Platform: Code4rena
Start Date: 20/09/2022
Pot Size: $100,000 USDC
Total HM: 4
Participants: 109
Period: 7 days
Judge: GalloDaSballo
Id: 163
League: ETH
Rank: 47/109
Findings: 2
Award: $123.86
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0x52, 0x5rings, 0xNazgul, 0xRobocop, 0xSmartContract, 0xdeadbeef, 0xsanson, 8olidity, Amithuddar, Aymen0909, B2, B353N, CertoraInc, Ch_301, Chom, CodingNameKiki, Deivitto, ElKu, Funen, JC, JohnnyTime, Kresh, Lambda, Noah3o6, RaymondFam, ReyAdmirado, RockingMiles, Rolezn, Sm4rty, SuldaanBeegsi, Tadashi, TomJ, Tomio, V_B, Waze, __141345__, a12jmx, ak1, arcoun, asutorufos, aviggiano, berndartmueller, bharg4v, bin2chen, brgltd, bulej93, c3phas, catchup, cccz, ch0bu, cryptonue, cryptphi, csanuragjain, delfin454000, devtooligan, djxploit, durianSausage, eighty, erictee, exd0tpy, fatherOfBlocks, giovannidisiena, hansfriese, ignacio, joestakey, ladboy233, lukris02, m9800, malinariy, martin, minhtrng, obront, oyc_109, pedr02b2, pedroais, pfapostol, philogy, prasantgupta52, rbserver, ronnyx2017, rotcivegaf, rvierdiiev, sach1r0, shung, simon135, throttle, tnevler, tonisives, wagmi, yixxas, zkhorse, zzykxx, zzzitron
55.1985 USDC - $55.20
It is reasonable to add a two-step ownership transition: in the first stage owner proposes to transfer ownership, and in the second new owner accepts ownership by calling a special function.
There is gobble function in ArtGobblers contract. It accepts bool isERC1155 as an input parameter, which indicates whether the work of art is an ERC1155 or ERC721 token. It will be better to use enum instead of bool variable in this case. This is so because the boolean variable name and description state that it only gives information on whether is it an ERC1155 token or not, but does not provide any reasonable info about bellonging to other possible token standards.
#0 - GalloDaSballo
2022-10-06T00:34:34Z
1R 1NC
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0xNazgul, 0xSmartContract, Atarpara, CertoraInc, Deathstore, Deivitto, ElKu, MiloTruck, ReyAdmirado, SnowMan, Tadashi, V_B, __141345__, aviggiano, catchup, djxploit, gogo, pfapostol, philogy, shung
68.6605 USDC - $68.66
There is function toString in LibString library. There 5 storage slots are used for the next purposes:
// The maximum value of a uint256 contains 78 digits (1 byte per digit), but we allocate 160 bytes // to keep the free memory pointer word aligned. We'll need 1 word for the length, 1 word for the // trailing zeros padding, and 3 other words for a max of 78 digits. In total: 5 * 32 = 160 bytes.
Actually, the last (fifth) storage slot is redundant, it is filled with zero value and never used later:
// Clean the last word of memory it may not be overwritten. mstore(str, 0)
It is reasonable to not allocate such a slot at all (and to not store there zero value) to reduce gas consumption and make the code more clear.
There are many places where the index in a loop is incremented by the postincrement i++. The more efficient way to increment the variable is an ++i preincrement. Also, the incrementation of variables can be put in unchecked brackets.
immutables for all unchangeable storage variablesAlthough the immutable keyword is used for many of the variables it is not used in all variables where it can be so. As an example, BASE_URI variable from ArtGobblers should be declared with immutable keyword.
#0 - GalloDaSballo
2022-10-05T00:22:04Z
2k from Immutable
First report should be benchmarked as it's too specific to be accepted at face value