VTVL contest - 0xNazgul's results

Lines of code

https://github.com/code-423n4/2022-09-vtvl/blob/main/contracts/token/VariableSupplyERC20Token.sol#L40

Vulnerability details

Impact

The mintableSupply can be set during deployment to any number or 0. If set to 0 it is meant to be minted at will. If set to anything > 0, it is meant to only mint that supply. However, if mintableSupply is > 0 and it gets fully minted, mintableSupply is now = 0 making it possible to mint at will. This goes against the design logic.

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.

Tools Used

Manual Review

Recommended Mitigation Steps

Consider adding a bool flag to be set on deployment so that if the deployer can choose either a mint at will token or a token with a mintableSupply.

[NAZ-L1] Be Aware of The Use of Elastic Supply Tokens & Other Weird ERC20s

Severity: Informational Context: VTVLVesting.sol

Description: Elastic supply tokens could dynamically adjust their price, supply, user's balance, etc. Such a mechanism makes a DeFi system complex, while many security accidents are caused by the elastic tokens. For example, a DEX using deflationary token must double check the token transfer amount when taking swap action because of the difference of actual transfer amount and parameter.

Recommendation: In terms of confidentiality, integrity and availability, it is highly recommend that one should not use elastic supply tokens & weird-ERC20 tokens.

[NAZ-L2] Unsafe Type Casting

Severity Low Context: VTVLVesting.sol#L217, VTVLVesting.sol#L371, VTVLVesting.sol#L436

Description: Downcasting from uint256/int256 in Solidity does not revert on overflow. This can easily result in undesired exploitation or bugs.

Recommendation: Consider using SafeCast library from OpenZeppelin.

[NAZ-L3] Missing Equivalence Checks in Setters

Severity: Low Context: AccessProtected.sol#L39

Description: Setter functions are missing checks to validate if the new value being set is the same as the current value already set in the contract. Such checks will showcase mismatches between on-chain and off-chain states.

Recommendation: This may hinder detecting discrepancies between on-chain and off-chain states leading to flawed assumptions of on-chain state and protocol behavior.

[NAZ-N1] Visibility Should Be Before Modifiers

Severity: Informational Context: VTVLVesting.sol#L364

Description: Visibility keyword should be before the list of modifiers as per best practice.

Recommendation: Consider moving the visibility keyword before the list of modifiers.

[NAZ-N2] Line Length

Severity: Informational Context: VariableSupplyERC20Token.sol#L19, VariableSupplyERC20Token.sol#L21, VariableSupplyERC20Token.sol#L25, VariableSupplyERC20Token.sol#L49, AccessProtected.sol#L9, VTVLVesting.sol#L34, VTVLVesting.sol#L36, VTVLVesting.sol#L69, VTVLVesting.sol#L88, VTVLVesting.sol#L165, VTVLVesting.sol#L169, VTVLVesting.sol#L173-L174, VTVLVesting.sol#L176, VTVLVesting.sol#L184-L185, VTVLVesting.sol#L202, VTVLVesting.sol#L212, VTVLVesting.sol#L235, VTVLVesting.sol#L240-L241, VTVLVesting.sol#L256, VTVLVesting.sol#L260-L262, VTVLVesting.sol#L266, VTVLVesting.sol#L269, VTVLVesting.sol#L294-L295, VTVLVesting.sol#L312-L313, VTVLVesting.sol#L326, VTVLVesting.sol#L330, VTVLVesting.sol#L354, VTVLVesting.sol#L357, VTVLVesting.sol#L369, VTVLVesting.sol#L432, VTVLVesting.sol#L447

Description: Max line length must be no more than 120 but many lines are extended past this length.

Recommendation: Consider cutting down the line length below 120.

[NAZ-N3] Function && Variable Naming Convention

Severity Informational Context: VTVLVesting.sol#L50, VTVLVesting.sol#L53

Description: The linked variables do not conform to the standard naming convention of Solidity whereby functions and variable names(local and state) utilize the mixedCase format unless variables are declared as constant in which case they utilize the UPPER_CASE_WITH_UNDERSCORES format. Private variables and functions should lead with an _underscore.

Recommendation: Consider naming conventions utilized by the linked statements are adjusted to reflect the correct type of declaration according to the Solidity style guide.

[NAZ-N4] Code Structure Deviates From Best-Practice

Severity: Informational Context: AccessProtected.sol#L24, VTVLVesting.sol#L32

Description: The best-practice layout for a contract should follow the following order: state variables, events, modifiers, constructor and functions. Function ordering helps readers identify which functions they can call and find constructor and fallback functions easier. Functions should be grouped according to their visibility and ordered as: constructor, receive function (if exists), fallback function (if exists), external, public, internal, private. Functions should then further be ordered with view functions coming after the non-view labeled ones.

Recommendation: Consider adopting recommended best-practice for code structure and layout.

[NAZ-N5] Commented Out Code

Severity: Informational Context: FullPremintERC20Token.sol#L9, VTVLVesting.sol#L114-L115, VTVLVesting.sol#L133, VTVLVesting.sol#L136-L138

Description: There is commented code that makes the code messy and unneeded.

Recommendation: Consider removing the commented out code.

[NAZ-N6] TODOs Left In The Code

Severity: Informational Context: VTVLVesting.sol#L266

Description: There should never be any TODOs in the code when deploying.

Recommendation: Consider finishing the TODOs before deploying.

[NAZ-N7] Missing or Incomplete NatSpec

Severity: Informational Context: All Contracts

Description: Some functions are missing @notice/@dev NatSpec comments for the function, @param for all/some of their parameters and @return for return values. Given that NatSpec is an important part of code documentation, this affects code comprehension, auditability and usability.

Recommendation: Consider adding in full NatSpec comments for all functions to have complete code documentation for future use.

[NAZ-N8] Floating Pragma

Severity: Informational Context: VariableSupplyERC20Token.sol

Description: Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.

Recommendation: Consider locking the pragma version.

[NAZ-N9] Older Version Pragma

Severity: Informational Context: All Contracts

Description: Using very old versions of Solidity prevents benefits of bug fixes and newer security checks. Using the latest versions might make contracts susceptible to undiscovered compiler bugs.

Recommendation: Consider using the most recent version.

[NAZ-G1] Pointless Casting That Wastes Gas

Context: VTVLVesting.sol#L436

Description: This imports are unneeded because they are imported from another contract.

Recommendation: Consider removing the the extra imports.

[NAZ-G2] Pointless Casting That Wastes Gas

Context: VTVLVesting.sol#L436

Description: The event ClaimRevoked() takes uint256 revocationTimestamp but when the event is emitted uint40(block.timestamp) is used, which does a pointless casting uint256 -> uint40 -> uint256.

Recommendation: Consider just emitting block.timestamp.

[NAZ-G3] Skip Initialization of Variable

Context: VTVLVesting.sol#L27

Description: It's cheaper to skip initialization of state variables to their default values.

Recommendation: Consider skipping the initialization of these listed variable.

[NAZ-G4] Use ++index instead of index++ to increment a loop counter

Context: VTVLVesting.sol#L353

Description: Due to reduced stack operations, using ++index saves 5 gas per iteration.

Recommendation: Use ++index to increment a loop counter.

[NAZ-G5] The Increment In For Loop Post Condition Can Be Made Unchecked

Context: VTVLVesting.sol#L353

Description: (This is only relevant if you are using the default solidity checked arithmetic). i++ involves checked arithmetic, which is not required. This is because the value of i is always strictly less than length <= 2**256 - 1. Therefore, the theoretical maximum value of i to enter the for-loop body is 2**256 - 2. This means that the i++ in the for loop can never overflow. Regardless, the overflow checks are performed by the compiler.

Unfortunately, the Solidity optimizer is not smart enough to detect this and remove the checks. One can manually do this by:

for (uint i = 0; i < length; ) {
    // do something that doesn't change the value of i
    unchecked {
        ++i;
    }
}

Recommendation: Consider doing the increment in the for loop post condition in an unchecked block.

[NAZ-G6] In require(), Use != 0 Instead of > 0 With Uint Values

Context: FullPremintERC20Token.sol#L11, VariableSupplyERC20Token.sol#L27, VariableSupplyERC20Token.sol#L31, VariableSupplyERC20Token.sol#L40, VTVLVesting.sol#L107, VTVLVesting.sol#L256-L257, VTVLVesting.sol#L263, VTVLVesting.sol#L272-L273, VTVLVesting.sol#L449

Description: In a require, when checking a uint, using != 0 instead of > 0 saves 6 gas. This will jump over or avoid an extra ISZERO opcode.

Recommendation: Use != 0 instead of > 0 with uint values but only in require() statements.

[NAZ-G] Setting The Constructor To Payable

Context: All Contracts

Description: You can cut out 10 opcodes in the creation-time EVM bytecode if you declare a constructor payable. Making the constructor payable eliminates the need for an initial check of msg.value == 0 and saves 21 gas on deployment with no security risks.

Recommendation: Set the constructor to payable.

[NAZ-G7] Use of Custom Errors Instead of String

Context: All Contracts

Description: To save some gas the use of custom errors leads to cheaper deploy time cost and run time cost. The run time cost is only relevant when the revert condition is met.

Recommendation: Use Custom Errors instead of strings.

[NAZ-G8] Function Ordering via Method ID

Context: All Contracts

Description: Contracts most called functions could simply save gas by function ordering via Method ID. Calling a function at runtime will be cheaper if the function is positioned earlier in the order (has a relatively lower Method ID) because 22 gas are added to the cost of a function for every position that came before it. The caller can save on gas if you prioritize most called functions. One could use This tool to help find alternative function names with lower Method IDs while keeping the original name intact.

Recommendation: Find a lower method ID name for the most called functions for example mostCalled() vs. mostCalled_41q() is cheaper by 44 gas.