Platform: Code4rena
Start Date: 21/04/2022
Pot Size: $75,000 USDC
Total HM: 7
Participants: 45
Period: 7 days
Judge: 0xean
Total Solo HM: 5
Id: 111
League: ETH
Rank: 23/45
Findings: 2
Award: $223.44
๐ Selected for report: 0
๐ Solo Findings: 0
๐ Selected for report: IllIllI
Also found by: 0v3rf10w, 0xDjango, 0xmint, CertoraInc, Dravee, MaratCerby, Ruhum, VAD37, catchup, csanuragjain, defsec, delfin454000, dipp, fatima_naz, gzeon, hake, hyh, joestakey, kebabsec, oyc_109, rayn, robee, samruna, simon135, sorrynotsorry, teryanarmen
157.6233 USDC - $157.62
1.Variables don't need to be assigned their default values :
#0 - thomas-waite
2022-07-14T16:04:37Z
Much prefer explicitly defining new vars
๐ Selected for report: 0xkatana
Also found by: 0v3rf10w, 0x1f8b, 0xNazgul, 0xmint, CertoraInc, Dravee, Fitraldys, Funen, IllIllI, NoamYakov, Scocco, Tomio, catchup, csanuragjain, defsec, delfin454000, djxploit, fatima_naz, gzeon, joestakey, joshie, kebabsec, nahnah, oyc_109, rayn, robee, rotcivegaf, saian, samruna, sorrynotsorry, teryanarmen, z3s
65.8244 USDC - $65.82
Check whether there's any rewards before storing these state variables : storedAsset and lastReward
I mentioned to the dev(Joey|Tribe) that newReward will be zero since whatever asset is deposited in the contract would equal to the storedAsset - lastReward(zero if newReward is zero) .He responded that the donations would come directly from the protocol. But since the frequency of such deposits can't be ascertained, it's counterproductive to be saving a zero value to storage (in the event that there are no rewards for users).
Update the state variable as such :
if(newRewardโ 0){
storedTotalAssets=storedTotalAssets_+lastRewardAmount_; lastReward=newReward; }