Platform: Code4rena
Start Date: 01/08/2022
Pot Size: $50,000 USDC
Total HM: 26
Participants: 133
Period: 5 days
Judge: Jack the Pug
Total Solo HM: 6
Id: 151
League: ETH
Rank: 92/133
Findings: 2
Award: $62.34
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: Lambda
Also found by: 0x1f8b, 0x52, 0xA5DF, 0xNazgul, 0xNineDec, 0xSmartContract, 0xSolus, 0xf15ers, 0xkatana, 0xsolstars, 8olidity, Aymen0909, Bahurum, Bnke0x0, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, Extropy, Funen, GalloDaSballo, Guardian, IllIllI, JC, Jujic, MEP, Noah3o6, ReyAdmirado, Rohan16, Rolezn, Ruhum, Sm4rty, SooYa, Soosh, Throne6g, TomJ, Tomio, TrungOre, Waze, Yiko, _Adam, __141345__, a12jmx, ajtra, ak1, arcoun, asutorufos, ayeslick, benbaessler, berndartmueller, bin2chen, bobirichman, brgltd, bulej93, byndooa, c3phas, codexploder, cryptonue, cryptphi, defsec, delfin454000, dipp, djxploit, erictee, exd0tpy, fatherOfBlocks, gogo, hake, hansfriese, horsefacts, hyh, ignacio, indijanc, joestakey, kaden, mics, minhquanym, neumo, obront, oyc_109, p_crypt0, pfapostol, poirots, rbserver, robee, rokinot, rotcivegaf, sach1r0, saian, samruna, saneryee, scaraven, sikorico, simon135, sseefried, supernova
40.621 USDC - $40.62
-> USE SAFEMINT() INSTEAD OF MINT()
->USE A MORE RECENT VERSION OF SOLIDITY
Use a solidity version of at least 0.8.10 to have external calls skip contract existence checks if the external call has a return value
🌟 Selected for report: c3phas
Also found by: 0x040, 0x1f8b, 0xA5DF, 0xNazgul, 0xSmartContract, 0xSolus, 0xc0ffEE, 0xkatana, 0xsam, 8olidity, Aymen0909, Bnke0x0, CertoraInc, Chinmay, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, Extropy, Fitraldys, Funen, GalloDaSballo, Guardian, IllIllI, JC, Lambda, MEP, Metatron, MiloTruck, Noah3o6, NoamYakov, PaludoX0, ReyAdmirado, Rohan16, Rolezn, Ruhum, Sm4rty, SooYa, TomJ, Tomio, Waze, _Adam, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, ballx, benbaessler, bharg4v, bobirichman, brgltd, cryptonue, defsec, delfin454000, dharma09, djxploit, durianSausage, eierina, erictee, fatherOfBlocks, gerdusx, gogo, hake, hyh, ignacio, jag, kaden, kyteg, lucacez, mics, minhquanym, oyc_109, pfapostol, rbserver, ret2basic, robee, rokinot, sach1r0, saian, samruna, scaraven, sikorico, simon135, supernova, teddav, tofunmi, zeesaw
21.7223 USDC - $21.72
->X = X + Y IS CHEAPER THAN X += Y (ALSO X= X - Y IS CHEAPER THAN X -= Y)
https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=be%20re%2Dused.-,hashChangeNonce%20%2B%3D%201%3B,-emit%20HashUpdated(_hash https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=local%20task%20counter.-,_taskCount%20%2B%3D%201%3B,-//%20Check%20task%20cost https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=be%20re%2Dused.-,hashChangeNonce%20%2B%3D%201%3B,-emit%20TaskHashUpdated(_taskID https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=totalAllocated%20%2B%3D%20_newCost%20%2D%20_taskCost%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=totalAllocated%20%2D%3D%20_taskCost%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=cost%20from%20_costToAllocate-,_costToAllocate%20%2D%3D%20_taskCost%3B,//%20Mark%20the%20task%20as%20allocated,-tasks%5B_changeOrderedTask%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=_cost%20%2B%3D%20tasks%5B_taskID%5D.cost%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=totalLent%20%2D%3D%20_amount%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Community.sol#:~:text=.totalLent%20%2B%3D%20_amountToProject%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Community.sol#:~:text=.lentAmount%20%2B%3D%20_lendingAmount%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/libraries/SignatureDecoder.sol#:~:text=%3C%2027)%20%7B-,v%20%2B%3D%2027%3B,-%7D
-> ++i costs less gas compared to i++ or i += 1 (Also --i costs less gas compared to i--- or i -= 1)
https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-_replaceImplementation(_contractNames%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-_generateProxy(allContractNames%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-_generateProxy(allContractNames%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-_replaceImplementation(_contractNames%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-//%20Increment%20local%20task https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-_inviteSC(_taskList%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B)%20%7B,-tasks%5B_taskList%5Bi https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=_taskID%20%3C%3D%20_length%3B-,_taskID%2B%2B)%20%7B,-require(tasks%5B_taskID https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=_changeOrderedTask.length%3B-,i%2B%2B)%20%7B,-//%20Local%20instance%20of https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=%3D%20_changeOrderedTask%5Bi%5D%3B-,//%20Increment%20loop%20counter,_loopCount%2B%2B%3B,-%7D https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=j%20%3C%3D%20taskCount%3B-,j%2B%2B)%20%7B,-//%20Local%20instance%20of https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=_loopCount%5D%20%3D%20j%3B-,//%20Increment%20loop%20counter,_loopCount%2B%2B%3B,-%7D https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=_taskID%20%3C%3D%20_length%3B-,_taskID%2B%2B)%20%7B,-_cost%20%2B%3D%20tasks https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Community.sol#:~:text=Increment%20community%20counter-,communityCount%2B%2B%3B,-//%20Store%20community%20details https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Community.sol#:~:text=_communities%5B_communityID%5D.memberCount%3B-,i%2B%2B)%20%7B,-_members%5Bi%5D https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/libraries/Tasks.sol#:~:text=i%20%3C%20_length%3B-,i%2B%2B),-_alerts%5Bi%5D
->SPLITTING REQUIRE() STATEMENTS THAT USE && SAVES GAS
https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Disputes.sol#:~:text=uint256%20_disputeID)%20%7B-,require(,)%3B,-_%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Disputes.sol#:~:text=_actionType%20is%20invalid-,require(,)%3B,-//%20Store%20dispute%20details https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Disputes.sol#:~:text=emit%20DisputeRaised(-,disputeCount%2B%2B,-%2C%20_reason)%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Community.sol#:~:text=is%20already%20lent-,require(,)%3B,-//%20Store%20updated%20detail
-> USAGE OF UINTS/INTS SMALLER THAN 32 BYTES (256 BITS) INCURS OVERHEAD
https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/DebtToken.sol#:~:text=memory%20symbol_%2C-,uint8,-decimals_ https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=upgradable%20contracts%20initials-,bytes2%5B%5D,-public%20allContractNames%3B https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=function%20upgradeMultipleImplementations(-,bytes2%5B%5D,-calldata%20_contractNames%2C https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Disputes.sol#:~:text=uint256%20_taskID%2C-,uint8%20_actionType%2C,-bytes%20memory%20_actionData https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Disputes.sol#:~:text=%26%26%20_actionType%20%3C%3D-,uint8,-(ActionType.TaskPay)%2C https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Disputes.sol#:~:text=%2C%20uint256%2C-,uint8,-%2C%20bytes%2C https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/HomeFiProxy.sol#:~:text=function%20_replaceImplementation(-,bytes2,-_contractName%2C https://github.com/code-423n4/2022-08-rigor/blob/b17b2a11d04289f9e927c71703b42771dd7b86a4/contracts/Project.sol#:~:text=%2C%20uint256%2C-,uint8%2C,-bytes%2C%20bytes
->USING > 0 COSTS MORE GAS THAN != 0 WHEN USED ON A UINT IN A REQUIRE() STATEMENT