Aderyn Analysis Report

This report was generated by Aderyn, a static analysis tool built by Cyfrin, a blockchain security company. This report is not a substitute for manual audit or security review. It should not be relied upon for any purpose other than to assist in the identification of potential security vulnerabilities.

Summary

Files Summary

Key	Value
.sol Files	2
Total nSLOC	224

Files Details

Filepath	nSLOC
src/SimpleVRFContract.sol	40
src/TreasureTiles.sol	184
Total	224

Issue Summary

Category	No. of Issues
High	0
Low	5

Low Issues

L-1: Centralization Risk for trusted owners

Contracts have owners with privileged rights to perform admin tasks and need to be trusted to not perform malicious updates or drain funds.

2 Found Instances

Found in src/TreasureTiles.sol Line: 13

 contract TreasureTiles is GelatoVRFConsumerBase, ReentrancyGuard, Ownable {

Found in src/TreasureTiles.sol Line: 223

     function collectFees() external onlyOwner {

L-2: Solidity pragma should be specific, not wide

Consider using a specific version of Solidity in your contracts instead of a wide version. For example, instead of pragma solidity ^0.8.0;, use pragma solidity 0.8.0;

1 Found Instances

Found in src/SimpleVRFContract.sol Line: 2
```
 pragma solidity ^0.8.18;
```

L-3: Event is missing `indexed` fields

Index event fields make the field more quickly accessible to off-chain tools that parse events. However, note that each index field costs extra gas during emission, so it's not necessarily best to index the maximum allowed per event (three fields). Each event should use three indexed fields if there are three or more fields, and gas usage is not particularly of concern for the events in question. If there are fewer than three fields, all of the fields should be indexed.

3 Found Instances

Found in src/SimpleVRFContract.sol Line: 19

     event RandomnessRequested(uint64 requestId);

Found in src/SimpleVRFContract.sol Line: 20

     event RandomnessFulfilled(uint256 indexed nonce, Request);

Found in src/TreasureTiles.sol Line: 109

     event RandomnessFulfilled(uint256 indexed nonce, Game);

L-4: PUSH0 is not supported by all chains

Solc compiler version 0.8.20 switches the default target EVM version to Shanghai, which means that the generated bytecode will include PUSH0 opcodes. Be sure to select the appropriate EVM version in case you intend to deploy on a chain other than mainnet like L2 chains that may not support PUSH0, otherwise deployment of your contracts will fail.

1 Found Instances

Found in src/SimpleVRFContract.sol Line: 2
```
 pragma solidity ^0.8.18;
```

L-5: Large literal values multiples of 10000 can be replaced with scientific notation

Use e notation, for example: 1e18, instead of its full numeric value.

39 Found Instances

Found in src/TreasureTiles.sol Line: 51
```
         200_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 52
```
         360_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 53
```
         488_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 54
```
         590_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 55
```
         672_320_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 56
```
         737_856_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 57
```
         790_284_800_000_000_000,
```
Found in src/TreasureTiles.sol Line: 58
```
         832_227_840_000_000_000,
```
Found in src/TreasureTiles.sol Line: 59
```
         865_782_272_000_000_000,
```
Found in src/TreasureTiles.sol Line: 60
```
         892_625_817_600_000_000,
```
Found in src/TreasureTiles.sol Line: 61
```
         914_100_654_080_000_000,
```
Found in src/TreasureTiles.sol Line: 62
```
         931_280_523_264_000_000,
```
Found in src/TreasureTiles.sol Line: 63
```
         945_024_418_611_200_000,
```
Found in src/TreasureTiles.sol Line: 64
```
         956_019_534_888_960_000,
```
Found in src/TreasureTiles.sol Line: 80
```
         1_006_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 81
```
         1_025_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 82
```
         1_057_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 83
```
         1_102_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 84
```
         1_160_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 85
```
         1_230_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 86
```
         1_313_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 87
```
         1_409_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 88
```
         1_518_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 89
```
         1_640_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 90
```
         1_774_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 91
```
         1_921_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 92
```
         2_081_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 93
```
         2_254_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 94
```
         2_440_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 95
```
         2_638_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 96
```
         2_849_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 97
```
         3_073_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 98
```
         3_310_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 99
```
         3_560_000_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 100
```
         3_822_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 101
```
         4_097_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 102
```
         4_385_600_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 103
```
         4_686_400_000_000_000_000,
```
Found in src/TreasureTiles.sol Line: 104
```
         5_000_000_000_000_000_000
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

report.md

report.md

Aderyn Analysis Report

Table of Contents

Summary

Files Summary

Files Details

Issue Summary

Low Issues

L-1: Centralization Risk for trusted owners

L-2: Solidity pragma should be specific, not wide

L-3: Event is missing `indexed` fields

L-4: PUSH0 is not supported by all chains

L-5: Large literal values multiples of 10000 can be replaced with scientific notation

Files

report.md

Latest commit

History

report.md

File metadata and controls

Aderyn Analysis Report

Table of Contents

Summary

Files Summary

Files Details

Issue Summary

Low Issues

L-1: Centralization Risk for trusted owners

L-2: Solidity pragma should be specific, not wide

L-3: Event is missing indexed fields

L-4: PUSH0 is not supported by all chains

L-5: Large literal values multiples of 10000 can be replaced with scientific notation

L-3: Event is missing `indexed` fields