Back to Collinsoden's contests

Badger eBTC Audit + Certora Formal Verification Competition - Collinsoden's results

Use stETH to borrow Bitcoin with 0% fees | The only smart contract based #BTC.

General Information

Platform: Code4rena

Start Date: 24/10/2023

Pot Size: $149,725 USDC

Total HM: 7

Participants: 52

Period: 21 days

Judge: ronnyx2017

Total Solo HM: 2

Id: 300

League: ETH

eBTC Protocol

Findings Distribution

Researcher Performance

Rank: 44/52

Findings: 1

Award: $21.02

Gas:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryeBTC Protocol

Findings Information

🌟 Selected for report: DavidGiladi

Also found by: 0xhex, 0xta, Collinsoden, JCK, Madalad, SAQ, SY_S, Sathish9098, cheatc0d3, codeslide, hihen, hunter_w3b, jamshed, lsaudit, mgf15, nonseodion, oualidpro, petrichor, sivanesh_808, tala7985, unique, ybansal2403, zabihullahazadzoi

Awards

21.0214 USDC - $21.02

Labels

bug
G (Gas Optimization)
grade-b
insufficient quality report
G-20

External Links

Link to GitHub issue

Gas Optimization

Gas 01: In contract/BorrowOperations.sol

Link to code

Gas can be optimized if the call _requireSufficientEbtcTokenBalance is made first before getCdpCollShares and getCdpLiquidatorRewardShares as those two values may not be needed until after the check. If the _requireSufficientEbtcTokenBalance call fails, the gas spent on making those calls will be lost. This can save about 82,864 gas if the check fails.

       uint256 collShares = cdpManager.getCdpCollShares(_cdpId);
       uint256 debt = cdpManager.getCdpDebt(_cdpId);
       uint256 liquidatorRewardShares = cdpManager.getCdpLiquidatorRewardShares(_cdpId);

       _requireSufficientEbtcTokenBalance(msg.sender, debt)

The code can be optimized thus:

  function decreaseSystemDebt(uint256 _amount) external override { 
       _requireCallerIsBOorCdpM();
       uint256 debt = cdpManager.getCdpDebt(_cdpId);
       
       _requireSufficientEbtcTokenBalance(msg.sender, debt)
       
       uint256 collShares = cdpManager.getCdpCollShares(_cdpId);
       uint256 liquidatorRewardShares = cdpManager.getCdpLiquidatorRewardShares(_cdpId);

Gas 02: In contracts/ActivePool.sol

Link to code

In the code below, assigning systemDebt as systemDebt -= _amount would save gas and a variable.

So this is recommended:

function decreaseSystemDebt(uint256 _amount) external override {
   _requireCallerIsBOorCdpM();
   systemDebt -= _amount
   emit ActivePoolEBTCDebtUpdated(systemDebt);

Instead of this:

   function decreaseSystemDebt(uint256 _amount) external override { 
       _requireCallerIsBOorCdpM();

       uint256 cachedSystemDebt = systemDebt - _amount;

       systemDebt = cachedSystemDebt;
       emit ActivePoolEBTCDebtUpdated(cachedSystemDebt);
   }

#0 - c4-pre-sort

2023-11-17T14:39:48Z

bytes032 marked the issue as insufficient quality report

#1 - c4-judge

2023-11-25T09:12:43Z

jhsagd76 marked the issue as grade-c

#2 - c4-judge

2023-11-25T09:15:18Z

jhsagd76 marked the issue as grade-b

#3 - jhsagd76

2023-12-06T20:26:08Z

4 + 3

7

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter