deployment",
+  regex: /initialize\(|init\(|(initializer)/g,
+};
+
+export default issue;

src/issues/L/payableTransferSend.ts

@@ -0,0 +1,12 @@
+
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: "Don't use payable.transfer()/payable.send()",
+  description:"The use of payable.transfer() is heavily frowned upon because it can lead to the locking of funds. The transfer() call requires that the recipient is either an EOA account, or is a contract that has a payable callback. For the contract case, the transfer() call only provides 2300 gas for the contract to complete its operations. This means the following cases can cause the transfer to fail: \ The contract does not have a payable callback \ The contract's payable callback spends more than 2300 gas (which is only enough to emit something) \ The contract is called through a proxy which itself uses up the 2300 gas \ Use OpenZeppelin's Address.sendValue() instead",
+  regex: /payable\([a-z0-9]+\)\.(send|transfer)/gm,
+};
+
+export default issue;

src/issues/L/pricisionLossDivision.ts

@@ -0,0 +1,12 @@
+//@audit-ok require testing 
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: "Loss of precision on division",
+description:"Solidity doesn't support fractions, so division by large numbers could result in the quotient being zero \n To avoid this, it's recommended to require a minimum numerator amount to ensure that it is always greater than the denominator.",
+  regex: /\/\s*.*\s*;/gm,
+};
+
+export default issue;

src/issues/L/pushArray.ts

@@ -0,0 +1,12 @@
+
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: "Array lacks use of the pop function",
+  description:"There are some arrays that can grow indefinitely in size, as they never shrink: this can lead to inefficient memory management and increase the likelihood of out-of-gas errors.",
+  regex: /\.push\(/g,
+};
+
+export default issue;

src/issues/L/transferFromandtransfer.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Use of transfer instead of safeTransfer',
+  description:'It is good to add a `require` statement that checks the return value of token transfers or to use something like OpenZeppelin’s `safeTransfer/safeTransferFrom` unless one is sure the given token reverts in case of a failure. Failure to do so will cause silent failures of transfers and affect token accounting in contract.',
+  regex: /(\.transferFrom|\.transfer)/gm,
+};
+
+export default issue;

src/issues/L/unsafeERC20Operations.ts

@@ -0,0 +1,10 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Unsafe ERC20 operation(s)',
+  regex: /\.transfer\(|\.transferFrom\(|\.approve\(/g,
+};
+
+export default issue;

src/issues/L/unsafeExternalCall.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Gas griefing/theft is possible on an unsafe external call',
+  regex: /\.call/g,
+  description:"A low-level call will copy any amount of bytes to local memory. When bytes are copied from returndata to memory, the memory expansion cost is paid.\n This means that when using a standard solidity call, the callee can 'returnbomb' the caller, imposing an arbitrary gas cost.\n Because this gas is paid by the caller and in the caller's context, it can cause the caller to run out of gas and halt execution.\n Consider replacing all unsafe `call` with `excessivelySafeCall` from this [repository](https://github.com/nomad-xyz/ExcessivelySafeCall).",
+};
+
+export default issue;

src/issues/L/unspecifiedPragma.ts

@@ -0,0 +1,10 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: 'Unspecific compiler version pragma',
+  regex: /pragma solidity (\\^|>)[0-9\.]*/g,
+};
+
+export default issue;

src/issues/L/useOfEcrecover.ts

@@ -0,0 +1,12 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.L,
+  title: "Use of ecrecover is susceptible to signature malleability",
+  description: "The built-in EVM precompile ecrecover is susceptible to signature malleability, which could lead to replay attacks.Consider using OpenZeppelin’s ECDSA library instead of the built-in function.",
+  regex:/\becrecover\b/g
+};
+
+export default issue;
+

src/issues/M/centralizationRisk.ts

@@ -0,0 +1,11 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.M,
+  title: 'Centralization Risk for trusted owners',
+  impact: 'Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.',
+  regex: /( onlyOwner )|( onlyRole\()|( requiresAuth )|(Owned)!?([(, ])|(Ownable)!?([(, ])|(Ownable2Step)!?([(, ])|(AccessControl)!?([(, ])|(AccessControlCrossChain)!?([(, ])|(AccessControlEnumerable)!?([(, ])|(Auth)!?([(, ])|(RolesAuthority)!?([(, ])|(MultiRolesAuthority)!?([(, ])/g,
+};
+
+export default issue;

src/issues/M/safeTransfer.ts

@@ -0,0 +1,10 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.M,
+  title: 'Unsafe ERC20 operation(s)',
+  regex: /(\.transferFrom|\.transfer)/gm,
+};
+
+export default issue;

src/issues/M/soladySafeTransferLib.ts

@@ -0,0 +1,16 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.M,
+  title:
+    'Solady\'s SafeTransferLib does not check for token contract\'s existence',
+  description:
+    'There is a subtle difference between the implementation of solady’s SafeTransferLib and OZ’s SafeERC20: OZ’s SafeERC20 checks if the token is a contract or not, solady’s SafeTransferLib does not.\n'
+    + 'https://github.com/Vectorized/solady/blob/main/src/utils/SafeTransferLib.sol#L10 \n'
+    + '`@dev Note that none of the functions in this library check that a token has code at all! That responsibility is delegated to the caller` \n',
+  regexPreCondition: /solady\/utils\/SafeTransferLib.sol/g,
+  regex: /.safeTransfer\(|\.safeTransferFrom\(|\.safeApprove\(/g,
+};
+
+export default issue;

src/issues/M/solmateSafeTransferLib.ts

@@ -0,0 +1,16 @@
+import { IssueTypes, RegexIssue } from '../../types';
+
+const issue: RegexIssue = {
+  regexOrAST: 'Regex',
+  type: IssueTypes.M,
+  title:
+    ' Solmate\'s SafeTransferLib does not check for token contract\'s existence',
+  description:
+    'There is a subtle difference between the implementation of solmate’s SafeTransferLib and OZ’s SafeERC20: OZ’s SafeERC20 checks if the token is a contract or not, solmate’s SafeTransferLib does not.\n'
+    + 'https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.sol#L9 \n'
+    + '`@dev Note that none of the functions in this library check that a token has code at all! That responsibility is delegated to the caller` \n',
+  regexPreCondition: /solmate\/utils\/SafeTransferLib.sol/g,
+  regex: /.safeTransfer\(|\.safeTransferFrom\(|\.safeApprove\(/g,
+};
+
+export default issue;

src/issues/index.ts

@@ -0,0 +1,15 @@
+import { Issue } from '../types';
+import { recursiveExploration } from '../utils';
+import path from 'path';
+
+const fileNames = recursiveExploration(__dirname + '/', '.ts');
+
+const issues: Issue[] = [];
+for (let file of fileNames) {
+  file = path.join(__dirname, file);
+  if (file !== __filename) {
+    issues.push(require(file).default);
+  }
+}
+
+export default issues;