Platform: Code4rena
Start Date: 12/12/2022
Pot Size: $36,500 USDC
Total HM: 8
Participants: 103
Period: 7 days
Judge: berndartmueller
Id: 193
League: ETH
Rank: 77/103
Findings: 1
Award: $14.83
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: Rolezn
Also found by: 0x1f8b, 0xAgro, 0xSmartContract, 0xab00, 0xhacksmithh, Aymen0909, Bnke0x0, Breeje, Diana, HardlyCodeMan, IllIllI, JC, JrNet, Madalad, NoamYakov, RaymondFam, ReyAdmirado, SleepingBugs, UdarTeam, c3phas, carlitox477, cryptonue, gz627, lukris02, millersplanet, oyc_109, pavankv, ret2basic, saneryee, tnevler
14.833 USDC - $14.83
In Solidity 0.8+, there’s a default overflow check on unsigned integers. It’s possible to uncheck this in for-loops and save some gas at each iteration, but at the cost of some code readability, as this uncheck cannot be made inline
Prior to Solidity 0.8.0, arithmetic operations would always wrap in case of under- or overflow leading to widespread use of libraries that introduce additional checks.
Since Solidity 0.8.0, all arithmetic operations revert on over- and underflow by default, thus making the use of these libraries unnecessary.
To obtain the previous behaviour, an unchecked block can be used
There are 7 instances of this issue
https://github.com/code-423n4/2022-12-caviar/blob/main/src/Pair.sol
File: src/Pair.sol 238: for (uint256 i = 0; i < tokenIds.length; i++) { 258: for (uint256 i = 0; i < tokenIds.length; i++) { 468: for (uint256 i = 0; i < tokenIds.length; i++) {
https://github.com/code-423n4/2022-12-caviar/blob/main/src/lib/SafeERC20Namer.sol
File: src/lib/SafeERC20Namer.sol 13: for (uint256 j = 0; j < 32; j++) { 22: for (uint256 j = 0; j < charCount; j++) { 33: for (uint256 i = 32; i < 64; i++) { 39: for (uint256 i = 0; i < charCount; i++) {
There are 3 instances of this issue
https://github.com/code-423n4/2022-12-caviar/blob/main/src/Pair.sol
File: src/Pair.sol 448: balanceOf[from] -= amount; 453: balanceOf[to] += amount;
https://github.com/code-423n4/2022-12-caviar/blob/main/src/lib/SafeERC20Namer.sol
File: src/lib/SafeERC20Namer.sol 35: charCount += uint8(b[i]);
There is 1 instance of this issue
https://github.com/code-423n4/2022-12-caviar/blob/main/src/Pair.sol
File: main/src/Pair.sol 71: require(baseTokenAmount > 0 && fractionalTokenAmount > 0, "Input token amount is zero");
Not inlining costs 20 to 40 gas because of two extra JUMP instructions and additional stack operations needed for function calls.
There are 2 instances of this issue
https://github.com/code-423n4/2022-12-caviar/blob/main/src/Pair.sol
File: src/Pair.sol 463: function _validateTokenIds(uint256[] calldata tokenIds, bytes32[][] calldata proofs) internal view {
https://github.com/code-423n4/2022-12-caviar/blob/main/src/lib/SafeERC20Namer.sol
File: src/lib/SafeERC20Namer.sol 87: function tokenName(address token) internal view returns (string memory) {
There are 2 instances of this issue
https://github.com/code-423n4/2022-12-caviar/blob/main/src/Pair.sol
File: src/Pair.sol 343: require(caviar.owner() == msg.sender, "Close: not owner"); 361: require(caviar.owner() == msg.sender, "Withdraw: not owner");
#0 - c4-judge
2023-01-14T17:15:29Z
berndartmueller marked the issue as grade-b