Platform: Code4rena
Start Date: 07/07/2022
Pot Size: $75,000 USDC
Total HM: 32
Participants: 141
Period: 7 days
Judge: HardlyDifficult
Total Solo HM: 4
Id: 144
League: ETH
Rank: 69/141
Findings: 2
Award: $102.15
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: xiaoming90
Also found by: 0x1f8b, 0x29A, 0x52, 0xA5DF, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 0xsanson, 0xsolstars, 242, 8olidity, Amithuddar, Aymen0909, Bnke0x0, BowTiedWardens, David_, Deivitto, ElKu, Funen, Hawkeye, IllIllI, JC, Kaiziron, Keen_Sheen, Kthere, Kulk0, Kumpa, Lambda, MEP, ReyAdmirado, Rohan16, Ruhum, Sm4rty, TomJ, Tomio, Treasure-Seeker, TrungOre, Tutturu, Viksaa39, Waze, _Adam, __141345__, ak1, apostle0x01, asutorufos, async, ayeslick, aysha, bbrho, benbaessler, berndartmueller, c3phas, cccz, chatch, cloudjunky, codexploder, cryptphi, delfin454000, dipp, durianSausage, dy, exd0tpy, fatherOfBlocks, hake, hansfriese, horsefacts, hubble, joestakey, jonatascm, kebabsec, kenzo, kyteg, mektigboy, neumo, oyc_109, pashov, pedr02b2, peritoflores, rajatbeladiya, rbserver, robee, rokinot, s3cunda, sach1r0, sahar, sashik_eth, scaraven, shenwilly, simon135, sorrynotsorry, sseefried, svskaushik, unforgiven, z3s, zzzitron
61.9379 USDC - $61.94
since fractionDeposit was not declared in the code as well the code was used depositAmount , so it can be changed instead.
/// - buyoutPrice = (ethDeposit * 100) / (100 - ((fractionDeposit * 100) / totalSupply))
uint256 buyoutPrice = (msg.value * 100) / (100 - ((depositAmount * 100) / totalSupply));
This can be deleted instead since it was unnecessary to the code
1.) Vault.sol Line.37
// prettier-ignore
royaltyAmount = (_salePrice * royaltyPercent[_id]) / 100;
uint256 buyoutPrice = (msg.value * 100) / (100 - ((depositAmount * 100) / totalSupply));
(tokenBalance * 1000) / IVaultRegistry(registry).totalSupply(_vault) > 500
🌟 Selected for report: joestakey
Also found by: 0x1f8b, 0x29A, 0xA5DF, 0xKitsune, 0xNazgul, 0xNineDec, 0xalpharush, 0xkatana, 0xsanson, 0xsolstars, 8olidity, Avci, Bnke0x0, BowTiedWardens, Chom, Deivitto, ElKu, Fitraldys, Funen, IllIllI, JC, Kaiziron, Lambda, Limbooo, MEP, NoamYakov, PwnedNoMore, RedOneN, ReyAdmirado, Rohan16, Ruhum, Saintcode_, Sm4rty, TomJ, Tomio, TrungOre, Tutturu, Waze, _Adam, __141345__, ajtra, apostle0x01, asutorufos, benbaessler, brgltd, c3phas, codexploder, cryptphi, delfin454000, dharma09, djxploit, durianSausage, fatherOfBlocks, giovannidisiena, gogo, horsefacts, hrishibhat, hyh, ignacio, jocxyen, jonatascm, karanctf, kebabsec, kyteg, m_Rassska, mektigboy, oyc_109, pedr02b2, rbserver, robee, rokinot, sach1r0, sashik_eth, simon135, slywaters
40.2092 USDC - $40.21
fractionPrice * _amount can saving more gas// Reverts if payment amount does not equal price of fractional amount if (msg.value != fractionPrice * _amount) revert InvalidPayment(); //3589182 before
can be saving lot gas by doing this :
uint256 ethAmount = fractionPrice * _amount; // Reverts if payment amount does not equal price of fractional amount if (msg.value != fractionPrice * _amount) revert InvalidPayment(); //3587236 after
This can be saving a lot of gas consumtion.
Remix
calldata than memory for saving more gasfunction setURI(uint256 _id, string memory _uri) external { // string calldata _uri
bytes32[] memory _proof,
++i than i++ for cost less gasUsing i++ instead ++i for all the loops, the variable i is incremented using i++. It is known that implementation by using ++i costs less gas per iteration than i++.
src/Vault.sol#L78 for (uint256 i = 0; i < length; i++) { src/Vault.sol#L104 for (uint256 i = 0; i < length; i++) {
uint256 i = 0 into uint i for saving more gasusing this implementation can saving more gas for each loops.
src/Vault.sol#L78 for (uint256 i = 0; i < length; i++) { src/Vault.sol#L104 for (uint256 i = 0; i < length; i++) { src/utils/MerkleBase.sol#L51 for (uint256 i = 0; i < _proof.length; ++i) { src/modules/protoforms/BaseVault.sol#L83 for (uint256 i = 0; i < _tokens.length; ) { src/modules/protoforms/BaseVault.sol#L107 for (uint256 i = 0; i < _tokens.length; ++i) {
address public supply;
address public registry;
/// @notice Address of VaultRegistry contract address public registry; /// @notice Address of Supply target contract address public supply;
= 0This implementation code can be saving more gas by removing = 0, it because If a variable was not set/initialized, it is assumed to have default value to 0
userProposalFractions[_proposalId][msg.sender] = 0;
userProposalEth[_proposalId][msg.sender] = 0;
userProposalFractions[_proposalId][msg.sender] = 0;
userProposalEth[_proposalId][msg.sender] = 0;
packing struct order by doing an practice down below :
State state; address proposer; uint256 startTime; uint256 fractionPrice; uint256 ethBalance; uint256 lastTotalSupply;
this can be gas saving if this contract called mutiple times.
7.) Short reason string can be used for saving more gas
Every reason string takes at least 32 bytes. Use short reason strings that fits in 32 bytes or it will become more expensive.
src/utils/MerkleBase.sol#L62 "wont generate root for single leaf" src/utils/MerkleBase.sol#L78 "wont generate proof for single leaf"