Back to Tomio's contests

Sturdy contest - Tomio's results

The first protocol for interest-free borrowing and high yield lending.

General Information

Platform: Code4rena

Start Date: 13/05/2022

Pot Size: $30,000 USDC

Total HM: 8

Participants: 65

Period: 3 days

Judge: hickuphh3

Total Solo HM: 1

Id: 125

League: ETH

Sturdy

Findings Distribution

Researcher Performance

Rank: 51/65

Findings: 1

Award: $25.57

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositorySturdy

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xNazgul, 0xf15ers, 0xkatana, 0xliumin, Cityscape, Dravee, Fitraldys, Funen, GimelSec, Hawkeye, JC, MaratCerby, SooYa, StErMi, Tomio, WatchPug, Waze, bobirichman, defsec, delfin454000, fatherOfBlocks, hake, hansfriese, hickuphh3, ignacio, joestakey, kebabsec, mics, mtz, oyc_109, robee, rotcivegaf, samruna, sikorico, simon135, z3s

Awards

25.5685 USDC - $25.57

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Title: Using calldata to store struct data type can save gas

Proof of Concept: https://github.com/code-423n4/2022-05-sturdy/blob/main/smart-contracts/YieldManager.sol#L142

Recommended Mitigation Steps: Change memory to calldata

========================================================================

Title: Using += to increase value on var

Proof of Concept: https://github.com/code-423n4/2022-05-sturdy/blob/main/smart-contracts/YieldManager.sol#L75

Recommended Mitigation Steps: Change to:

	_assetsCount += 1;

========================================================================

Title: Using storage to declare Struct variable inside function

Proof of Concept: https://github.com/code-423n4/2022-05-sturdy/blob/main/smart-contracts/YieldManager.sol#L129 https://github.com/code-423n4/2022-05-sturdy/blob/main/smart-contracts/YieldManager.sol#L153

Recommended Mitigation Steps: instead of caching UserInfo to memory. read it directly from storage.

    AssetYield[] storage assetYields = _getAssetYields(exchangedAmount);

========================================================================

Title: Using != is more gas efficient

Proof of Concept: https://github.com/code-423n4/2022-05-sturdy/blob/main/smart-contracts/YieldManager.sol#L131 https://github.com/code-423n4/2022-05-sturdy/blob/main/smart-contracts/GeneralVault.sol#L179

Recommended Mitigation Steps:

    if (assetYields[i].amount != 0) {

========================================================================

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter