Platform: Code4rena
Start Date: 30/05/2023
Pot Size: $300,500 USDC
Total HM: 79
Participants: 101
Period: about 1 month
Judge: Trust
Total Solo HM: 36
Id: 242
League: ETH
Rank: 76/101
Findings: 1
Award: $74.27
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xSmartContract
Also found by: 3kus-iosiro, Audit_Avengers, ByteBandits, IllIllI, Kamil-Chmielewski, Madalad, RED-LOTUS-REACH, Rolezn, Sathish9098, Stormreckson, Udsen, bin2chen, brgltd, ihtishamsudo, kaveyjoe, kodyvim, lukejohn, matrix_0wl, mgf15, nadin
74.2737 USDC - $74.27
isSupportedDays never usedThe comment explicitly states to use isSupportedDays to validate the input, but this is not done.
Include additional validation on the input parameter, as the comment suggests.
_periodThe variable _period is defined and explicitly returned at the end of the function. You can remove the final return statement by defining _period in the function definition.
Define the return variable _period as part of the function definition.
The return variable performData value is an empty string in this function. The function can be refactored for simplicity and readability.
Move the assigning of performData = ""; to the top of the function. In the return statement, in the catch, TalosManager.sol#L98, change the value from an empty string to performData. This change ensures consistency in what is returned and improves readability.
The functions checkUpkeep() and performUpkeep() are never tested.
Include additional unit tests to verify the intended functionality of these functions.
TalosBaseStrategy.sol#L166-L174, TalosBaseStrategy.sol#L226-L234
There is an exact duplication of the logic between TalosBaseStrategy.sol#L166-L174 and TalosBaseStrategy.sol#L226-L234. The two if statements in the duplicated logic share similarities that warrant a refactor into a distinct helper function.
Create a new internal called validateAndTransfer() that takes three parameters:
uint256 amountuint256 amountDesiredERC20 _tokenThis helper function can implement the logic of a single if statement: TalosBaseStrategy.sol#L166-L169 and can replace the duplicated code.
The error message in the require check of _addStrategyForRewards says "strategy."
Change the error message to something more descriptive "This strategy has already been added."
The function _earnFees() in TalosStrategyStaked.sol#L140closely resembles the _earnFees() function in TalosStrategyVanilla.sol#L104. However, in TalosStrategyStaked.sol#L140 the function does not emit the CollectFees event.
Add the CollectFees event at the end of the _earnFees() function.
The collectProtocolFees() function emits an event named RewardPaid. This event name must be clarified since the function works with fees, not rewards.
Modify the event name to be more descriptive and align it with the actions performed within the function, for example, ProtocolFeesPaid.
#0 - c4-judge
2023-07-09T12:03:56Z
trust1995 marked the issue as grade-b