Platform: Code4rena
Start Date: 20/01/2022
Pot Size: $80,000 USDC
Total HM: 5
Participants: 37
Period: 7 days
Judge: Jack the Pug
Total Solo HM: 1
Id: 76
League: ETH
Rank: 21/37
Findings: 1
Award: $196.49
🌟 Selected for report: 1
🚀 Solo Findings: 0
53.5879 USDC - $53.59
Tomio
Expensive gas
Remix
Change:
claims_[_claimIdentifier].state = _state; claims_[_claimIdentifier].updated = block.timestamp;
To:
claim.state = _state; claim.updated = block.timestamp;
#0 - jack-the-pug
2022-03-26T12:38:43Z
Dup #200
89.3132 USDC - $89.31
Tomio
because if there's no check address(this).balance != 0 then doesnt need to call transfer, can save gas
https://github.com/code-423n4/2022-01-sherlock/blob/main/contracts/managers/Manager.sol#L51
Remix
Example: If transfer first:
function sendETH(address _receive) external payable { (bool success, ) = _receive.call{value: address(this).balance}(''); if(success == false) require(false, "Transfer ETH Failed"); } // 22276 gas
If check address(this).balance first
function correctSendEth(address _receive) external payable { uint eth_balance = address(this).balance; if (eth_balance != 0){ (bool success, ) = _receive.call{value: eth_balance}(''); if(success == false) require(false, "Transfer ETH Failed"); } } //21923 gas
#0 - jack-the-pug
2022-03-26T12:40:45Z
Dup #211
Tomio
In the https://github.com/code-423n4/2022-01-sherlock/blob/main/contracts/SherBuy.sol#L181 receiver can sweep the token, by inputing all of the address that this contract has, since the _tokens parameter is not going to be changed in this function, its cheaper to use calldata than memory
function sweepTokens(IERC20[] calldata _tokens) external { //if (msg.sender != receiver) revert InvalidSender(); //if (active()) revert InvalidState(); // Loops through the extra tokens (ERC20) provided and sends all of them to the sender address for (uint256 i; i < _tokens.length; i++) { counter += 1; //IERC20 token = _tokens[i]; //token.safeTransfer(msg.sender, token.balanceOf(address(this))); } } // 48066 using memory // 46686 using calldata