QA Report

[code423n4]

Non critical

[N-1]require()/revert() statements should have descriptive reason strings

GraphProxy.sol:133:        require(success);
GraphProxyAdmin.sol:34:        require(success);
GraphProxyAdmin.sol:47:        require(success);
GraphProxyAdmin.sol:59:        require(success);

[N-2] Use allowlist/denylist rather than blacklist/whitelist

L1GraphTokenGateway.sol:35:    mapping(address => bool) public callhookWhitelist;
L1GraphTokenGateway.sol:63:    // Emitted when an address is added to the callhook whitelist
L1GraphTokenGateway.sol:64:    event AddedToCallhookWhitelist(address newWhitelisted);
L1GraphTokenGateway.sol:65:    // Emitted when an address is removed from the callhook whitelist
L1GraphTokenGateway.sol:66:    event RemovedFromCallhookWhitelist(address notWhitelisted);
L1GraphTokenGateway.sol:95:     * - whitelisted callhook callers using addToCallhookWhitelist
L1GraphTokenGateway.sol:148:     * @dev Adds an address to the callhook whitelist.
L1GraphTokenGateway.sol:150:     * @param _newWhitelisted Address to add to the whitelist
L1GraphTokenGateway.sol:152:    function addToCallhookWhitelist(address _newWhitelisted) external onlyGovernor {
L1GraphTokenGateway.sol:153:        require(_newWhitelisted != address(0), "INVALID_ADDRESS");
L1GraphTokenGateway.sol:154:        require(!callhookWhitelist[_newWhitelisted], "ALREADY_WHITELISTED");
L1GraphTokenGateway.sol:155:        callhookWhitelist[_newWhitelisted] = true;
L1GraphTokenGateway.sol:156:        emit AddedToCallhookWhitelist(_newWhitelisted);
L1GraphTokenGateway.sol:160:     * @dev Removes an address from the callhook whitelist.
L1GraphTokenGateway.sol:162:     * @param _notWhitelisted Address to remove from the whitelist
L1GraphTokenGateway.sol:164:    function removeFromCallhookWhitelist(address _notWhitelisted) external onlyGovernor {
L1GraphTokenGateway.sol:165:        require(_notWhitelisted != address(0), "INVALID_ADDRESS");
L1GraphTokenGateway.sol:166:        require(callhookWhitelist[_notWhitelisted], "NOT_WHITELISTED");
L1GraphTokenGateway.sol:167:        callhookWhitelist[_notWhitelisted] = false;
L1GraphTokenGateway.sol:168:        emit RemovedFromCallhookWhitelist(_notWhitelisted);
L1GraphTokenGateway.sol:177:     * Also note that whitelisted senders (some protocol contracts) can include additional calldata
L1GraphTokenGateway.sol:180:     * never succeeds. This requires extra care when adding contracts to the whitelist, but is necessary to ensure that
L1GraphTokenGateway.sol:214:                    extraData.length == 0 || callhookWhitelist[msg.sender] == true,
L1GraphTokenGateway.sol:323:     * @param _data Additional call data for the L2 transaction, which must be empty unless the caller is whitelisted
ICallhookReceiver.sol:6: * be whitelisted by the governor, but also implement this interface that contains
L2GraphTokenGateway.sol:214:     * Note that whitelisted senders (some protocol contracts) can include additional calldata
L2GraphTokenGateway.sol:217:     * never succeeds. This requires extra care when adding contracts to the whitelist, but is necessary to ensure that
L2GraphTokenGateway.sol:224:     * @param _data Extra callhook data, only used when the sender is whitelisted

[N-3] Use more recent version of solidity

GraphTokenGateway.sol:3:pragma solidity ^0.7.6;
L1GraphTokenGateway.sol:3:pragma solidity ^0.7.6;
Managed.sol:3:pragma solidity ^0.7.6;
BridgeEscrow.sol:3:pragma solidity ^0.7.6;
GraphUpgradeable.sol:3:pragma solidity ^0.7.6;
IGraphToken.sol:3:pragma solidity ^0.7.6;
IController.sol:3:pragma solidity >=0.6.12 <0.8.0;
GraphProxy.sol:3:pragma solidity ^0.7.6;
IGraphProxy.sol:3:pragma solidity ^0.7.6;
GraphTokenUpgradeable.sol:3:pragma solidity ^0.7.6;
IStaking.sol:3:pragma solidity >=0.6.12 <0.8.0;
Governed.sol:3:pragma solidity ^0.7.6;
IGraphCurationToken.sol:3:pragma solidity ^0.7.6;
ICuration.sol:3:pragma solidity ^0.7.6;
IEpochManager.sol:3:pragma solidity ^0.7.6;
GraphProxyStorage.sol:3:pragma solidity ^0.7.6;
IStakingData.sol:3:pragma solidity >=0.6.12 <0.8.0;
Pausable.sol:3:pragma solidity ^0.7.6;
L2GraphToken.sol:3:pragma solidity ^0.7.6;
IRewardsManager.sol:3:pragma solidity ^0.7.6;
ICallhookReceiver.sol:9:pragma solidity ^0.7.6;
GraphProxyAdmin.sol:3:pragma solidity ^0.7.6;
L2GraphTokenGateway.sol:3:pragma solidity ^0.7.6;

Low

[L-01] abi.encodePacked() should not be used with dynamic types when passing the result to a hash function such as keccak256()

Managed.sol-170-     * @dev Cache a contract address from the Controller registry.
Managed.sol-171-     * @param _name Name of the contract to sync into the cache
Managed.sol-172-     */
Managed.sol-173-    function _syncContract(string memory _name) internal {
Managed.sol:174:        bytes32 nameHash = keccak256(abi.encodePacked(_name));
Managed.sol-175-        address contractAddress = controller.getContractProxy(nameHash);
Managed.sol-176-        if (addressCache[nameHash] != contractAddress) {
Managed.sol-177-            addressCache[nameHash] = contractAddress;
Managed.sol-178-            emit ContractSynced(nameHash, contractAddress);
--
GraphTokenUpgradeable.sol-80-        bytes32 _r,
GraphTokenUpgradeable.sol-81-        bytes32 _s
GraphTokenUpgradeable.sol-82-    ) external {
GraphTokenUpgradeable.sol-83-        bytes32 digest = keccak256(
GraphTokenUpgradeable.sol:84:            abi.encodePacked(
GraphTokenUpgradeable.sol-85-                "\x19\x01",
GraphTokenUpgradeable.sol-86-                DOMAIN_SEPARATOR,
GraphTokenUpgradeable.sol-87-                keccak256(
GraphTokenUpgradeable.sol-88-                    abi.encode(PERMIT_TYPEHASH, _owner, _spender, _value, nonces[_owner], _deadline)