Platform: Code4rena
Start Date: 03/05/2022
Pot Size: $30,000 USDC
Total HM: 6
Participants: 93
Period: 3 days
Judge: gzeon
Id: 118
League: ETH
Rank: 68/93
Findings: 2
Award: $45.73
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: defsec
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0x52, 0xDjango, 0xf15ers, 0xkatana, 0xliumin, AuditsAreUS, BowTiedWardens, CertoraInc, Cr4ckM3, Funen, GimelSec, Hawkeye, IllIllI, Kulk0, M0ndoHEHE, MaratCerby, Picodes, Ruhum, TerrierLover, TrungOre, VAD37, WatchPug, berndartmueller, broccolirob, catchup, cccz, cryptphi, csanuragjain, delfin454000, dirk_y, eccentricexit, ellahi, fatherOfBlocks, gzeon, hake, hansfriese, hickuphh3, horsefacts, hubble, hyh, ilan, joestakey, kebabsec, kenta, kenzo, leastwood, m9800, marximimus, minhquanym, oyc_109, p4st13r4, pauliax, pedroais, peritoflores, plotchy, rajatbeladiya, reassor, rfa, robee, rotcivegaf, samruna, shenwilly, shung, simon135, sorrynotsorry, sseefried, teddav, throttle, tintin, unforgiven, z3s
30.2807 USDC - $30.28
##Tool Used Manual Review
##Tool Used Manual Review
#0 - liveactionllama
2022-05-10T17:18:13Z
Warden accidentally submitted this via the bunker.finance contest form originally at 18:58 UTC on 05/05/2022 (prior to the contest close for Forgotten Runes). They reached out via C4 help request to ask that this submission be moved over to the Forgotten Runes contest on their behalf.
🌟 Selected for report: BowTiedWardens
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xProf, 0xc0ffEE, 0xf15ers, 0xkatana, 0xliumin, ACai, AlleyCat, CertoraInc, Cityscape, Cr4ckM3, DavidGialdi, Dinddle, FSchmoede, Funen, GimelSec, Hawkeye, IllIllI, Kulk0, M0ndoHEHE, MaratCerby, MiloTruck, Picodes, RoiEvenHaim, Tadashi, TerrierLover, TrungOre, VAD37, WatchPug, antonttc, catchup, defsec, delfin454000, dirk_y, eccentricexit, ellahi, fatherOfBlocks, gzeon, hake, hansfriese, hickuphh3, horsefacts, ilan, joestakey, kebabsec, kenta, kenzo, marximimus, minhquanym, noobie, oyc_109, p4st13r4, pauliax, rajatbeladiya, reassor, rfa, robee, rotcivegaf, saian, samruna, shenwilly, shung, simon135, slywaters, sorrynotsorry, throttle, unforgiven, z3s
15.4498 USDC - $15.45
+= 1 for saving more gasThis code can be changed by using increment postfix e.g numSold++; or it can be better by using prefix ++numSold
##Tool Used Manual Review, Remix
##Another Occurance 1. ForgottenRunesWarriorsGuild.sol#L104 2. ForgottenRunesWarriorsMinter.sol#L248
Using i++ instead ++i for all the loops, the variable i is incremented using i++. It is known that implementation by using ++i costs less gas per iteration than i++.
Manual Review, Remix
##Occurances
1. ForgottenRunesWarriorsMinter.sol#L162 2. ForgottenRunesWarriorsMinter.sol#L220 3. ForgottenRunesWarriorsMinter.sol#L162
uint256 i = 0 into uint i for saving more gasusing this implementation can saving more gas for each loops.
##Tool Used Manual Review & Remix
##Recommended Mitigation Change it
##Occurances
1. ForgottenRunesWarriorsMinter.sol#L162 2. ForgottenRunesWarriorsMinter.sol#L220 3. ForgottenRunesWarriorsMinter.sol#L162
= 0If a variable was not set/initialized, it is assumed to have default value to 0
this implementation was used for saving more gas by removing = 0
##TOOLS USED Remix, Manual Review
##Mitigation Step
Remove = 0
Every reason string takes at least 32 bytes. Use short reason strings that fits in 32 bytes or it will become more expensive.
##Tool Used Manual Review
##Occurance :
main/contracts/ForgottenRunesWarriorsGuild.sol#L70 main/contracts/ForgottenRunesWarriorsGuild.sol#L116 main/contracts/ForgottenRunesWarriorsMinter.sol#L142 main/contracts/ForgottenRunesWarriorsMinter.sol#L212