Platform: Code4rena
Start Date: 20/09/2022
Pot Size: $100,000 USDC
Total HM: 4
Participants: 109
Period: 7 days
Judge: GalloDaSballo
Id: 163
League: ETH
Rank: 105/109
Findings: 1
Award: $55.20
๐ Selected for report: 0
๐ Solo Findings: 0
๐ Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0x52, 0x5rings, 0xNazgul, 0xRobocop, 0xSmartContract, 0xdeadbeef, 0xsanson, 8olidity, Amithuddar, Aymen0909, B2, B353N, CertoraInc, Ch_301, Chom, CodingNameKiki, Deivitto, ElKu, Funen, JC, JohnnyTime, Kresh, Lambda, Noah3o6, RaymondFam, ReyAdmirado, RockingMiles, Rolezn, Sm4rty, SuldaanBeegsi, Tadashi, TomJ, Tomio, V_B, Waze, __141345__, a12jmx, ak1, arcoun, asutorufos, aviggiano, berndartmueller, bharg4v, bin2chen, brgltd, bulej93, c3phas, catchup, cccz, ch0bu, cryptonue, cryptphi, csanuragjain, delfin454000, devtooligan, djxploit, durianSausage, eighty, erictee, exd0tpy, fatherOfBlocks, giovannidisiena, hansfriese, ignacio, joestakey, ladboy233, lukris02, m9800, malinariy, martin, minhtrng, obront, oyc_109, pedr02b2, pedroais, pfapostol, philogy, prasantgupta52, rbserver, ronnyx2017, rotcivegaf, rvierdiiev, sach1r0, shung, simon135, throttle, tnevler, tonisives, wagmi, yixxas, zkhorse, zzykxx, zzzitron
55.1985 USDC - $55.20
To improve algorithm precision instead using division in comparison use multiplication in the following scenario:
Instead a < b / c use a * c < b.
In all of the big and trusted contracts this rule is maintained.
Pages.sol, 248, if (newNumMintedForCommunity > ((lastMintedPageId = currentId) + numPages) / 10) revert ReserveImbalance();
Some fee parameters of functions are not checked for invalid values. Validate the parameters:
ChainlinkV1RandProvider.constructor (_chainlinkFee) DeployBase.s.constructor (_chainlinkFee)
external / public functions parameters should be validated to make sure the address is not 0. Otherwise if not given the right input it can mistakenly lead to loss of user funds.
GobblersERC721.sol.safeTransferFrom from GobblersERC721.sol.safeTransferFrom to GobblersERC1155B.sol.setApprovalForAll operator Goo.sol.burnForPages from PagesERC721.sol.safeTransferFrom to GobblerReserve.sol.withdraw to PagesERC721.sol.setApprovalForAll operator GobblersERC721.sol.approve spender GobblersERC721.sol.setApprovalForAll operator Goo.sol.burnForGobblers from PagesERC721.sol.approve spender PagesERC721.sol.transferFrom to Goo.sol.mintForGobblers to
Users can mistakenly think that the return value is the named return, but it is actually the actualreturn statement that comes after. To know that the user needs to read the code and is confusing. Furthermore, removing either the actual return or the named return will save gas.
PagesERC721.sol, isApprovedForAll GobblersERC1155B.sol, ownerOf ChainlinkV1RandProvider.sol, requestRandomBytes
Transferring tokens to the zero address is usually prohibited to accidentally avoid "burning" tokens by sending them to an unrecoverable zero address.
https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/PagesERC721.sol#L148 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/GobblersERC721.sol#L171 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/PagesERC721.sol#L124 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/GobblersERC721.sol#L189 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/GobblerReserve.sol#L38 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/GobblersERC721.sol#L135 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/PagesERC721.sol#L186
To give more trust to users: functions that set key/critical variables should be put behind a timelock.
https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/GobblersERC721.sol#L102 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/GobblersERC1155B.sol#L79 https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/PagesERC721.sol#L92
use openzeppilin's safeCast in:
https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/Pages.sol#L239 : unsafe cast uint128(numPages) https://github.com/code-423n4/2022-09-artgobblers/tree/main/src/utils/token/GobblersERC721.sol#L174 : unsafe cast uint32(amount)
Need to use safeTransfer instead of transfer. As there are popular tokens, such as USDT that transfer/trasnferFrom method doesnโt return anything. The transfer return value has to be checked (as there are some other tokens that returns false instead revert), that means you must
GobblerReserve.sol, 38 (withdraw), artGobblers.transferFrom(address(this), to, ids[i]);
#0 - GalloDaSballo
2022-10-06T00:29:45Z
Robee?
Disagree with this one, please provide a refactoring of the specific code, not the generic example
L
R
R (cannot overflow)
It's not an ERC20, ignoring
#1 - GalloDaSballo
2022-10-14T00:00:24Z
1L 2R