1inch is a decentralized exchange aggregator that sources liquidity from various exchanges and is capable of splitting a single trade transaction across multiple DEXs. Smart contract technology empowers this aggregator enabling users to optimize and customize their trades.
OneInch.constructor(address)._owner (#1370) shadows:
- Ownable._owner (#934) (state variable)
Rename the local variables that shadow another component.
Additional information: link
ERC20Permit.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (#1316-1338) uses timestamp for comparisons
Dangerous comparisons:
- require(bool,string)(block.timestamp <= deadline,ERC20Permit: expired deadline) (#1318)
Avoid relying on block.timestamp.
Additional information: link
Address.isContract(address) (#697-706) uses assembly
- INLINE ASM (#704)
Address._verifyCallResult(bool,bytes,string) (#818-835) uses assembly
- INLINE ASM (#827-830)
EIP712._getChainId() (#1276-1281) uses assembly
- INLINE ASM (#1278-1280)
ECDSA.recover(bytes32,bytes) (#1112-1133) uses assembly
- INLINE ASM (#1126-1130)
Do not use evm assembly.
Additional information: link
Different versions of Solidity are used:
- Version used: ['>=0.6.0<0.8.0', '>=0.6.2<0.8.0', '^0.6.0']
- >=0.6.0<0.8.0 (#53)
- >=0.6.0<0.8.0 (#80)
- >=0.6.0<0.8.0 (#160)
- >=0.6.0<0.8.0 (#322)
- >=0.6.0<0.8.0 (#630)
- >=0.6.2<0.8.0 (#674)
- >=0.6.0<0.8.0 (#842)
- >=0.6.0<0.8.0 (#919)
- >=0.6.0<0.8.0 (#989)
- ^0.6.0 (#1031)
- ^0.6.0 (#1087)
- ^0.6.0 (#1178)
- ^0.6.0 (#1288)
- ^0.6.0 (#1360)
Use one Solidity version.
Additional information: link
Redundant expression "this (#71)" inContext (#65-74)
Remove redundant statements if they congest code but offer no value.
Additional information: link
SafeMath.mul(uint256,uint256) (#234-246) is never used and should be removed
Address.sendValue(address,uint256) (#724-730) is never used and should be removed
Address.functionCallWithValue(address,bytes,uint256) (#775-777) is never used and should be removed
ECDSA.recover(bytes32,bytes) (#1112-1133) is never used and should be removed
SafeERC20.safeIncreaseAllowance(IERC20,address,uint256) (#886-889) is never used and should be removed
ECDSA.toEthSignedMessageHash(bytes32) (#1167-1171) is never used and should be removed
SafeERC20.safeApprove(IERC20,address,uint256) (#875-884) is never used and should be removed
SafeMath.mod(uint256,uint256,string) (#312-315) is never used and should be removed
SafeERC20.safeTransferFrom(IERC20,address,address,uint256) (#864-866) is never used and should be removed
SafeMath.div(uint256,uint256,string) (#276-282) is never used and should be removed
Counters.decrement(Counters.Counter) (#1022-1024) is never used and should be removed
ERC20._setupDecimals(uint8) (#605-607) is never used and should be removed
Context._msgData() (#70-73) is never used and should be removed
Address.functionStaticCall(address,bytes) (#800-802) is never used and should be removed
SafeMath.mod(uint256,uint256) (#296-298) is never used and should be removed
SafeMath.div(uint256,uint256) (#260-262) is never used and should be removed
SafeERC20.safeDecreaseAllowance(IERC20,address,uint256) (#891-894) is never used and should be removed
Address.functionStaticCall(address,bytes,string) (#810-816) is never used and should be removed
Address.functionCall(address,bytes) (#750-752) is never used and should be removed
Remove unused functions.
Additional information: link
Pragma version>=0.6.0<0.8.0 (#322) is too complex
Pragma version^0.6.0 (#1087) allows old versions
Pragma version^0.6.0 (#1288) allows old versions
Pragma version>=0.6.0<0.8.0 (#630) is too complex
Pragma version^0.6.0 (#1178) allows old versions
Pragma version^0.6.0 (#1031) allows old versions
Pragma version>=0.6.0<0.8.0 (#53) is too complex
Pragma version>=0.6.0<0.8.0 (#80) is too complex
Pragma version>=0.6.2<0.8.0 (#674) is too complex
Pragma version>=0.6.0<0.8.0 (#160) is too complex
Pragma version>=0.6.0<0.8.0 (#919) is too complex
Pragma version>=0.6.0<0.8.0 (#989) is too complex
Pragma version^0.6.0 (#1360) allows old versions
Pragma version>=0.6.0<0.8.0 (#842) is too complex
Deploy with any of the following Solidity versions: 0.5.16 - 0.5.17, 0.6.11 - 0.6.12, 0.7.5 - 0.7.6 Use a simple pragma version that allows any of these versions. Consider using the latest version of Solidity for testing.
Additional information: link
Low level call in Address.functionCallWithValue(address,bytes,uint256,string) (#785-792):
- (success,returndata) = target.call{value: value}(data) (#790)
Low level call in Address.sendValue(address,uint256) (#724-730):
- (success) = recipient.call{value: amount}() (#728)
Low level call in Address.functionStaticCall(address,bytes,string) (#810-816):
- (success,returndata) = target.staticcall(data) (#814)
Avoid low-level calls. Check the call success. If the call is meant for a contract, check for code existence
Additional information: link
Variable EIP712._TYPE_HASH (#1208) is not in mixedCase
Variable ERC20Permit._PERMIT_TYPEHASH (#1311) is not in mixedCase
Function IERC20Permit.DOMAIN_SEPARATOR() (#1080) is not in mixedCase
Variable EIP712._CACHED_CHAIN_ID (#1204) is not in mixedCase
Function ERC20Permit.DOMAIN_SEPARATOR() (#1351-1353) is not in mixedCase
Variable EIP712._HASHED_NAME (#1206) is not in mixedCase
Variable EIP712._CACHED_DOMAIN_SEPARATOR (#1203) is not in mixedCase
Variable EIP712._HASHED_VERSION (#1207) is not in mixedCase
Follow the Solidity naming convention.
Additional information: link
transferFrom(address,address,uint256) should be declared external:
- ERC20.transferFrom(address,address,uint256) (#470-474)
burnFrom(address,uint256) should be declared external:
- ERC20Burnable.burnFrom(address,uint256) (#662-667)
renounceOwnership() should be declared external:
- Ownable.renounceOwnership() (#969-972)
permit(address,address,uint256,uint256,uint8,bytes32,bytes32) should be declared external:
- ERC20Permit.permit(address,address,uint256,uint256,uint8,bytes32,bytes32) (#1316-1338)
decimals() should be declared external:
- ERC20.decimals() (#407-409)
decreaseAllowance(address,uint256) should be declared external:
- ERC20.decreaseAllowance(address,uint256) (#507-510)
symbol() should be declared external:
- ERC20.symbol() (#390-392)
balanceOf(address) should be declared external:
- ERC20.balanceOf(address) (#421-423)
transfer(address,uint256) should be declared external:
- ERC20.transfer(address,uint256) (#433-436)
increaseAllowance(address,uint256) should be declared external:
- ERC20.increaseAllowance(address,uint256) (#488-491)
nonces(address) should be declared external:
- ERC20Permit.nonces(address) (#1343-1345)
name() should be declared external:
- ERC20.name() (#382-384)
totalSupply() should be declared external:
- ERC20.totalSupply() (#414-416)
approve(address,uint256) should be declared external:
- ERC20.approve(address,uint256) (#452-455)
burn(uint256) should be declared external:
- ERC20Burnable.burn(uint256) (#647-649)
Use the external attribute for functions never called from the contract.
Additional information: link
Token was delisted from CoinGecko
Additional information: link
Unable to find audit link on the website
Unable to find whitepaper link on the website