Platform: Code4rena
Start Date: 12/08/2022
Pot Size: $35,000 USDC
Total HM: 10
Participants: 126
Period: 3 days
Judge: Justin Goro
Total Solo HM: 3
Id: 154
League: ETH
Rank: 88/126
Findings: 2
Award: $44.84
š Selected for report: 0
š Solo Findings: 0
š Selected for report: oyc_109
Also found by: 0x1f8b, 0x52, 0xDjango, 0xLovesleep, 0xNazgul, 0xNineDec, 0xbepresent, 0xmatt, 0xsolstars, Aymen0909, Bahurum, Bnke0x0, CertoraInc, Chom, CodingNameKiki, DecorativePineapple, Deivitto, Dravee, ElKu, Funen, GalloDaSballo, IllIllI, JC, JohnSmith, Junnon, KIntern_NA, Lambda, LeoS, MiloTruck, Noah3o6, PaludoX0, RedOneN, Respx, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, Ruhum, Sm4rty, TomJ, Vexjon, Waze, Yiko, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, auditor0517, bin2chen, bobirichman, brgltd, bulej93, byndooa, c3phas, cRat1st0s, cryptphi, csanuragjain, d3e4, defsec, delfin454000, djxploit, durianSausage, ellahi, erictee, exd0tpy, fatherOfBlocks, gogo, jonatascm, ladboy233, medikko, mics, natzuu, neumo, p_crypt0, paribus, pfapostol, rbserver, reassor, ret2basic, robee, rokinot, rvierdiiev, sach1r0, saneryee, seyni, sikorico, simon135, sseefried, wagmi, wastewa
29.8918 USDC - $29.89
The blocklist contract address is not initialized in the VotingEscrow.sol constructor.
The modifier checkBlocklist uses the blocklist contract address therefore the functions that use this modifier could lead to unexpected behaivors.
Recommendation
Initialize the blocklist contract address in the constructor so the creator/owner do not forget to setting up.
The owner calls transferOwnership in order to tranfers the ownership to the new address directly. There is a risk that the ownership is transferred to an invalid address, thus causing the contract to be without owner.
https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L141
Recommendation
Consider a two step process where the owner nominates an account and the nominated account need to call an acceptOwnership() function for the transfer of owner to fully succeed. This ensures the nominated EOA account is a valid and active account.
š Selected for report: IllIllI
Also found by: 0x040, 0x1f8b, 0xDjango, 0xHarry, 0xLovesleep, 0xNazgul, 0xNineDec, 0xSmartContract, 0xackermann, 0xbepresent, 2997ms, Amithuddar, Aymen0909, Bnke0x0, CRYP70, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, Fitraldys, Funen, GalloDaSballo, JC, JohnSmith, Junnon, LeoS, Metatron, MiloTruck, Noah3o6, NoamYakov, PaludoX0, RedOneN, Respx, ReyAdmirado, Rohan16, Rolezn, Ruhum, Sm4rty, SooYa, SpaceCake, TomJ, Tomio, Waze, Yiko, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, bobirichman, brgltd, bulej93, c3phas, cRat1st0s, carlitox477, chrisdior4, csanuragjain, d3e4, defsec, delfin454000, djxploit, durianSausage, ellahi, erictee, fatherOfBlocks, gerdusx, gogo, ignacio, jag, ladboy233, m_Rassska, medikko, mics, natzuu, newfork01, oyc_109, paribus, pfapostol, rbserver, reassor, ret2basic, robee, rokinot, rvierdiiev, sach1r0, saian, sashik_eth, sikorico, simon135
14.946 USDC - $14.95
Not inlining costs more gas because of extra JUMP instructions and additional stack operations needed for function calls.
There are 2 instances of this issue:
./VotingEscrow.sol:662: function _calculatePenaltyRate(uint256 end) ./VotingEscrow.sol:732: function _findUserBlockEpoch(address _addr, uint256 _block)
https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L662
https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L732
There is a value assigment to a delegated property https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L537 but in the line https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L540 the property is assigned to zero. The line VotingEscrow.sol#L537 could be omitted to save gas
There are 2 instances of this issue
https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L537 https://github.com/code-423n4/2022-08-fiatdao/blob/main/contracts/VotingEscrow.sol#L642
x =+ y costs more gas than x = x + y for state variablesThere is 1 instance of this issue:
VotingEscrow.sol L654: penaltyAccumulated += penaltyAmount;
There is no risk that the loop counter can overflow, using solidity's unchecked block saves gas.
There are 4 instances of this issue:
./VotingEscrow.sol:309: for (uint256 i = 0; i < 255; i++) { ./VotingEscrow.sol:717: for (uint256 i = 0; i < 128; i++) { ./VotingEscrow.sol:739: for (uint256 i = 0; i < 128; i++) { ./VotingEscrow.sol:834: for (uint256 i = 0; i < 255; i++) {
Unchecked implementation example:
for (uint256 i; i < 10;) { j++; unchecked { ++i; } }
Gas Report example using this gist:
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¬āāāāāāāāāāāāāāāāāā¬āāāāāāā¬āāāāāāāāā¬āāāāāāā¬āāāāāāāāāā® ā src/test/Unchecked.t.sol:Contract0 contract ā ā ā ā ā ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāŖāāāāāāāāāāāāāāāāāāŖāāāāāāāŖāāāāāāāāāŖāāāāāāāŖāāāāāāāāāā” ā Deployment Cost ā Deployment Size ā ā ā ā ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāāāāā¼āāāāāāā¼āāāāāāāāā¼āāāāāāā¼āāāāāāāāāā¤ ā 55105 ā 307 ā ā ā ā ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāāāāā¼āāāāāāā¼āāāāāāāāā¼āāāāāāā¼āāāāāāāāāā¤ ā Function Name ā min ā avg ā median ā max ā # calls ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāāāāā¼āāāāāāā¼āāāāāāāāā¼āāāāāāā¼āāāāāāāāāā¤ ā withOutUnChecked ā 2068 ā 2068 ā 2068 ā 2068 ā 1 ā ā°āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā“āāāāāāāāāāāāāāāāāā“āāāāāāā“āāāāāāāāā“āāāāāāā“āāāāāāāāāāÆ āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¬āāāāāāāāāāāāāāāāāā¬āāāāāāā¬āāāāāāāāā¬āāāāāāā¬āāāāāāāāāā® ā src/test/Unchecked.t.sol:Contract1 contract ā ā ā ā ā ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāŖāāāāāāāāāāāāāāāāāāŖāāāāāāāŖāāāāāāāāāŖāāāāāāāŖāāāāāāāāāā” ā Deployment Cost ā Deployment Size ā ā ā ā ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāāāāā¼āāāāāāā¼āāāāāāāāā¼āāāāāāā¼āāāāāāāāāā¤ ā 53705 ā 300 ā ā ā ā ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāāāāā¼āāāāāāā¼āāāāāāāāā¼āāāāāāā¼āāāāāāāāāā¤ ā Function Name ā min ā avg ā median ā max ā # calls ā āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¼āāāāāāāāāāāāāāāāāā¼āāāāāāā¼āāāāāāāāā¼āāāāāāā¼āāāāāāāāāā¤ ā withUnchecked ā 1408 ā 1408 ā 1408 ā 1408 ā 1 ā ā°āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā“āāāāāāāāāāāāāāāāāā“āāāāāāā“āāāāāāāāā“āāāāāāā“āāāāāāāāāāÆ