Back to Rohan16's contests

Yield Witch v2 contest - Rohan16's results

Fixed-rate borrowing and lending on Ethereum

General Information

Platform: Code4rena

Start Date: 14/07/2022

Pot Size: $25,000 USDC

Total HM: 2

Participants: 63

Period: 3 days

Judge: PierrickGT

Total Solo HM: 1

Id: 147

League: ETH

Yield

Findings Distribution

Researcher Performance

Rank: 59/63

Findings: 1

Award: $16.88

🌟 Selected for report: 0

πŸš€ Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryYield

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x1f8b, 0x29A, 0xKitsune, 0xNazgul, Aymen0909, Chom, Deivitto, ElKu, JC, JohnSmith, Kaiziron, Limbooo, MadWookie, Meera, ReyAdmirado, Rohan16, Sm4rty, SooYa, TomJ, Trumpero, Waze, __141345__, ajtra, ak1, antonttc, bulej93, c3phas, cRat1st0s, csanuragjain, defsec, durianSausage, fatherOfBlocks, gogo, hake, hickuphh3, ignacio, joestakey, karanctf, kyteg, m_Rassska, pashov, rajatbeladiya, rbserver, robee, rokinot, samruna, sashik_eth, simon135, tofunmi

Awards

16.8778 USDC - $16.88

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

1. USE CUSTOM ERRORS RATHER THAN REVERT()/REQUIRE() STRINGS TO SAVE DEPLOYMENT GAS

Custom errors are available from solidity version 0.8.4. The instances below match or exceed that version

Instances

//Links to githubfile https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L84 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L102 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L103 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L108 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L189 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L200 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L255 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L256 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L300 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L313 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L328 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L358 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L365 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L395 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L416

//actual codes which shows the use.
contracts/Witch.sol:84:        require(param == "ladle", "Unrecognized");
contracts/Witch.sol:102:        require(initialOffer <= 1e18, "InitialOffer above 100%");
contracts/Witch.sol:103:        require(proportion <= 1e18, "Proportion above 100%");
contracts/Witch.sol:108:        require(proportion >= 0.01e18, "Proportion below 1%");
contracts/Witch.sol:189:        require(cauldron.level(vaultId) < 0, "Not undercollateralized");
contracts/Witch.sol:200:        require(limits_.sum <= limits_.max, "Collateral limit reached");
contracts/Witch.sol:255:        require(auction_.start > 0, "Vault not under auction");
contracts/Witch.sol:256:        require(cauldron.level(vaultId) >= 0, "Undercollateralized");
contracts/Witch.sol:300:        require(auction_.start > 0, "Vault not under auction");
contracts/Witch.sol:313:        require(liquidatorCut >= minInkOut, "Not enough bought");
contracts/Witch.sol:328:            require(baseJoin != IJoin(address(0)), "Join not found");
contracts/Witch.sol:358:        require(auction_.start > 0, "Vault not under auction");
contracts/Witch.sol:365:        require(liquidatorCut >= minInkOut, "Not enough bought");
contracts/Witch.sol:395:            require(ilkJoin != IJoin(address(0)), "Join not found");
contracts/Witch.sol:416:        require(auction_.start > 0, "Vault not under auction");

2. Use !=0 instead of >0 for UINT

0 is less efficient than != 0 for unsigned integers (with proof) != 0 costs less gas compared to > 0 for unsigned integers in require statements with the optimizer enabled (6 gas) Proof: While it may seem that > 0 is cheaper than !=, this is only true without the optimizer enabled and outside a require statement. If you enable the optimizer at 10k AND you’re in a require statement, this will save gas. You can see this tweet for more proofs:

Instances

//Links to githubfile https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L255 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L300 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L358 https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L416

//actual codes

contracts/Witch.sol:255:        require(auction_.start > 0, "Vault not under auction");
contracts/Witch.sol:300:        require(auction_.start > 0, "Vault not under auction");
contracts/Witch.sol:358:        require(auction_.start > 0, "Vault not under auction");
contracts/Witch.sol:416:        require(auction_.start > 0, "Vault not under auction");
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax Β© 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter