Platform: Code4rena
Start Date: 03/05/2022
Pot Size: $30,000 USDC
Total HM: 6
Participants: 93
Period: 3 days
Judge: gzeon
Id: 118
League: ETH
Rank: 72/93
Findings: 2
Award: $45.73
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: defsec
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0x52, 0xDjango, 0xf15ers, 0xkatana, 0xliumin, AuditsAreUS, BowTiedWardens, CertoraInc, Cr4ckM3, Funen, GimelSec, Hawkeye, IllIllI, Kulk0, M0ndoHEHE, MaratCerby, Picodes, Ruhum, TerrierLover, TrungOre, VAD37, WatchPug, berndartmueller, broccolirob, catchup, cccz, cryptphi, csanuragjain, delfin454000, dirk_y, eccentricexit, ellahi, fatherOfBlocks, gzeon, hake, hansfriese, hickuphh3, horsefacts, hubble, hyh, ilan, joestakey, kebabsec, kenta, kenzo, leastwood, m9800, marximimus, minhquanym, oyc_109, p4st13r4, pauliax, pedroais, peritoflores, plotchy, rajatbeladiya, reassor, rfa, robee, rotcivegaf, samruna, shenwilly, shung, simon135, sorrynotsorry, sseefried, teddav, throttle, tintin, unforgiven, z3s
30.2759 USDC - $30.28
selfRefundsStartTime can be set by the owner using the function setSelfRefundsStartTime. if the self refund is enabled during the bidSummon phase, it would be possible to mint using bidSummon and subsequentely call selfRefund to get full mint price refund.
do not enable self refund when bidSummon phase is in place.
🌟 Selected for report: BowTiedWardens
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xProf, 0xc0ffEE, 0xf15ers, 0xkatana, 0xliumin, ACai, AlleyCat, CertoraInc, Cityscape, Cr4ckM3, DavidGialdi, Dinddle, FSchmoede, Funen, GimelSec, Hawkeye, IllIllI, Kulk0, M0ndoHEHE, MaratCerby, MiloTruck, Picodes, RoiEvenHaim, Tadashi, TerrierLover, TrungOre, VAD37, WatchPug, antonttc, catchup, defsec, delfin454000, dirk_y, eccentricexit, ellahi, fatherOfBlocks, gzeon, hake, hansfriese, hickuphh3, horsefacts, ilan, joestakey, kebabsec, kenta, kenzo, marximimus, minhquanym, noobie, oyc_109, p4st13r4, pauliax, rajatbeladiya, reassor, rfa, robee, rotcivegaf, saian, samruna, shenwilly, shung, simon135, slywaters, sorrynotsorry, throttle, unforgiven, z3s
15.4505 USDC - $15.45
Timestamps used in ForgottenRunesWarriorsMinter.sol (daStartTime, mintlistStartTime, publicStartTime) don't require uint256, so it could be save some gas while performing operations using smaller storage types like uint32 or uint64.
Example ForgottenRunesWarriorsMinter.sol Line 17:
uint32 public daStartTime = 0xffffffff; /// @notice The start timestamp for mintlisters /// @dev This is the end of DA phase. No more DA bids when this is hit uint32 public mintlistStartTime = 0xffffffff; /// @notice The start timestamp for the public sale uint32 public publicStartTime = 0xffffffff;
If it possible to compile contracts with solc >=0.8.4 consider using Custom Errors as they are more gas efficient while allowing developers to describe the error in detail using NatSpec or error codes.
Since there is no risk for overflow, it is possible to use "unchecked {}" blocks to increment round variables. Example ForgottenRunesWarriorsMinter.sol Line 162:
/* it is safe to rewrite as */ for (uint256 i = 0; i < numWarriors; ) { _mint(msg.sender); unchecked { i++; } }
same for the other for loops: