Volt Protocol contest - CertoraInc's results

Low and non critical bugs

• Upper case variable name which is not constant or immutable - DOMAIN_SEPARATOR in Volt contract, CONTRACT_ADMIN_ROLE in CoreRef contract
• Set the solidity version to a specific version instead of using ^0.8.4. That is to avoid possible bugs that could turn out if the code will be used in newer solidity version.
• The init method of the Core contract is front-runnable, so an attacker can front run the transaction and call the function, which will make him become the governor and will make the contract must be re-deployed
• Solidity version of WETH9 contract is different than the rest of the contract (^0.4.18 instead of ^0.8.4), also the version of IVoltTimedMinter, Constants and some of the mock contracts is ^0.8.0
• Vcon minter might get locked - it is better to transfer the minter in 2 phases, where the pending minter must accept in order to become the new minter. That way, the minter cannot be transferred to an un-reachable address.

function setMinter(address minter_) external {
    require(
        msg.sender == minter,
        "Vcon: only the minter can change the minter address"
    );
    emit MinterChanged(minter, minter_);
    minter = minter_;
}

Gas Optimizations

• Calculate hash values instead of calculating them in runtime. For example in the constructor of Volt contract you can calculate keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)") and keccak("1") before the deployment in order to save gas
• Use unchecked on the calculation in the _depleteBuffer function in RateLimited contract and in the _depleteIndividualBuffer function in MultiRateLimited contract (we know that usedAmount <= newBuffer so newBuffer - usedAmount won't underflow)
• Use shifting instead of calculating powers of 2 - use 2 << 32 and 2 << 96 instead of 2 ** 32 and 2 ** 96 (in the safe32 and safe96 functions of the Vcon contract)