Back to RoiEvenHaim's contests

Y2k Finance contest - RoiEvenHaim's results

A suite of structured products for assessing pegged asset risk.

General Information

Platform: Code4rena

Start Date: 14/09/2022

Pot Size: $50,000 USDC

Total HM: 25

Participants: 110

Period: 5 days

Judge: hickuphh3

Total Solo HM: 9

Id: 162

League: ETH

Y2k Finance

Findings Distribution

Researcher Performance

Rank: 95/110

Findings: 1

Award: $16.18

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryY2k Finance

Findings Information

🌟 Selected for report: pfapostol

Also found by: 0x040, 0x1f8b, 0x4non, 0xNazgul, 0xSmartContract, 0xc0ffEE, 0xkatana, Aymen0909, Bnke0x0, Deivitto, Diana, JAGADESH, KIntern_NA, Lambda, MiloTruck, R2, RaymondFam, Respx, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, Ruhum, Saintcode_, Samatak, Sm4rty, SnowMan, Tomio, Tomo, WilliamAmbrozic, _Adam, __141345__, ajtra, ak1, async, c3phas, ch0bu, cryptostellar5, d3e4, delfin454000, dharma09, djxploit, durianSausage, eierina, erictee, fatherOfBlocks, gianganhnguyen, gogo, ignacio, imare, jag, jonatascm, leosathya, lukris02, malinariy, oyc_109, pashov, pauliax, peanuts, peiw, prasantgupta52, robee, rokinot, rotcivegaf, rvierdiiev, seyni, simon135, slowmoses, sryysryy, tnevler, zishansami

Awards

16.1756 USDC - $16.18

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Gas optimization

Don't Initialize Variables with Default Value

Examples:

2022-09-y2k-finance\src\Vault.sol::443 => for (uint256 i = 0; i < epochsLength(); i++) {

Cache Array Length Outside of Loop

Examples:

2022-09-y2k-finance\src\Controller.sol::86 => vaultsAddress.length != VAULTS_LENGTH
2022-09-y2k-finance\src\Controller.sol::200 => vaultFactory.getVaults(marketIndex).length != VAULTS_LENGTH)
2022-09-y2k-finance\src\Vault.sol::355 => solhint-disable-next-line max-line-length
2022-09-y2k-finance\src\Vault.sol::428 => /** @notice Lookup total epochs length
2022-09-y2k-finance\src\Vault.sol::431 => return epochs.length;

Use != 0 instead of > 0 for Unsigned Integer Comparison

Examples:

2022-09-y2k-finance\src\Vault.sol::187 => require(msg.value > 0, "ZeroValue");
2022-09-y2k-finance\src\oracles\PegOracle.sol::98 => require(price1 > 0, "Chainlink price <= 0");
2022-09-y2k-finance\src\oracles\PegOracle.sol::121 => require(price2 > 0, "Chainlink price <= 0");
2022-09-y2k-finance\src\rewards\StakingRewards.sol::119 => require(amount > 0, "Cannot withdraw 0");
2022-09-y2k-finance\src\rewards\StakingRewards.sol::134 => if (reward > 0) {

Use immutable for OpenZeppelin AccessControl's Roles Declarations

Examples:

2022-09-y2k-finance\src\Controller.sol::179 => keccak256(
2022-09-y2k-finance\src\Controller.sol::235 => keccak256(
2022-09-y2k-finance\src\Vault.sol::388 => keccak256(abi.encodePacked(symbol)) ==
2022-09-y2k-finance\src\Vault.sol::389 => keccak256(abi.encodePacked("rY2K"))
2022-09-y2k-finance\src\VaultFactory.sol::278 => keccak256(abi.encodePacked(_marketVault.index, _marketVault.epochBegin, _marketVault.epochEnd)),
2022-09-y2k-finance\src\rewards\RewardsFactory.sol::118 => bytes32 hashedIndex = keccak256(abi.encode(_marketIndex, _epochEnd));
2022-09-y2k-finance\src\rewards\RewardsFactory.sol::125 => keccak256(
2022-09-y2k-finance\src\rewards\RewardsFactory.sol::150 => return keccak256(abi.encode(_index, _epoch));

Long Revert Strings

Examples:

2022-09-y2k-finance\src\oracles\PegOracle.sol::23 => require(_oracle1 != address(0), "oracle1 cannot be the zero address");
2022-09-y2k-finance\src\oracles\PegOracle.sol::24 => require(_oracle2 != address(0), "oracle2 cannot be the zero address");

Use Prefix Increment instead of Postfix Increment if possible

Examples:

2022-09-y2k-finance\src\Vault.sol::443 => for (uint256 i = 0; i < epochsLength(); i++) {
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter