Back to 0x1f8b's contests

Sublime contest - 0x1f8b's results

Democratizing credit via Web3.

General Information

Platform: Code4rena

Start Date: 29/03/2022

Pot Size: $30,000 USDC

Total HM: 6

Participants: 24

Period: 3 days

Judge: HardlyDifficult

Total Solo HM: 4

Id: 101

League: ETH

Sublime

Findings Distribution

Researcher Performance

Rank: 10/24

Findings: 2

Award: $206.63

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositorySublime

Findings Information

🌟 Selected for report: hickuphh3

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xkatana, BouSalman, Dravee, IllIllI, Meta0xNull, WatchPug, defsec, dirk_y, gzeon, hake, kyliek, rayn, robee, sseefried

Awards

169.1438 USDC - $169.14

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue
  1. There are a lot of methods and constructors without check any kind of input, as following you can see some of them:
  1. It is possible to register an empty _twitterId and it can never be unregistered. _twitterId is not marked so that it is not empty.
  1. create method doesn't check that a record already exists with the same _id
  1. In the following places are made some ERC20 calls without checking the boolean result, ERC20 standard specify that the token can return false if the transfer or approve was not made, so it's mandatory to check the result of transfer methods.

#0 - ritik99

2022-04-12T21:56:30Z

All suggestions are valid

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xNazgul, 0xkatana, Dravee, Funen, Meta0xNull, Tomio, csanuragjain, defsec, gzeon, hake, hickuphh3, kenta, rayn, rfa, robee

Awards

37.4864 USDC - $37.49

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue
  1. Cache for loop condition. It's better to cache the length instead of using .length in for loops conditions.
  1. Use inline methods. The following methods are internal an called only once.

#0 - ritik99

2022-04-12T18:59:33Z

Both suggestions are valid, although the second suggestion reduces readability, hence we might continue with the current structure

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter