Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Session Token>Discussion>Unused and sometimes misleading functions
GeneralOverview
Findings
Critical (1)
High (1)
Medium (1)
Low (1)
Informational (1)
DiscussionUnused and sometimes misleading functionsGas savingsMisleading functions' nameData desynchronizationRedundant checks
Threat ModelWhat are threat models?BN256G1.solBN256G2.solPairing.solRewardRatePool.solServiceNodeContribution.solServiceNodeContributionFactory.solServiceNodeRewards.solTokenConverter.solTokenVestingStaking.sol
Audit ResultsAssessment Results

Unused and sometimes misleading functions

Some functions are unused by the contracts. Here is a list found by the Slither tool:

BN256G1.hashToG1
BN256G1.modPow
BN256G1.mul
BN256G2.ECTwistAdd
BN256G2.ECTwistMul
BN256G2.GetFieldModulus
BN256G2.P2
BN256G2._FQ2Div
BN256G2._FQ2Pow
BN256G2.calcField
BN256G2.getWeierstrass

Some of them have misleading names. For example, hashToG1 may be interpreted as computing a hash from an integer to the curve. However, this function simply performs a scalar multiplication, which has trivial collisions.

To avoid future misusage, unused functions should be removed.

Session team implemented the suggested changes in .

Zellic © 2024Back to top ↑