Back to MaratCerby's contests

Badger Citadel contest - MaratCerby's results

Bringing BTC to DeFi

General Information

Platform: Code4rena

Start Date: 14/04/2022

Pot Size: $75,000 USDC

Total HM: 8

Participants: 72

Period: 7 days

Judge: Jack the Pug

Total Solo HM: 2

Id: 110

League: ETH

BadgerDAO

Findings Distribution

Researcher Performance

Rank: 28/72

Findings: 3

Award: $327.66

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryBadgerDAO

Findings Information

🌟 Selected for report: Ruhum

Also found by: 0xBug, 0xDjango, IllIllI, MaratCerby, TrungOre, danb, hyh, m9800, minhquanym, pedroais, remora, shenwilly

Labels

bug
duplicate
2 (Med Risk)
sponsor confirmed

Awards

184.248 USDC - $184.25

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L202

Vulnerability details

Impact

getAmountOut returns 0 if funding.discount equals zero Where actually it should be non-zero valie

Proof of Concept

https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L202

Tools Used

Use the following version

    function getAmountOut(uint256 _assetAmountIn)
        public
        view
        returns (uint256 citadelAmount_)
    {
        uint256 citadelAmountWithoutDiscount = _assetAmountIn * citadelPriceInAsset;
        citadelAmount_ = citadelAmountWithoutDiscount;

        if (funding.discount > 0) {
            citadelAmount_ =
                (citadelAmountWithoutDiscount * MAX_BPS) /
                (MAX_BPS - funding.discount);
        }

        citadelAmount_ = citadelAmount_ / assetDecimalsNormalizationValue;
    }```

#0 - dapp-whisperer

2022-04-16T13:26:20Z

valid, fixed in PR

#1 - jack-the-pug

2022-05-29T07:12:27Z

Dup #149

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xkatana, AmitN, CertoraInc, Dravee, Funen, Hawkeye, Jujic, MaratCerby, Picodes, Ruhum, SolidityScan, TerrierLover, TomFrenchBlockchain, TrungOre, VAD37, Yiko, berndartmueller, cmichel, csanuragjain, danb, defsec, delfin454000, dipp, ellahi, fatherOfBlocks, georgypetrov, gs8nrv, gzeon, horsefacts, hubble, hyh, ilan, jah, joestakey, kebabsec, kenta, kyliek, m9800, minhquanym, oyc_109, p_crypt0, peritoflores, rayn, reassor, remora, rfa, robee, scaraven, securerodd, shenwilly, sorrynotsorry, tchkvsky, teryanarmen, z3s

Awards

91.3652 USDC - $91.37

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue

https://github.com/code-423n4/2022-04-badger-citadel/blob/main/src/StakedCitadel.sol

  • Line908: uint256 management_fee = managementFee > 0 ? (managementFee * (balance() - _harvestedAmount) * duration) / SECS_PER_YEAR / MAX_BPS : 0;

Double division may lead to rounding errors in calculation. Recommended to use a single division: uint256 management_fee = managementFee > 0 ? (managementFee * (balance() - _harvestedAmount) * duration) / (SECS_PER_YEAR * MAX_BPS) : 0;

Findings Information

🌟 Selected for report: Dravee

Also found by: 0v3rf10w, 0x1f8b, 0xAsm0d3us, 0xBug, 0xDjango, 0xNazgul, 0xkatana, CertoraInc, Cityscape, Funen, Hawkeye, IllIllI, MaratCerby, SolidityScan, TerrierLover, TomFrenchBlockchain, Tomio, TrungOre, bae11, berndartmueller, csanuragjain, defsec, delfin454000, ellahi, fatherOfBlocks, gs8nrv, gzeon, horsefacts, ilan, jah, joestakey, joshie, kebabsec, kenta, nahnah, oyc_109, rayn, rfa, robee, saian, securerodd, simon135, slywaters, sorrynotsorry, tchkvsky, teryanarmen, z3s

Awards

52.043 USDC - $52.04

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L116 require(_gac != address(0), "address 0 invalid");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error GacEqualsZeroAddress(); ... if (_gac == address(0)) { revert GacEqualsZeroAddress(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L117 require(_citadelToken != address(0), "address 0 invalid");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelTokenEqualsZeroAddress(); ... if (_citadelToken == address(0)) { revert CitadelTokenEqualsZeroAddress(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L118 require(_xCitadel != address(0), "address 0 invalid");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error XCitadelEqualsZeroAddress(); .. if (_xCitadel == address(0)) { revert XCitadelEqualsZeroAddress(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L119 require(_xCitadelLocker != address(0), "address 0 invalid");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error XCitadelLockerEqualsZeroAddress(); .. if (_xCitadelLocker == address(0)) { revert XCitadelLockerEqualsZeroAddress(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L120 require(_supplySchedule != address(0), "address 0 invalid");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error SupplyScheduleEqualsZeroAddress(); .. if (_supplySchedule == address(0)) { revert SupplyScheduleEqualsZeroAddress(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L256-L259

require( address(_pool) != address(0), "CitadelMinter: address(0) check" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelMinterEqualsZeroAddress(); .. if (address(_pool) == address(0)) { revert CitadelMinterEqualsZeroAddress(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L272

require(_weight <= 10000, "exceed max funding pool weight");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error ExceedMaxFundingPoolWeight(); .. if (_weight > 10000) { revert ExceedMaxFundingPoolWeight(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L299-L302

require( _fundingBps + _stakingBps + _lockingBps == MAX_BPS, "CitadelMinter: Sum of propvalues must be 10000 bps" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelMinter_SumOfPropvaluesMustBe10000Bps(); .. if (_fundingBps + _stakingBps + _lockingBps != MAX_BPS) { revert CitadelMinter_SumOfPropvaluesMustBe10000Bps(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L319-L322

require( lastMintTimestamp == 0, "CitadelMinter: last mint timestamp already initialized" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L326-L329

require( globalStartTimestamp != 0, "CitadelMinter: supply schedule start not initialized" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelMinter_SupplyScheduleStartNotInitialized(); .. if (globalStartTimestamp == 0) { revert CitadelMinter_SupplyScheduleStartNotInitialized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L343

require(length > 0, "CitadelMinter: no funding pools");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelMinter_NoFundingPools(); .. if (length <= 0) { revert CitadelMinter_NoFundingPools(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L368-L371

require( fundingPools.remove(_pool), "CitadelMinter: funding pool does not exist for removal" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelMinter_FundingPoolDoesNotExistForRemoval(); .. if (!fundingPools.remove(_pool)) { revert CitadelMinter_FundingPoolDoesNotExistForRemoval(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/CitadelMinter.sol#L375-L378

require( fundingPools.add(_pool), "CitadelMinter: funding pool already exists" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelMinter_FundingPoolAlreadyExists(); .. if (!fundingPools.add(_pool)) { revert CitadelMinter_FundingPoolAlreadyExists(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L80-L83

require( msg.sender == citadelPriceInAssetOracle, "onlyCitadelPriceInAssetOracle" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error OnlyCitadelPriceInAssetOracle(); .. if (msg.sender != citadelPriceInAssetOracle) { revert OnlyCitadelPriceInAssetOracle(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L113-L116

require( _saleRecipient != address(0), "Funding: 0 sale" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_ZeroSale(); .. if (_saleRecipient == address(0)) { revert Funding_ZeroSale(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L117-L120

require( _citadelPriceInAssetOracle != address(0), "Funding: 0 oracle" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_ZeroOracle(); .. if (_citadelPriceInAssetOracle == address(0)) { revert Funding_ZeroOracle(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L146-L149

require( citadelPriceFlag == false, "Funding: citadel price from oracle flagged and pending review" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error FundingCitadelPriceFromOracleFlaggedAndPendingReview(); .. if (citadelPriceFlag == true) { revert FundingCitadelPriceFromOracleFlaggedAndPendingReview(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L170

require(_assetAmountIn > 0, "_assetAmountIn must not be 0");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error AssetAmountIn_MustNotBeZero(); .. if (_assetAmountIn == 0) { revert AssetAmountIn_MustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L171-L174

require( funding.assetCumulativeFunded + _assetAmountIn <= funding.assetCap, "asset funding cap exceeded" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_AssetCapExceeded(); .. if (funding.assetCumulativeFunded + _assetAmountIn > funding.assetCap) { revert Funding_AssetCapExceeded(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L178

require(citadelAmount_ >= _minCitadelOut, "minCitadelOut");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error MinCitadelOut(); .. if (citadelAmount_ < _minCitadelOut) { revert MinCitadelOut(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L270 require(_discount >= funding.minDiscount, "discount < minDiscount");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_DiscountIsSmallerThenMinDiscount(); .. if (_discount < funding.minDiscount) { revert Funding_DiscountIsSmallerThenMinDiscount(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L271

require(_discount <= funding.maxDiscount, "discount > maxDiscount");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_DiscountIsLargerThenMaxDiscount(); .. if (_discount > funding.maxDiscount) { revert Funding_DiscountIsLargerThenMaxDiscount(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L296-L299

require( _assetCap > funding.assetCumulativeFunded, "cannot decrease cap below global sum of assets in" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_CannotDecreaseCapBelowGlobalSumOfAssetsIn(); .. if (_assetCap <= funding.assetCumulativeFunded) { revert Funding_CannotDecreaseCapBelowGlobalSumOfAssetsIn(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L322

require(amount > 0, "nothing to sweep");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error NothingToSweep(); .. if (amount <= 0) { revert NothingToSweep(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L323-L326

require( _token != address(asset), "cannot sweep funding asset, use claimAssetToTreasury()" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CannotSweepFundingAsset(); .. if (_token == address(asset)) { revert CannotSweepFundingAsset(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L340

require(amount > 0, "nothing to claim");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error NothingToClaim(); .. if (amount <= 0) { revert NothingToClaim(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L361

require(_maxDiscount < MAX_BPS , "maxDiscount >= MAX_BPS");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error MaxDiscountIsBiggerOrEqualsMax_Bps(); .. if (_maxDiscount >= MAX_BPS) { revert MaxDiscountIsBiggerOrEqualsMax_Bps(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L388-L391

require( _saleRecipient != address(0), "Funding: sale recipient should not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error Funding_SaleRecipientShouldNotBeZero(); .. if (_saleRecipient == address(0)) { revert Funding_SaleRecipientShouldNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L424

require(_citadelPriceInAsset > 0, "citadel price must not be zero");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelPriceMustNotBeZero(); .. if (_citadelPriceInAsset == 0) { revert CitadelPriceMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L425

require(_valid, "oracle data must be valid");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error OracleDataMustBeValid(); .. if (!_valid) { revert OracleDataMustBeValid(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L452

require(_citadelPriceInAsset > 0, "citadel price must not be zero");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error CitadelPriceMustNotBeZero(); .. if (_citadelPriceInAsset == 0) { revert CitadelPriceMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/GlobalAccessControl.sol#L95

require(hasRole(PAUSER_ROLE, msg.sender), "PAUSER_ROLE");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error RequiresPauserRole(); .. if (!hasRole(PAUSER_ROLE, msg.sender)) { revert RequiresPauserRole(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/GlobalAccessControl.sol#L100

require(hasRole(UNPAUSER_ROLE, msg.sender), "UNPAUSER_ROLE");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error RequiresUnpauserRole(); .. if (!hasRole(UNPAUSER_ROLE, msg.sender)) { revert RequiresUnpauserRole(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/GlobalAccessControl.sol#L112-L115

require( hasRole(CONTRACT_GOVERNANCE_ROLE, msg.sender), "CONTRACT_GOVERNANCE_ROLE" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error RequiresContractGovernanceRole(); .. if (!hasRole(CONTRACT_GOVERNANCE_ROLE, msg.sender)) { revert RequiresContractGovernanceRole(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/GlobalAccessControl.sol#L116-L119

require( keccak256(bytes(roleString)) == role, "Role string and role do not match" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error RoleStringAndRoleDoNotMatch(); .. if (keccak256(bytes(roleString)) != role) { revert RoleStringAndRoleDoNotMatch(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L120-L123

require( _saleStart >= block.timestamp, "KnightingRound: start date may not be in the past" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_StartDateMayNotBeInThePast(); .. if (_saleStart < block.timestamp) { revert KnightingRound_StartDateMayNotBeInThePast(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L124-L127

require( _saleDuration > 0, "KnightingRound: the sale duration must not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_TheSaleDurationMustNotBeZero(); .. if (_saleDuration == 0) { revert KnightingRound_TheSaleDurationMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L128-L131

require( _tokenOutPrice > 0, "KnightingRound: the price must not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_ThePriceMustNotBeZero(); .. if (_tokenOutPrice == 0) { revert KnightingRound_ThePriceMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L132-L135

require( _saleRecipient != address(0), "KnightingRound: sale recipient should not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_SaleRecipientMustNotBeZero(); .. if (_saleRecipient == address(0)) { revert KnightingRound_SaleRecipientMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L167

require(saleStart <= block.timestamp, "KnightingRound: not started");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_NotStarted(); .. if (saleStart > block.timestamp) { revert KnightingRound_NotStarted(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L168-L171

require( block.timestamp < saleStart + saleDuration, "KnightingRound: already ended" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_AlreadyEnded(); .. if (block.timestamp >= saleStart + saleDuration) { revert KnightingRound_AlreadyEnded(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L172

require(_tokenInAmount > 0, "_tokenInAmount should be > 0");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error TokenInAmountShouldBeBiggerThanZero(); .. if (_tokenInAmount <= 0) { revert TokenInAmountShouldBeBiggerThanZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L173-L176

require( totalTokenIn + _tokenInAmount <= tokenInLimit, "total amount exceeded" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error TotalTokenInAmountExceeded(); .. if (totalTokenIn + _tokenInAmount > tokenInLimit) { revert TotalTokenInAmountExceeded(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L179

require(guestlist.authorized(msg.sender, _proof), "not authorized");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error GuestList_NotAuthorized(); .. if (!guestlist.authorized(msg.sender, _proof)) { revert GuestList_NotAuthorized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L185-L188

require( _daoId == daoVotedFor[msg.sender], "can't vote for multiple daos" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error DaoID_CannotVoteForMultipleDaos(); .. if (_daoId != daoVotedFor[msg.sender]) { revert DaoID_CannotVoteForMultipleDaos(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L210 require(finalized, "sale not finalized");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error SaleNotFinalized(); .. if (!finalized) { revert SaleNotFinalized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L211

require(!hasClaimed[msg.sender], "already claimed");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error AlreadyClaimed(); .. if (hasClaimed[msg.sender]) { revert AlreadyClaimed(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L215

require(tokenOutAmount_ > 0, "nothing to claim");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error NothingToClaim(); .. if (tokenOutAmount_ <= 0) { revert NothingToClaim(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L273

require(!finalized, "KnightingRound: already finalized");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_AlreadyFinalized(); .. if (finalized) { revert KnightingRound_AlreadyFinalized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L274

require(saleEnded(), "KnightingRound: not finished");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_NotFinished(); .. if (!saleEnded()) { revert KnightingRound_NotFinished(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L275-L278

require( tokenOut.balanceOf(address(this)) >= totalTokenOutBought, "KnightingRound: not enough balance" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_NotEnoughBalance(); .. if (tokenOut.balanceOf(address(this)) < totalTokenOutBought) { revert KnightingRound_NotEnoughBalance(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L293-L296

require( _saleStart >= block.timestamp, "KnightingRound: start date may not be in the past" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_StartDateMayNotBeInThePast(); .. if (_saleStart < block.timestamp) { revert KnightingRound_StartDateMayNotBeInThePast(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L297

require(!finalized, "KnightingRound: already finalized");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_AlreadyFinalized(); .. if (finalized) { revert KnightingRound_AlreadyFinalized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L312-L315

require( _saleDuration > 0, "KnightingRound: the sale duration must not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_TheSaleDurationMustNotBeZero(); .. if (_saleDuration == 0) { revert KnightingRound_TheSaleDurationMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L316

require(!finalized, "KnightingRound: already finalized");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_AlreadyFinalized(); .. if (finalized) { revert KnightingRound_AlreadyFinalized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L331-L334

require( _tokenOutPrice > 0, "KnightingRound: the price must not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_ThePriceMustNotBeZero(); .. if (_tokenOutPrice == 0) { revert KnightingRound_ThePriceMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L349-L352

require( _saleRecipient != address(0), "KnightingRound: sale recipient should not be zero" );

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_SaleRecipientMustNotBeZero(); .. if (_saleRecipient == address(0)) { revert KnightingRound_SaleRecipientMustNotBeZero(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L384

require(!finalized, "KnightingRound: already finalized");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error KnightingRound_AlreadyFinalized(); .. if (finalized) { revert KnightingRound_AlreadyFinalized(); }

Impact

As per 0.8.4 solidity version it supports new custom errors. Recommending to replace all require(something) to error LongErrorNameWithParameters(uint256 param1, uint256 param2); if (!something) { revert LongErrorNameWithParameters(param1, param2); }

Pros:

  • spends 30 gas less when the revert condition is not met and 250 gas otherwise.
  • reduces deployment costs
  • by removing string constant from contract, reduces contract size
  • improves readability by having a descriptive name of the error

Affected code: https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L411

require(amount > 0, "nothing to sweep");

Proof of Concept

https://blog.soliditylang.org/2021/04/21/custom-errors/

Tools Used

Recommended code: error NothingToSweep(); .. if (amount <= 0) { revert NothingToSweep(); }

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter