Basin - 2997ms's results

A composable EVM-native decentralized exchange protocol.

General Information

Platform: Code4rena

Start Date: 03/07/2023

Pot Size: $40,000 USDC

Total HM: 14

Participants: 74

Period: 7 days

Judge: alcueca

Total Solo HM: 9

Id: 259

League: ETH

Basin

Findings Distribution

Researcher Performance

Rank: 39/74

Findings: 1

Award: $17.52

QA:

grade-a

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Basin

Findings Information

🌟 Selected for report: 0xprinc

Also found by: 0x11singh99, 0xAnah, 0xWaitress, 0xkazim, 2997ms, 33audits, 404Notfound, 8olidity, CRIMSON-RAT-REACH, CyberPunks, DanielWang888, Deekshith99, Eeyore, Eurovickk, Inspecktor, JGcarv, John, Jorgect, Kaysoft, LosPollosHermanos, MohammedRizwan, Qeew, QiuhaoLi, Rolezn, TheSavageTeddy, Topmark, Trust, Udsen, a3yip6, alexzoid, bigtone, codegpt, erebus, fatherOfBlocks, ginlee, glcanvas, hunter_w3b, josephdara, kaveyjoe, kutugu, mahdirostami, max10afternoon, oakcobalt, peanuts, pfapostol, ptsanev, qpzm, radev_sw, ravikiranweb3, sces60107, seth_lawson, te_aut, twcctop, zhaojie, ziyou-

Awards

17.5208 USDC - $17.52

Labels

bug

grade-a

low quality report

QA (Quality Assurance)

Q-31

External Links

Link to GitHub issue

[Low-issue-1] Right now the time complexity of detecting duplicate tokens is O(n^2). You can use a map to detect the duplicate tokens. Then the time complexity here will be O(nlogn)

https://github.com/code-423n4/2023-07-basin/blob/e1b03e74a87954892ff8c32dfd647972ec6e6a8f/src/Well.sol#L36

[Low-issue-2] if iToken === jToken，it would revert but actually we should delete `else` in this line to return correct values.

https://github.com/code-423n4/2023-07-basin/blob/e1b03e74a87954892ff8c32dfd647972ec6e6a8f/src/Well.sol#L742

[Low-issue-3]First check the size of `tokenAmountsIn` equals to `tokens()`; Otherwise, they may refer to the different items.

https://github.com/code-423n4/2023-07-basin/blob/e1b03e74a87954892ff8c32dfd647972ec6e6a8f/src/Well.sol#L424

[Non-critical-1] `_getJ, _getIJfunction` name are confusing. We can rename as `_getIndexJ, getIndexIJ`

https://github.com/code-423n4/2023-07-basin/blob/e1b03e74a87954892ff8c32dfd647972ec6e6a8f/src/Well.sol#L759

#0 - c4-pre-sort
2023-07-11T16:25:15Z

141345 marked the issue as low quality report

#1 - c4-pre-sort
2023-07-12T08:58:21Z

141345 marked the issue as high quality report

#2 - c4-pre-sort
2023-07-14T05:49:31Z

141345 marked the issue as low quality report

#3 - c4-judge
2023-08-04T21:27:15Z

alcueca marked the issue as grade-a

Basin - 2997ms's results

A composable EVM-native decentralized exchange protocol.

General Information

Findings Distribution

Researcher Performance

External Links

[Q-31] QA Report - $17.52

Findings Information

Awards

Labels

External Links

[Low-issue-1] Right now the time complexity of detecting duplicate tokens is O(n^2). You can use a map to detect the duplicate tokens. Then the time complexity here will be O(nlogn)

[Low-issue-2] if iToken === jToken，it would revert but actually we should delete else in this line to return correct values.

[Low-issue-3]First check the size of tokenAmountsIn equals to tokens(); Otherwise, they may refer to the different items.

[Non-critical-1] _getJ, _getIJfunction name are confusing. We can rename as _getIndexJ, getIndexIJ

#0 - c4-pre-sort2023-07-11T16:25:15Z

#1 - c4-pre-sort2023-07-12T08:58:21Z

#2 - c4-pre-sort2023-07-14T05:49:31Z

#3 - c4-judge2023-08-04T21:27:15Z

[Low-issue-2] if iToken === jToken，it would revert but actually we should delete `else` in this line to return correct values.

[Low-issue-3]First check the size of `tokenAmountsIn` equals to `tokens()`; Otherwise, they may refer to the different items.

[Non-critical-1] `_getJ, _getIJfunction` name are confusing. We can rename as `_getIndexJ, getIndexIJ`

#0 - c4-pre-sort
2023-07-11T16:25:15Z

#1 - c4-pre-sort
2023-07-12T08:58:21Z

#2 - c4-pre-sort
2023-07-14T05:49:31Z

#3 - c4-judge
2023-08-04T21:27:15Z