Back to 0v3rf10w's contests

Backd contest - 0v3rf10w's results

Maximize the power of your assets and start earning yield

General Information

Platform: Code4rena

Start Date: 21/04/2022

Pot Size: $100,000 USDC

Total HM: 18

Participants: 60

Period: 7 days

Judge: gzeon

Total Solo HM: 10

Id: 112

League: ETH

Backd

Findings Distribution

Researcher Performance

Rank: 34/60

Findings: 2

Award: $248.66

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryBackd

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x52, 0xDjango, 0xkatana, Dravee, Funen, Kenshin, Ruhum, StyxRave, Tadashi, TerrierLover, TrungOre, antonttc, berndartmueller, catchup, csanuragjain, defsec, dipp, fatherOfBlocks, hake, horsefacts, hubble, jayjonah8, joestakey, kebabsec, kenta, m4rio_eth, oyc_109, pauliax, peritoflores, rayn, remora, robee, securerodd, simon135, sorrynotsorry, sseefried, z3s

Awards

159.3125 USDC - $159.31

Labels

bug
QA (Quality Assurance)
resolved
reviewed

External Links

Link to GitHub issue

QA1: zero address checks

lack of zero address checks -

StakerVault.sol l#66

    function initialize(address _token) external override initializer {
        token = _token;
    }

Vault.sol l#73-80

    constructor(IController _controller)
        Authorization(_controller.addressProvider().getRoleManager())
    {
        controller = _controller;
        IAddressProvider addressProvider_ = _controller.addressProvider();
        addressProvider = addressProvider_;
        reserve = IVaultReserve(addressProvider_.getVaultReserve());
    }

Findings Information

🌟 Selected for report: joestakey

Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xkatana, 0xmint, Dravee, Funen, IllIllI, MaratCerby, NoamYakov, Tadashi, TerrierLover, Tomio, WatchPug, catchup, defsec, fatherOfBlocks, hake, horsefacts, kenta, oyc_109, pauliax, rayn, rfa, robee, saian, securerodd, simon135, slywaters, sorrynotsorry, tin537, z3s

Awards

89.3504 USDC - $89.35

Labels

bug
G (Gas Optimization)
resolved
reviewed

External Links

Link to GitHub issue

QA2 : Prefer SafeTransfer

l#291,692

...
       } else {
            staker.transfer(payer, position.depositTokenBalance); @audit
        }
...

l#692

...
            if (position.depositTokenBalance > 0) {
                // transfer any unused locked tokens to the payer
                IStakerVault(vault).transfer(payer, position.depositTokenBalance); @audit
                IStakerVault(vault).decreaseActionLockedBalance(
                    payer,
                    position.depositTokenBalance
                );
            }
...

consistently use safeTransfer instead of transfer

Gas :

contracts/actions/topup/TopUpAction.sol

  • l#47,57 - prefer != instead of > for unisgned int (gas1)
  • l#188,456,479,506,891 - prefix ++i should be used and no need to initialise i, best if unchecked() is used (gas2)
  • l#180 - functions with access control like onlyGovernance can be marked payable to save gas (gas3)
  • l#359,676 - can break && in require() into two seperate require which will be more gas efficient (gas4)

contracts/strategies/BkdTriHopCvx.sol

  • l#358,364 - use != instead of > for unsigned int (gas1)

contracts/strategies/BkdEthCvx.sol

  • l#100,106 - use != instead of > for unsigned int (gas1)

contracts/StakerVault.sol

  • l#260, - prefix ++i should be used and no need to initialise i, best if unchecked() is used (gas2)
  • l#324,331,338,339- in func stakeFor token can gas-golfed via mload, caching in memory rather than 3 loads --- Similarly for unstakeFor() (gas5)

contracts/actions/topup/TopUpKeeperHelper.sol

  • l#43,46,72,93 - prefix ++i should be used and no need to initialise i, best if unchecked() is used (gas2)

contracts/strategies/ConvexStrategyBase.sol 276

  • l#274 - can break && in require() into three seperate require which will be more gas efficient (gas4)
  • l#313 - prefix ++i should be used and no need to initialise i, best if unchecked() is used (gas2)

contracts/vault/Vault.sol

  • l#164,232,698 - use != instead of > for unsigned int (gas1)

contracts/pool/LiquidityPool.sol

  • l#401,471,473 - use != instead of > for unsigned int (gas1)
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter