Platform: Code4rena
Start Date: 29/06/2022
Pot Size: $50,000 USDC
Total HM: 20
Participants: 133
Period: 5 days
Judge: hickuphh3
Total Solo HM: 1
Id: 142
League: ETH
Rank: 53/133
Findings: 2
Award: $81.57
π Selected for report: 0
π Solo Findings: 0
π Selected for report: xiaoming90
Also found by: 0x1f8b, 0x29A, 0x52, 0xDjango, 0xNazgul, 0xNineDec, 0xSolus, 0xf15ers, 0xsanson, AmitN, Bnke0x0, BowTiedWardens, Chom, David_, ElKu, Funen, GalloDaSballo, GimelSec, Hawkeye, IllIllI, JC, JohnSmith, Kaiziron, Kenshin, Lambda, Limbooo, MadWookie, Metatron, MiloTruck, Nethermind, Picodes, ReyAdmirado, Sneakyninja0129, StErMi, TomJ, Treasure-Seeker, TrungOre, Waze, Yiko, _Adam, __141345__, antonttc, async, aysha, catchup, cccz, cryptphi, csanuragjain, danb, datapunk, defsec, delfin454000, dirk_y, doddle0x, durianSausage, exd0tpy, fatherOfBlocks, gogo, hake, hansfriese, horsefacts, hubble, itsmeSTYJ, joestakey, oyc_109, pedroais, peritoflores, rajatbeladiya, reassor, robee, rokinot, samruna, saneryee, sashik_eth, shenwilly, shung, simon135, sseefried, unforgiven, zer0dot, zzzitron
47.1336 USDC - $47.13
eceive() function will lock Ether in contract (If the intention is for the Ether to be used, the function should call another function, otherwise it should revert):-1. File: 2022-06-putty/contracts/lib/solmate/src/test/WETH.t.sol (line 107): `receive() external payable {}` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/WETH.t.sol (line 145): `receive() external payable {}` 3. File: 2022-06-putty/contracts/lib/solmate/src/tokens/WETH.sol (line 32): `receive() external payable virtual {`
address(0x0) when assigning values to address state variables:-1. File: 2022-06-putty/contracts/lib/solmate/src/auth/Auth.sol (line 49): `owner = newOwner;` 2. File: 2022-06-putty/contracts/lib/solmate/src/auth/Owned.sol (line 40): `owner = newOwner;`
block.chainid is not safe.):-1. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 168-174): ` keccak256( abi.encode( keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"), keccak256(bytes(name)), keccak256("1"), block.chainid, address(this)` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/WETH.t.sol (line 145): `receive() external payable {}` 3. File: 2022-06-putty/contracts/lib/solmate/src/tokens/WETH.sol (line 32): `receive() external payable virtual {`
0.8.12 to get string.concat() to be used instead of abi.encodePacked(<str>,<str>)) :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/CREATE3.t.sol (line 2): `pragma solidity 0.8.10;` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 2): `pragma solidity 0.8.10;` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC20.t.sol (line 2): `pragma solidity 0.8.10;` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC721.t.sol (line 2): `pragma solidity 0.8.10;` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 2): `pragma solidity 0.8.0;` 6. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 2): `pragma solidity 0.8.0;` 7. File: 2022-06-putty/contracts/lib/solmate/src/utils/CREATE3.sol (line 2): `pragma solidity 0.8.0;` 8. File: 2022-06-putty/contracts/lib/solmate/src/utils/SSTORE2.sol (line 2): `pragma solidity 0.8.0;`
indexed fields (Each event should use three indexed fields if there are three or more fields) :-1. File: 2022-06-putty/contracts/lib/solmate/src/mixins/ERC4626.sol (line 18-26): `event Deposit(address indexed caller, address indexed owner, uint256 assets, uint256 shares); event Withdraw( address indexed caller, address indexed receiver, address indexed owner, uint256 assets, uint256 shares );` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 9-11): ` event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsFalseToken.sol (line 9-11): ` event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 9-11): ` event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooLittleToken.sol (line 9-11): ` event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 9-11): `event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTwoToken.sol (line 9-11): `event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/RevertingToken.sol (line 9-11): `event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 9. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 11-29): ` event TransferSingle( address indexed operator, address indexed from, address indexed to, uint256 id, uint256 amount ); event TransferBatch( address indexed operator, address indexed from, address indexed to, uint256[] ids, uint256[] amounts ); event ApprovalForAll(address indexed owner, address indexed operator, bool approved); event URI(string value, uint256 indexed id);` 10. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 13-15): `event Transfer(address indexed from, address indexed to, uint256 amount); event Approval(address indexed owner, address indexed spender, uint256 amount);` 11. File: 2022-06-putty/contracts/lib/solmate/src/tokens/WETH.sol (line 14-16): `event Deposit(address indexed from, uint256 amount); event Withdrawal(address indexed to, uint256 amount);`
1. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 31-41): `mapping(address => Authority) public getTargetCustomAuthority; /*////////////////////////////////////////////////////////////// ROLE/USER STORAGE //////////////////////////////////////////////////////////////*/ mapping(address => bytes32) public getUserRoles; mapping(bytes4 => bool) public isCapabilityPublic; mapping(bytes4 => bytes32) public getRolesWithCapability;` 2. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 30-34): ` mapping(address => bytes32) public getUserRoles; mapping(address => mapping(bytes4 => bool)) public isCapabilityPublic; mapping(address => mapping(bytes4 => bytes32)) public getRolesWithCapability;` 3. File: 22022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 114-115): `mapping(address => mapping(uint256 => uint256)) public userMintAmounts; mapping(address => mapping(uint256 => uint256)) public userTransferOrBurnAmounts;`
π Selected for report: GalloDaSballo
Also found by: 0v3rf10w, 0x1f8b, 0xA5DF, 0xDjango, 0xHarry, 0xKitsune, 0xNazgul, 0xNineDec, 0xc0ffEE, 0xf15ers, 0xkatana, 0xsanson, ACai, Aymen0909, Bnke0x0, BowTiedWardens, Chom, ElKu, Fitraldys, Funen, Haruxe, Hawkeye, IllIllI, JC, JohnSmith, Kaiziron, Kenshin, Lambda, Limbooo, MadWookie, Metatron, MiloTruck, Picodes, PwnedNoMore, Randyyy, RedOneN, ReyAdmirado, Ruhum, Sm4rty, StErMi, StyxRave, TerrierLover, TomJ, Tomio, UnusualTurtle, Waze, Yiko, _Adam, __141345__, ajtra, ak1, apostle0x01, asutorufos, c3phas, cRat1st0s, catchup, codetilda, cryptphi, datapunk, defsec, delfin454000, durianSausage, exd0tpy, fatherOfBlocks, gogo, grrwahrr, hake, hansfriese, horsefacts, ignacio, jayfromthe13th, joestakey, ladboy233, m_Rassska, mektigboy, minhquanym, mrpathfindr, natzuu, oyc_109, rajatbeladiya, reassor, rfa, robee, rokinot, sach1r0, saian, sashik_eth, simon135, slywaters, swit, z3s, zeesaw, zer0dot
34.4378 USDC - $34.44
1. File: 2022-06-putty/contracts/lib/solmate/src/auth/Auth.sol (line 12): `address public owner;` 2. File: 2022-06-putty/contracts/lib/solmate/src/auth/Owned.sol (line 17): `address public owner;`
x = x + y is cheaper than x += y :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC20.t.sol (line 511): `sum -= amount;` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 53): `balanceOf[msg.sender] -= amount;` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 73): `balanceOf[from] -= amount;` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 65): `balanceOf[msg.sender] -= amount;` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 91): `balanceOf[from] -= amount;` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 58): `balanceOf[msg.sender] -= amount;` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 83): `balanceOf[from] -= amount;` 8. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 64): `balanceOf[from][id] -= amount;` 9. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 97): `balanceOf[from][id] -= amount;` 10. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 212): `balanceOf[from][ids[i]] -= amounts[i];` 11. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 229): `balanceOf[from][id] -= amount;` 12. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 77): `balanceOf[msg.sender] -= amount;` 13. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 99): `balanceOf[from] -= amount;` 14. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 196): `balanceOf[from] -= amount;` 15. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 201): `totalSupply -= amount;` 16. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC20.t.sol (line 506): `sum += amount;` 17. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 58): `balanceOf[to] += amount;` 18. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 78): `balanceOf[to] += amount;` 19. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 96): `balanceOf[to] += amount;` 20. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 70): `balanceOf[to] += amount;` 21. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 63): `balanceOf[to] += amount;` 22. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 88): `balanceOf[to] += amount;` 23. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 65): `balanceOf[to][id] += amount;` 24. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 98): `balanceOf[to][id] += amount;` 25. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 158): `balanceOf[to][id] += amount;` 26. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 182): `balanceOf[to][ids[i]] += amounts[i];` 27. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 82): `balanceOf[to] += amount;` 28. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 104): `balanceOf[to] += amount;` 29. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 184): `totalSupply += amount;` 30. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 189): `balanceOf[to] += amount;`
<array>.length should not be looked up in every loop of a for-loop (Even memory arrays incur the overhead of bit tests and bit shifts to calculate the array length. Storage array length checks incur an extra Gwarmaccess (100 gas) PER-LOOP.) :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 143): `for (uint256 i = 0; i < a.length; i++) {` 2. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 93): `for (uint256 i = 0; i < ids.length; ) {` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 131): `for (uint256 i = 0; i < owners.length; ++i) {` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 895): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 935): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 996): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1130): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1184): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1222): `for (uint256 i = 0; i < normalizedTos.length; i++) {`
++i costs less gas than i++, especially when itβs used in for-loops (--i/i-- too) :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 143): `for (uint256 i = 0; i < a.length; i++) {` 2. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 93): `for (uint256 i = 0; i < ids.length; ) {` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 131): `for (uint256 i = 0; i < owners.length; ++i) {` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 895): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 935): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 996): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1130): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1184): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1222): `for (uint256 i = 0; i < normalizedIds.length; i++) {`
require()/revert() strings longer than 32 bytes cost extra gas :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSInvariantTest.sol (line 8): `require(targets.length > 0, "NO_TARGET_CONTRACTS");` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 141): `require(a.length == b.length, "LENGTH_MISMATCH");` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 153): `require(max >= min, "MAX_LESS_THAN_MIN");`
> 0 costs more gas than != 0 when used on a uint in a require() statement :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSInvariantTest.sol (line 8): `require(targets.length > 0, "NO_TARGET_CONTRACTS");`
1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 143): `for (uint256 i = 0; i < a.length; i++) {` 2. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC1155.sol (line 93): `for (uint256 i = 0; i < ids.length; ) {` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 131): `for (uint256 i = 0; i < owners.length; ++i) {` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 895): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 935): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 996): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1130): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1184): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1222): `for (uint256 i = 0; i < normalizedIds.length; i++) {`
require() statements that use && use more gas :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeTransferLib.t.sol (line 436): `require(garbage.length != 0 && (garbage.length < 32 || garbage[31] != bytes1(0x01)));` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeTransferLib.t.sol (line 486): `require(garbage.length != 0 && (garbage.length < 32 || garbage[31] != bytes1(0x01)));` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeTransferLib.t.sol (line 531): `require(garbage.length != 0 && (garbage.length < 32 || garbage[31] != bytes1(0x01)));` 4. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 154): require(recoveredAddress != address(0) && recoveredAddress == owner, "INVALID_SIGNER");` 5. File: 2022-06-putty/contracts/lib/solmate/src/utils/CREATE3.sol (line 54): require(success && deployed.code.length != 0, "INITIALIZATION_FAILED");` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 996): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1130): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1184): `for (uint256 i = 0; i < normalizedIds.length; i++) {` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC1155.t.sol (line 1222): `for (uint256 i = 0; i < normalizedIds.length; i++) {`
uints/ints smaller than 32 bytes (256 bits) incurs overhead :-1. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeCastLib.t.sol (line 83): `SafeCastLib.safeCastTo32(type(uint32).max + 1);` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeCastLib.t.sol (line 87): `SafeCastLib.safeCastTo8(type(uint8).max + 1);` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeCastLib.t.sol (line 139): `x = bound(x, 0, type(uint8).max);` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC20.sol (line 10): `uint8 _decimals` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 21): `uint8 public constant decimals = 18;` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsFalseToken.sol (line 21): `uint8 public constant decimals = 18;` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 21): `uint8 public constant decimals = 18;` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooLittleToken.sol (line 21): `uint8 public constant decimals = 18;` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 21): `uint8 public constant decimals = 18;` 10. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTwoToken.sol (line 21): `uint8 public constant decimals = 18;` 11. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/RevertingToken.sol (line 21): `uint8 public constant decimals = 18;` 12. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 13): `event UserRoleUpdated(address indexed user, uint8 indexed role, bool enabled);` 13. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 17): `event RoleCapabilityUpdated(uint8 indexed role, bytes4 indexed functionSig, bool enabled);` 14. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 43): `function doesUserHaveRole(address user, uint8 role) public view virtual returns (bool) {` 15. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 47): `function doesRoleHaveCapability(uint8 role, bytes4 functionSig) public view virtual returns (bool) {` 16. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 94): `uint8 role,` 17. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol (line 111): `uint8 role,` 18. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 14): `event UserRoleUpdated(address indexed user, uint8 indexed role, bool enabled);` 19. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 18): `event RoleCapabilityUpdated(uint8 indexed role, address indexed target, bytes4 indexed functionSig, bool enabled);` 20. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 36): `function doesUserHaveRole(address user, uint8 role) public view virtual returns (bool) {` 21. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 41): `uint8 role,` 22. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 77): `uint8 role,` 23. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 97): `uint8 role,` 24. File: 2022-06-putty/contracts/lib/solmate/src/test/CREATE3.t.sol (line 48): `uint8 decimals` 25. File: 2022-06-putty/contracts/lib/solmate/src/test/MultiRolesAuthority.t.sol (line 159): `function testSetRoles(address user, uint8 role) public {` 26. File: 2022-06-putty/contracts/lib/solmate/src/test/MultiRolesAuthority.t.sol (line 169): `function testSetRoleCapabilities(uint8 role, bytes4 functionSig) public {` 27. File: 2022-06-putty/contracts/lib/solmate/src/test/MultiRolesAuthority.t.sol (line 201): `uint8 role,` 28. File: 2022-06-putty/contracts/lib/solmate/src/test/MultiRolesAuthority.t.sol (line 288): `uint8 role,` 29. File: 2022-06-putty/contracts/lib/solmate/src/test/RolesAuthority.t.sol (line 77): `function testSetRoles(address user, uint8 role) ` 30. File: 2022-06-putty/contracts/lib/solmate/src/test/RolesAuthority.t.sol (line 88): `uint8 role,` 31. File: 2022-06-putty/contracts/lib/solmate/src/test/RolesAuthority.t.sol (line 113): `uint8 role,`
keccak256(), should use immutable rather than constant :-1. File: 2022-06-putty/contracts/lib/solmate/src/utils/CREATE3.sol (line 35): `bytes32 internal constant PROXY_BYTECODE_HASH = keccak256(PROXY_BYTECODE);` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC20.t.sol (line 12-13): `bytes32 constant PERMIT_TYPEHASH = keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");`
require() or revert() statements that check input arguments should be at the top of the function:-1. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeTransferLib.t.sol (line 436): `require(garbage.length != 0 && (garbage.length < 32 || garbage[31] != bytes1(0x01)));` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeTransferLib.t.sol (line 486): `require(garbage.length != 0 && (garbage.length < 32 || garbage[31] != bytes1(0x01)));` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/SafeTransferLib.t.sol (line 531): `require(garbage.length != 0 && (garbage.length < 32 || garbage[31] != bytes1(0x01)));` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSInvariantTest.sol (line 8): `require(targets.length > 0, "NO_TARGET_CONTRACTS");` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 21): `uint8 public constant decimals = 18;` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 141): `require(a.length == b.length, "LENGTH_MISMATCH");` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 153): `require(max >= min, "MAX_LESS_THAN_MIN");` 8. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 125): `require(deadline >= block.timestamp, "PERMIT_DEADLINE_EXPIRED");` 9. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 154): `require(recoveredAddress != address(0) && recoveredAddress == owner, "INVALID_SIGNER");` 10. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 36): `require((owner = _ownerOf[id]) != address(0), "NOT_MINTED");` 11. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 40): `require(owner != address(0), "ZERO_ADDRESS");` 12. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 69): `require(msg.sender == owner || isApprovedForAll[owner][msg.sender], "NOT_AUTHORIZED");` 13. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 87-94): `require(from == _ownerOf[id], "WRONG_FROM"); require(to != address(0), "INVALID_RECIPIENT"); require( msg.sender == from || isApprovedForAll[from][msg.sender] || msg.sender == getApproved[id], "NOT_AUTHORIZED" );` 14. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 118-123): `require( to.code.length == 0 || ERC721TokenReceiver(to).onERC721Received(msg.sender, from, id, "") == ERC721TokenReceiver.onERC721Received.selector, "UNSAFE_RECIPIENT" );` 15. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 134-139): `require( to.code.length == 0 || ERC721TokenReceiver(to).onERC721Received(msg.sender, from, id, data) == ERC721TokenReceiver.onERC721Received.selector, "UNSAFE_RECIPIENT" );` 16. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 158): `require(to != address(0), "INVALID_RECIPIENT");` 17. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 160): `require(_ownerOf[id] == address(0), "ALREADY_MINTED");` 18. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 175): `require(owner != address(0), "NOT_MINTED");` 19. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 196): `require( to.code.length == 0 || ERC721TokenReceiver(to).onERC721Received(msg.sender, address(0), id, "") == ERC721TokenReceiver.onERC721Received.selector, "UNSAFE_RECIPIENT" );` 20. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.soll (line 211): `require( to.code.length == 0 || ERC721TokenReceiver(to).onERC721Received(msg.sender, address(0), id, data) == ERC721TokenReceiver.onERC721Received.selector, "UNSAFE_RECIPIENT" );` 21. File: 2022-06-putty/contracts/lib/solmate/src/utils/CREATE3.sol (line 50): `require(proxy != address(0), "DEPLOYMENT_FAILED");` 22. File: 2022-06-putty/contracts/lib/solmate/src/utils/CREATE3.sol (line 54): `require(success && deployed.code.length != 0, "INITIALIZATION_FAILED");` 23. File: 2022-06-putty/contracts/lib/solmate/src/utils/SSTORE2.sol (line 43): `require(pointer != address(0), "DEPLOYMENT_FAILED");`
SOLIDITY (Use a solidity version of at least 0.8.10 to have external calls skip contract existence checks if the external call has a return value):-1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSInvariantTest.sol (line 2): `pragma solidity >=0.8.0;` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/DSTestPlus.sol (line 2): `pragma solidity >=0.8.0;` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/Hevm.sol (line 2): `rpragma solidity >=0.8.0;` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockAuthChild.sol (line 2): `pragma solidity >=0.8.0;` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockAuthority.sol (line 2): `pragma solidity >=0.8.0;` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC1155.sol (line 2): `rpragma solidity >=0.8.0;` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC20.sol (line 2): `pragma solidity >=0.8.0;` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC4626.sol (line 2): `pragma solidity >=0.8.0;` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockOwned.sol (line 2): `rpragma solidity >=0.8.0;` 10. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 2): `pragma solidity >=0.8.0;` 11. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsFalseToken.sol (line 2): `pragma solidity >=0.8.0;` 12. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 2): `rpragma solidity >=0.8.0;` 13. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooLittleToken.sol (line 2): `pragma solidity >=0.8.0;` 14. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 2): `pragma solidity >=0.8.0;` 15. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTwoToken.sol (line 2): `rpragma solidity >=0.8.0;` 16. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/RevertingToken.sol (line 2): `pragma solidity >=0.8.0;` 17. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC20.sol (line 2): `pragma solidity >=0.8.0;` 18. File: 2022-06-putty/contracts/lib/solmate/src/tokens/ERC721.sol (line 2): `rpragma solidity >=0.8.0;` 19. File: 2022-06-putty/contracts/lib/solmate/src/tokens/WETH.sol (line 2): `pragma solidity >=0.8.0;` 20. File: 2022-06-putty/contracts/lib/solmate/src/utils/CREATE3.sol (line 2): `pragma solidity >=0.8.0;` 21. File: 2022-06-putty/contracts/lib/solmate/src/utils/ReentrancyGuard.sol (line 2): `rpragma solidity >=0.8.0;` 22. File: 2022-06-putty/contracts/lib/solmate/src/utils/SSTORE2.sol (line 2): `pragma solidity >=0.8.0;` 23. File: 2022-06-putty/contracts/lib/solmate/src/utils/SafeTransferLib.sol(line 2): `pragma solidity >=0.8.0;` 24. File: 2022-06-putty/contracts/lib/solmate/src/auth/Auth.sol (line 2): `rpragma solidity >=0.8.0;` 25. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 2): `pragma solidity >=0.8.0;` 26. File: 2022-06-putty/contracts/lib/solmate/src/mixins/ERC4626.sol (line 2): `pragma solidity >=0.8.0;`
private rather than public for constants, saves gas:-1. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/MissingReturnToken.sol (line 17-21): ` string public constant name = "MissingReturnToken"; string public constant symbol = "MRT"; uint8 public constant decimals = 18;` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsFalseToken.sol (line 17-21): ` string public constant name = "ReturnsFalseToken"; string public constant symbol = "RFT"; uint8 public constant decimals = 18;` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsGarbageToken.sol (line 17-21): ` string public constant name = "ReturnsGarbageToken"; string public constant symbol = "RGT"; uint8 public constant decimals = 18;` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooLittleToken.sol (line 17-21): ` string public constant name = "ReturnsTooLittleToken"; string public constant symbol = "RTLT"; uint8 public constant decimals = 18;` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTooMuchToken.sol (line 17-21): ` string public constant name = "ReturnsTooMuchToken"; string public constant symbol = "RTMT"; uint8 public constant decimals = 18;` 6. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/ReturnsTwoToken.sol (line 17-21): ` string public constant name = "ReturnsFalseToken"; string public constant symbol = "RTT"; uint8 public constant decimals = 18;` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/weird-tokens/RevertingToken.sol (line 17-21): ` string public constant name = "RevertingToken"; string public constant symbol = "RT"; uint8 public constant decimals = 18;`
abstract and the function signatures be added without any default implementation. If the block is an empty if-statement block to avoid doing subsequent checks in the else-if/else conditions, the else-if/else conditions should be nested under the negation of the if-statement, because they involve different classes of checks, which may lead to the introduction of errors when the code is later modified (if(x){}else if(y){...}else{...} => if(!x){if(y){...}else{...}}) ):-1. File: 2022-06-putty/contracts/lib/solmate/src/test/WETH.t.sol (line 107): `receive() external payable {}` 2. File: 2022-06-putty/contracts/lib/solmate/src/test/WETH.t.sol (line 145): `receive() external payable {}` 3. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC1155.sol (line 7): `function uri(uint256) public pure virtual override returns (string memory) {}` 4. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC20.sol (line 11): `ERC20(_name, _symbol, _decimals) {}` 5. File: 2022-06-putty/contracts/lib/solmate/src/test/utils/mocks/MockERC4626.sol (line 15): ` ERC4626(_underlying, _name, _symbol) {}` 6. File: 2022-06-putty/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol (line 24): `constructor(address _owner, Authority _authority) Auth(_owner, _authority) {}` 7. File: 2022-06-putty/contracts/lib/solmate/src/test/ERC721.t.sol (line 54): `contract NonERC721Recipient {}` 8. File: 2022-06-putty/contracts/lib/solmate/src/test/ReentrancyGuard.t.sol (line 24): `function overprotectedCall() public nonReentrant {}` 9. File: 2022-06-putty/contracts/lib/solmate/src/test/ReentrancyGuard.t.sol (line 48-50): `ctry riskyContract.protectedCall() { fail("Reentrancy Guard Failed To Stop Attacker"); } catch {}`