Platform: Code4rena
Start Date: 14/06/2022
Pot Size: $50,000 USDC
Total HM: 19
Participants: 99
Period: 5 days
Judge: HardlyDifficult
Total Solo HM: 4
Id: 136
League: ETH
Rank: 55/99
Findings: 2
Award: $80.57
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: joestakey
Also found by: 0x1f8b, 0x29A, 0x52, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 0xkowloon, 0xmint, 8olidity, BowTiedWardens, Chom, Cityscape, Czar102, ElKu, FSchmoede, Funen, GimelSec, GreyArt, IllIllI, KIntern, Kaiziron, Kenshin, Lambda, MadWookie, MiloTruck, PPrieditis, Picodes, Ruhum, Sm4rty, StErMi, TerrierLover, TomJ, Treasure-Seeker, VAD37, WatchPug, Wayne, _Adam, a12jmx, abhinavmir, antonttc, apostle0x01, asutorufos, berndartmueller, cccz, cloudjunky, codexploder, cryptphi, csanuragjain, defsec, delfin454000, fatherOfBlocks, georgypetrov, hake, hansfriese, horsefacts, hyh, k, kenta, nxrblsrpr, oyc_109, peritoflores, rajatbeladiya, reassor, rfa, robee, sach1r0, saian, samruna, shenwilly, simon135, sorrynotsorry, sseefried, throttle, unforgiven, wagmi, zzzitron
48.9769 USDC - $48.98
[NC - 01] InfinityToken: what is the used of EPOCH_CLIFF ?
EPOCH_CLIFF and EPOCH_DURATION are used in the same way, therefore either one should be removed, either comments should be clearer on their intended usage.

Especially EPOCH_CLIFF looks currently useless, unless it is intended to be larger than EPOCH_DURATION ? But in this case why not just increasing EPOCH_DURATION ?
#0 - HardlyDifficult
2022-07-12T07:56:55Z
🌟 Selected for report: IllIllI
Also found by: 0v3rf10w, 0x1f8b, 0x29A, 0xAsm0d3us, 0xDjango, 0xKitsune, 0xNazgul, 0xf15ers, 0xkatana, 0xkowloon, BowTiedWardens, Chom, ElKu, FSchmoede, Funen, GimelSec, Kaiziron, Kenshin, Lambda, MadWookie, MiloTruck, PPrieditis, Picodes, PwnedNoMore, StErMi, Tadashi, TerrierLover, TomJ, Tomio, Wayne, Waze, _Adam, antonttc, apostle0x01, asutorufos, c3phas, codexploder, defsec, delfin454000, fatherOfBlocks, hake, hansfriese, hyh, joestakey, k, kenta, oyc_109, peritoflores, reassor, rfa, robee, sach1r0, simon135, slywaters, zer0dot
31.5862 USDC - $31.59
4 gas optimizations issues found.
[GAS - 01] InfinityToken: EPOCH_CLIFF is useless
EPOCH_CLIFF and EPOCH_DURATION are used for the same purpose and EPOCH_CLIFF could easily be removed to save gas.
[GAS - 02] InfinityStaker: no need to use SafeERC20
The SafeERC2O library is intended to be used when you don’t know if transfers will revert of return a boolean. In the case of this contract, the token is perfectly known as it’s supposed to be INFINITY_TOKEN, so you don’t need this and can save gas by removing this library.
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L16 https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L74
[GAS - 03] InfinityStaker: useless balance checks
This line is useless as the transferFrom will revert anyway. So you could save gas by removing the require and the external call to balanceOf.
Why it’d revert: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/83277ff916ac4f58fec072b8f28a252c1245c2f1/contracts/token/ERC20/ERC20.sol#L237
[GAS - 04] Useless nonReentrant modifiers
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L67
Here there is only one external call, which is even not really external as it’s you own token, so the nonReentrant modifier is useless.
That being say, it’d be a better practice to modify the state after the transfer has been done.
#0 - nneverlander
2022-06-22T17:36:36Z
Thanks