Platform: Code4rena
Start Date: 03/05/2023
Pot Size: $60,500 USDC
Total HM: 25
Participants: 114
Period: 8 days
Judge: Picodes
Total Solo HM: 6
Id: 234
League: ETH
Rank: 85/114
Findings: 1
Award: $36.24
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rbserver
Also found by: 0xnev, ABAIKUNANBAEV, Audit_Avengers, Aymen0909, BGSecurity, BRONZEDISC, Bason, DadeKuma, GG_Security, Jerry0x, Jorgect, MohammedRizwan, REACH, Sathish9098, Shogoki, T1MOH, UniversalCrypto, aviggiano, ayden, berlin-101, bytes032, codeslide, descharre, fatherOfBlocks, hals, kaveyjoe, kodyvim, lfzkoala, lukris02, nadin, naman1778, patitonar, pontifex, sakshamguruji, squeaky_cactus, teawaterwire, wonjun, yjrwkk
36.2377 USDC - $36.24
Description Maximum line length is 120. Described in docs https://docs.soliditylang.org/en/v0.8.19/style-guide.html#maximum-line-length
You exceed this limit here:
https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-grants/src/grants/GrantFund.sol#L50
https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-grants/src/grants/base/Funding.sol#L110
Recommendation: Shorten lines so as not to go beyond 120 characters. https://docs.soliditylang.org/en/v0.8.19/style-guide.html#maximum-line-length
_getMinimumThresholdPercentage()Remove excessive logic to make it easier to read
function _getMinimumThresholdPercentage() internal view returns (uint256) { // default minimum threshold is 50 if (_fundedExtraordinaryProposals.length == 0) { return 0.5 * 1e18; } // minimum threshold increases according to the number of funded EFM proposals else { return 0.5 * 1e18 + (_fundedExtraordinaryProposals.length * (0.05 * 1e18)); } }
Refactor:
function _getMinimumThresholdPercentage() internal view returns (uint256) { // default minimum threshold is 50 // minimum threshold increases according to the number of funded EFM proposals return 0.5 * 1e18 + (_fundedExtraordinaryProposals.length * (0.05 * 1e18)); }
In whitepaper you use term "Primary Funding Mechanism" (paragraph 9.2.1). But in code that's called StandardFunding, which is confusing for new people diving into ajna-grants source code https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-grants/src/grants/base/StandardFunding.sol
Either update whitepaper or naming in StandardFunding.sol
There is a difference between constant variables and immutable variables, and they should each be used in their appropriate contexts. While it doesn’t save any gas because the compiler knows that developers often make this mistake, it’s still best to use the right tool for the task at hand.
ajna-grants/src/grants/base/StandardFunding.sol 51: bytes32 internal constant DESCRIPTION_PREFIX_HASH_STANDARD = keccak256(bytes("Standard Funding: ")); ajna-grants/src/grants/base/Funding.sol 21: address public immutable ajnaTokenAddress = 0x9a96ec9B57Fb64FbC60B423d1f4da7691Bd35079; ajna-grants/src/grants/base/ExtraordinaryFunding.sol 28: bytes32 internal constant DESCRIPTION_PREFIX_HASH_EXTRAORDINARY = keccak256(bytes("Extraordinary Funding: "));
#0 - c4-judge
2023-05-18T19:02:38Z
Picodes marked the issue as grade-b