Platform: Code4rena
Start Date: 16/12/2022
Pot Size: $60,500 USDC
Total HM: 12
Participants: 58
Period: 5 days
Judge: Trust
Total Solo HM: 4
Id: 196
League: ETH
Rank: 41/58
Findings: 1
Award: $43.54
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: yixxas
Also found by: 0x52, 0xAgro, 0xSmartContract, 0xhacksmithh, Aymen0909, Bnke0x0, Bobface, Breeje, Diana, Franfran, HE1M, HollaDieWaldfee, IllIllI, Jeiwan, RaymondFam, Rolezn, SaharDevep, Secureverse, SmartSek, ak1, bin2chen, brgltd, chrisdior4, gz627, imare, ladboy233, lukris02, oyc_109, rvierdiiev, shark, tnevler, unforgiven, wait
43.5439 USDC - $43.54
| Issue | Instances | |
|---|---|---|
| [NC-01] | Long Lines (> 120 Characters) | 7 |
| [NC-02] | Spelling Mistakes | 3 |
| [NC-03] | Trailing . In NatSpec Voids General Style | 2 |
| [NC-04] | Power of Ten Literal > 10e3 Not In Scientific Notation | 1 |
| [NC-05] | Order of Functions Not Compliant With Solidity Docs | 1 |
Lines with greater length than 120 characters are used. The Solidity Style Guide suggests that all lines should be 120 characters or less in width.
/src/PaprController.sol Links: 77, 122.
77: UniswapOracleFundingRateController(underlying, new PaprToken(name, symbol), indexMarkRatioMax, indexMarkRatioMin) 122: underwritePriceForCollateral(collateralAddr, ReservoirOracleUnderwriter.PriceKind.LOWER, oracleInfo);
/src/interfaces/IPaprController.sol Links: 66, 164, 251, 257, 260.
66: /// @dev vaults are uniquely identified by the address of the vault owner and the address of the collateral token used in the vault 164: /// @notice removes debt from a vault and burns it by buying it on Uniswap in exchange for the controller's underlying token 251: /// @notice amount the price of an auction decreases by per auctionDecayPeriod, expressed as a decimal scaled by 1e18 257: /// @notice the multiplier for the starting price of an auction, applied to the current price of the collateral in papr tokens 260: /// @notice fee paid by the vault owner when their vault is liquidated if there was excess debt credited to their vault, in bips
There are a few spelling mistakes throughout the codebase. Consider fixing all spelling mistakes.
The word successful is misspelled as succesful.
/src/PaprController.sol Links: 158.
158: /// @return selector indicating succesful receiving of the NFT
The word definition is misspelled as defintion.
/src/NFTEDA/NFTEDA.sol Links: 46.
158: /// @param auction The defintion of the auction
The word Identical is misspelled as Identitical.
/src/NFTEDA/interfaces/INFTEDA.sol Links: 58.
58: /// @dev Derived from the auction. Identitical auctions cannot exist simultaneously
. In NatSpec Voids General StyleThere are times where NatSpec comments end with a . in the codebase; however, most do not. Consider removing any . that swims away from the general style.
/src/NFTEDA/NFTEDA.sol Links: 44.
44: /// @dev does no validation the auction, aside that it does not exist.
/src/interfaces/IFundingRateController.sol Links; 28, 29.
28: /// value, then funding rates are 0 and newTarget() will equal target(). 29: /// @return target The value of one whole unit of papr in underlying units.
10e3 Not In Scientific NotationPower of ten literals > 10e3 are easier to read when expressed in scientific notation. Consider expressing large powers of ten in scientific notation (Ex. 10e5).
/src/PaprController.sol Links: 92.
92: address _pool = UniswapHelpers.deployAndInitPool(address(underlying), address(papr), 10000, initSqrtRatio);
The Solidity Style Guide suggests the following function ordering: constructor, receive function (if exists), fallback function (if exists), external, public, internal, private.
The following contracts are not compliant (examples are only to prove the functions are out of order NOT a full description):
UniswapOracleFundingRateController.sol: external functions are positioned after public functions.
#0 - c4-judge
2022-12-25T13:26:23Z
trust1995 marked the issue as grade-b