Platform: Code4rena
Start Date: 27/01/2022
Pot Size: $75,000 USDC
Total HM: 10
Participants: 26
Period: 7 days
Judge: pauliax
Total Solo HM: 5
Id: 81
League: ETH
Rank: 18/26
Findings: 2
Award: $333.62
🌟 Selected for report: 1
🚀 Solo Findings: 0
🌟 Selected for report: SolidityScan
323.1189 USDC - $323.12
SolidityScan
The value of totalSupply() at https://github.com/code-423n4/2022-01-notional/blob/main/contracts/sNOTE.sol#L260
does not check if the value of totalSupply is 0 or not and it is per
The return value for the function getPoolTokenShare can be invalid because if there's an error in the totalSupply() the code at Line 260 will evaluate to divide by zero creating inconsistencies in the function logic.
bptBalance * sNOTEAmountAdd a check if the value of totalSupply() is zero or not or some other edge cases that can cause inconsistencies.
#0 - pauliax
2022-02-14T14:48:35Z
Valid finding.
🌟 Selected for report: pauliax
Also found by: Jujic, ShippooorDAO, SolidityScan, WatchPug, gzeon, samruna, throttle
10.4991 USDC - $10.50
SolidityScan
Multiple variables were found to be declared but never used throughout the smart contract code. Having unused variables declared and unused cost unnecessary gas.
Smart Contracts are required to have effective Gas usage as they cost real money. Therefore each and every function and variable declaration should be monitored for ways to save Gas to make the code Gas efficient.
The below variables were defined but never used and hence can be removed.
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#16
liquidationEnabledState
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#18
hasInitialized
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#28
rollbackRouterImplementation
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#33
nTokenWhitelist
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#36
nTokenAllowance
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#40
globalTransferOperator
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#43
accountAuthorizedTransferOperator
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#46
authorizedCallbackContract
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV1.sol#50
tokenAddressToCurrencyId
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/StorageLayoutV2.sol#L15
pendingOwner
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/LibStorage.sol#L14 NUM_NTOKEN_MARKET_FACTORS
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/global/LibStorage.sol#L17
MAX_PORTFOLIO_ASSETS
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/utils/EIP1271Wallet.sol#L20
ETH_PRECISION
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/TreasuryManager.sol#L35
refundGasPrice
Do not initialize and declare the variables that have no use. Delete them if they are not meant to be used anywhere.
#0 - jeffywu
2022-02-06T14:33:13Z
Variables used in other code not in scope.
#1 - pauliax
2022-02-15T08:37:57Z
Well, the issue mentions many legit variables that cannot be safely removed, but some of them can, so I will include this issue together with others: #204