Back to Funen's contests

Juicebox V2 contest - Funen's results

The decentralized fundraising and treasury protocol.

General Information

Platform: Code4rena

Start Date: 01/07/2022

Pot Size: $75,000 USDC

Total HM: 17

Participants: 105

Period: 7 days

Judge: Jack the Pug

Total Solo HM: 5

Id: 143

League: ETH

Juicebox

Findings Distribution

Researcher Performance

Rank: 42/105

Findings: 2

Award: $132.73

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryJuicebox

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0x29A, 0xDjango, 0xNazgul, 0xNineDec, 0xdanial, 0xf15ers, Bnke0x0, Ch_301, Chandr, Chom, Funen, GimelSec, Hawkeye, JC, Kaiziron, Lambda, Meera, MiloTruck, Noah3o6, Picodes, ReyAdmirado, Rohan16, Sm4rty, TerrierLover, TomJ, Waze, _Adam, __141345__, asutorufos, aysha, berndartmueller, brgltd, cccz, codexploder, defsec, delfin454000, djxploit, durianSausage, fatherOfBlocks, hake, horsefacts, hubble, jayfromthe13th, joestakey, jonatascm, m_Rassska, oyc_109, pashov, rajatbeladiya, rbserver, robee, sach1r0, sahar, samruna, simon135, svskaushik, zzzitron

Awards

94.5013 USDC - $94.50

Labels

bug
QA (Quality Assurance)
valid

External Links

Link to GitHub issue
  1. Using Bitwise OR assignment in fn _packedPermissions()

poc : https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Bitwise_OR_assignment

https://github.com/jbx-protocol/juice-contracts-v2-code4rena/blob/828bf2f3e719873daa08081cfa0d0a6deaa5ace5/contracts/JBOperatorStore.sol#L171

      packed |= 1 << _index;

in javasricpt that was gonna be :

x |= y // x = x | y

i dont know this can be the same as dev desire to be, since if we use this solidity operator :

https://www.geeksforgeeks.org/solidity-operators/ https://www.tutorialspoint.com/solidity/solidity_operators.htm https://medium.com/coinmonks/solidity-fundamentals-1fb0e6b3b607

it can be changed into :

      packed = packed | 1 << _index;

or

 packed | 1 << _index;

never found Bitwise OR assignment but dev can be looked into packed that would be the same as they wanted to be.

  1. Lack of indexed

Since all interface was in scope this can be consider since it was missing indexed

1.) address beneficiary, address token

https://github.com/jbx-protocol/juice-contracts-v2-code4rena/blob/828bf2f3e719873daa08081cfa0d0a6deaa5ace5/contracts/interfaces/IJBSplitsPayer.sol#L17-L18

2.) address beneficiary, address token

https://github.com/jbx-protocol/juice-contracts-v2-code4rena/blob/828bf2f3e719873daa08081cfa0d0a6deaa5ace5/contracts/interfaces/IJBSplitsPayer.sol#L31-L32

  1. Typo Comment

mumber => number

https://github.com/jbx-protocol/juice-contracts-v2-code4rena/blob/828bf2f3e719873daa08081cfa0d0a6deaa5ace5/contracts/JBSingleTokenPaymentTerminalStore.sol#L384

    // The weight is always a fixed point mumber with 18 decimals. To ensure this, the ratio should use the same number of decimals as the `_amount`

Findings Information

🌟 Selected for report: 0xA5DF

Also found by: 0v3rf10w, 0x09GTO, 0x1f8b, 0x29A, 0xDjango, 0xKitsune, 0xNazgul, 0xdanial, 0xf15ers, Aymen0909, Bnke0x0, Ch_301, Cheeezzyyyy, Chom, ElKu, Funen, Hawkeye, IllIllI, JC, JohnSmith, Kaiziron, Lambda, Limbooo, Meera, Metatron, MiloTruck, Noah3o6, Picodes, Randyyy, RedOneN, ReyAdmirado, Rohan16, Saintcode_, Sm4rty, TomJ, Tomio, Tutturu, UnusualTurtle, Waze, _Adam, __141345__, ajtra, apostle0x01, asutorufos, brgltd, c3phas, cRat1st0s, codexploder, defsec, delfin454000, djxploit, durianSausage, exd0tpy, fatherOfBlocks, hake, horsefacts, ignacio, jayfromthe13th, joestakey, jonatascm, kaden, kebabsec, m_Rassska, mektigboy, mrpathfindr, oyc_109, rajatbeladiya, rbserver, rfa, robee, sach1r0, sashik_eth, simon135

Awards

38.2308 USDC - $38.23

Labels

bug
G (Gas Optimization)
valid

External Links

Link to GitHub issue
  1. Redundant Code hasPermission() and setOperator() in JBOperatorStore.sol

function hasPermission() line.57 and line.79

and

function setOperator() line.109 and line.134

how ever it can be simply to be used one function at the time, it would be saving more gas instead.

  1. Using || than && operator can reduce gas cost

since this implementation below can be set since e.g on contracts/JBDirectory.sol (https://github.com/jbx-protocol/juice-contracts-v2-code4rena/tree/828bf2f3e719873daa08081cfa0d0a6deaa5ace5/contracts/JBDirectory.sol)

Line.133-136 Line.229-233 Line.266-268 Line.363-366

it can be reduce gas cost >200gas (a lot). but some it depend on that code but this can be consider if you wanted to saving more gas.

  1. changed using ++i than i++ for cost less gas

Using i++ instead ++i for all the loops, the variable i is incremented using i++. It is known that implementation by using ++i costs less gas per iteration than i++.

/contracts/JBOperatorStore.sol#L85    for (uint256 _i = 0; _i < _permissionIndexes.length; _i++) 
/contracts/JBOperatorStore.sol#L135     for (uint256 _i = 0; _i < _operatorData.length; _i++) 
/contracts/JBOperatorStore.sol#L165    for (uint256 _i = 0; _i < _indexes.length; _i++) 
/contracts/JBDirectory.sol#L139    for (uint256 _i; _i < _terminalsOf[_projectId].length; _i++) 
/contracts/JBDirectory.sol#L167     for (uint256 _i; _i < _terminalsOf[_projectId].length; _i++)
/contracts/JBDirectory.sol#L275       for (uint256 _i; _i < _terminals.length; _i++)
/contracts/JBDirectory.sol#L276         for (uint256 _j = _i + 1; _j < _terminals.length; _j++)
  1. change uint256 i = 0 into uint i for saving more gas

using this implementation can saving more gas for each loops.

/contracts/JBOperatorStore.sol#L85    for (uint256 _i = 0; _i < _permissionIndexes.length; _i++) 
/contracts/JBOperatorStore.sol#L135     for (uint256 _i = 0; _i < _operatorData.length; _i++) 
/contracts/JBOperatorStore.sol#L165    for (uint256 _i = 0; _i < _indexes.length; _i++)
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter