Platform: Code4rena
Start Date: 26/05/2022
Pot Size: $75,000 USDT
Total HM: 31
Participants: 71
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 18
Id: 126
League: ETH
Rank: 54/71
Findings: 1
Award: $100.03
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x29A, 0xDjango, 0xNazgul, 0xf15ers, BouSalman, Chom, Deivitto, Dravee, ElKu, FSchmoede, Funen, GimelSec, Hawkeye, MiloTruck, Picodes, SecureZeroX, SmartSek, TerrierLover, WatchPug, _Adam, asutorufos, berndartmueller, c3phas, catchup, cccz, cogitoergosumsw, cryptphi, csanuragjain, delfin454000, dipp, ellahi, gzeon, hansfriese, horsefacts, hyh, kirk-baird, minhquanym, oyc_109, pauliax, reassor, robee, sashik_eth, shenwilly, simon135, sorrynotsorry, sseefried, unforgiven, xiaoming90, z3s
100.0277 USDT - $100.03
This problem may lead into problems with readability and maintainability, also may lead into unexpected behaviours. Reference: https://secureum.substack.com/p/security-pitfalls-and-best-practices-201?s=r Keypoint 154: Comments
Example: https://github.com/code-423n4/2022-05-vetoken/blob/main/contracts/VE3DRewardPool.sol#L122-L132 Recommendations: Add the return types and other key aspects on the code and expected behaviours like what is supposed to do the function. Follow general guidelines for well written code like the ones from Secureum.
Reentrancy that uses transfer and transferFrom gast cost as protection may lead into problems in case gast cost changes, as can be minting more
Start of the call: https://github.com/code-423n4/2022-05-vetoken/blob/main/contracts/VeAssetDepositor.sol#L114 External call: https://github.com/code-423n4/2022-05-vetoken/blob/main/contracts/VeAssetDepositor.sol#L90
Detection: slither
#0 - GalloDaSballo
2022-07-07T00:01:27Z
Valid NC
Code is non CEI conformant, valid Low