Solang Code Generation

Findings · 14

1. 1 Use of dependency with open RUSTSEC advisory Informational
2. 2 Use of outdated dependencies Informational
3. 3 Insufficient test coverage Informational
4. 4 Tests do not pass with latest stable Rust version Informational
5. 5 Strength reduction does not properly handle undefined variables Low
6. 6 Solang fails to compile certain valid recursive structures Low
7. 7 Monolithic test Informational
8. 8 Optimizations hide unused undefined variables in contracts Informational
9. 9 Solang-compiled contracts can have multiple storage accounts High
10. 10 An attacker can reinitialize a Solang contract High
11. 11 Compiler does not verify the developer-specified size for the data account Medium
12. 12 The bump is not guaranteed to be at the end of seeds array Low
13. 13 Appending state variables to Solang contracts affects their storage layout High
14. 14 Fallback function does not verify the data account’s magic value High

Findings extracted from the published report PDF. See the full report below for details and remediation.