Audit checklist

[arthcp]

• Use the latest major version of Solidity.
• All happy path tests
• All revert condition tests.
• Run Slither/MythX
• Run spellchecker
• Fuzz tests, invariant testing
• Recheck immutable setters in deploy scripts.
• Test contracts hitting code size limit.
• Check major functions for reentrancy attacks.
  • Function should set a unique variable at start that blocks reentry.
  • Function should handle storage variables safely.
  • Avoid if reentring a function doesnt have any impact to protocol.
• Add natspec for all public/external functions.
• Explain all id creations.
• Explain usage of unchecked code blocks.
• Prepare assumptions, external actors list.
• Prepare audit goals list.
• version lib usage?
• execute try/catch

[arthcp]

Audit Scope

capacitors/
  SingleCapacitor.sol
  BaseCapacitor.sol
decapacitors/
  SingleDecapacitor.sol
libraries/
  RescueFundsLib.sol
socket/
  Socket.sol
  SocketDst.sol
  SocketBase.sol
  SocketConfig.sol
  SocketSrc.sol
switchboard/
  default-switchboards/
    FastSwitchboard.sol
    OptimisticSwitchboard.sol
    SwitchboardBase.sol
  native/
    ArbitrumL1Switchboard.sol
    NativeSwitchboardBase.sol
    PolygonL1Switchboard.sol
    ArbitrumL2Switchboard.sol
    OptimismSwitchboard.sol
    PolygonL2Switchboard.sol
utils/
  AccessControl.sol
  AccessControlExtended.sol
  Hasher.sol
  Ownable.sol
  SignatureVerifier.sol
CapacitorFactory.sol
ExecutionManager.sol
OpenExecutionManager.sol
TransmitManager.sol