Platform: Code4rena
Start Date: 28/04/2022
Pot Size: $50,000 USDC
Total HM: 7
Participants: 43
Period: 5 days
Judge: gzeon
Total Solo HM: 2
Id: 115
League: ETH
Rank: 27/43
Findings: 2
Award: $140.08
π Selected for report: 0
π Solo Findings: 0
π Selected for report: Dravee
Also found by: 0x1f8b, 0x4non, 0x52, 0xDjango, AlleyCat, Funen, GalloDaSballo, GimelSec, Hawkeye, MaratCerby, Picodes, berndartmueller, cccz, defsec, delfin454000, dipp, hyh, ilan, joestakey, kebabsec, luduvigo, pauliax, peritoflores, robee, rotcivegaf, samruna, shenwilly, sikorico, simon135, sorrynotsorry, unforgiven, z3s
89.0354 USDC - $89.04
Itβs better to use the trusted 3rd party library SafeERC20 to check the return value of transfer.
liquidityMining/v2/VotingMinerV2.sol 44: require(_a.mimo().transfer(_user, pendingMIMO), "LM100"); 47: require(_par.transfer(_user, pendingPAR), "LM100"); liquidityMining/v2/GenericMinerV2.sol 220: require(_a.mimo().transfer(_user, pendingMIMO), "LM100"); 223: require(_par.transfer(_user, pendingPAR), "LM100"); liquidityMining/v2/PARMinerV2.sol 320: require(_par.transfer(_user, pendingPAR), "LM100"); 323: require(_a.mimo().transfer(_user, pendingMIMO), "LM100");
vim
Use SafeERC20 rather than checking manually. https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/utils/SafeERC20.sol
51.0404 USDC - $51.04
++i rather than i++In for loops, using ++i rather than i++ to save gas.
core/contracts/inception/AdminInceptionVault.sol 108: for (uint8 i = 1; i < _collateralCount + 1; i++) { core/contracts/dex/DexAddressProvider.sol 16: for (uint256 i; i < dexes.length; i++) {
Use ++i rather than i++ to save gas.