Platform: Code4rena
Start Date: 31/03/2022
Pot Size: $75,000 USDC
Total HM: 7
Participants: 42
Period: 7 days
Judge: Jack the Pug
Total Solo HM: 5
Id: 102
League: ETH
Rank: 18/42
Findings: 2
Award: $228.99
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rayn
Also found by: 0xDjango, 0xkatana, 0xkowloon, BouSalman, CertoraInc, Dravee, Funen, Hawkeye, IllIllI, Jujic, Kenshin, Kthere, Meta0xNull, Sleepy, TerrierLover, async, aysha, berndartmueller, catchup, cccz, cmichel, csanuragjain, danb, defsec, georgypetrov, hake, hubble, kenta, kyliek, pauliax, rfa, robee, sahar, shenwilly, teryanarmen
124.9825 USDC - $124.98
Fei into Volt on CommentComment has to be changed, for Fei to Volt Instead, so comment would be more clearly and doesnt do missinformation.
##Tool Used Manual Review
##Recommended Mitigation
change to Volt
##Occurances
main/contracts/core/Core.sol #L11 main/contracts/core/Core.sol #L14 main/contracts/core/Permission.sol #L8 main/contracts/pvc/PVCDeposit.sol #L9 main/contracts/pvc/compound/CompoundPCVDepositBase.sol #L21 main/contracts/pvc/compound/CompoundPCVDepositBase.sol #L28 main/contracts/pvc/compound/CompoundPCVDepositBase.sol #L52 main/contracts/volt/Volt.sol #7-8 main/contracts/volt/Volt.sol #17-18 main/contracts/volt/Volt.sol #38 main/contracts/volt/Volt.sol #51 main/contracts/volt/Volt.sol #58-59
🌟 Selected for report: IllIllI
Also found by: 0v3rf10w, 0xNazgul, 0xkatana, 0xkowloon, CertoraInc, Dravee, Funen, Hawkeye, Jujic, Kenshin, Meta0xNull, Sleepy, TerrierLover, catchup, csanuragjain, defsec, georgypetrov, kenta, okkothejawa, rayn, rfa, robee, saian, samruna
104.0146 USDC - $104.01
amountFeiToTransfer doesnt need to be checked if was zero
##Tool Used Visual Studio Code, Manual Review
##Reccomendation Mitigation Remove it
SafeERC20 function for gas savinghttps://github.com/code-423n4/2022-03-volt/blob/main/contracts/pcv/PCVDeposit.sol this implementation can be used for another gas opt
##Impact Expensive gas
##POC https://docs.openzeppelin.com/contracts/3.x/api/token/erc20#SafeERC20
##Tool Used Manual Review
##Reccomendation Mitigation Steps
by do not declaring using SafeERC20 for IERC20; and used safeTransfer and safeTransferFrom.
if-elseif logic for saving more gashttps://github.com/code-423n4/2022-03-volt/blob/f1210bf3151095e4d371c9e9d7682d9031860bbd/contracts/peg/NonCustodialPSM.sol#L292-L298 This implementation can be using for saving more gas.
##Tool used Visual Studio Code, Manual Review
##Recommended Mitigation Step
if (amountFeiToTransfer != 0) { IERC20(volt()).safeTransfer(to, amountFeiToTransfer); } if (amountFeiToMint != 0) { rateLimitedMinter.mintVolt(to, amountFeiToMint); }
change to else if to save gas :
if (amountFeiToTransfer != 0) { IERC20(volt()).safeTransfer(to, amountFeiToTransfer); } else if (amountFeiToMint != 0) { rateLimitedMinter.mintVolt(to, amountFeiToMint); }
since this was no-op, removed this can be saving more gas.
##Impact Expensive gas
##Tool used Remix
##Recommended Mitigation Remove Constructor
This functions could be set external to saving more gas gas
##Impact Expensive Gas
##POC https://github.com/code-423n4/2022-03-volt/blob/f1210bf3151095e4d371c9e9d7682d9031860bbd/contracts/core/Permissions.sol#L187 https://github.com/code-423n4/2022-03-volt/blob/f1210bf3151095e4d371c9e9d7682d9031860bbd/contracts/core/Permissions.sol#L202