Platform: Code4rena
Start Date: 12/07/2022
Pot Size: $35,000 USDC
Total HM: 13
Participants: 78
Period: 3 days
Judge: 0xean
Total Solo HM: 6
Id: 135
League: ETH
Rank: 45/78
Findings: 2
Award: $71.15
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: joestakey
Also found by: 0x1f8b, 0x52, 0xDjango, 0xNazgul, 0xNineDec, 8olidity, Avci, Bahurum, Bnke0x0, Chom, ElKu, Funen, GimelSec, JC, Junnon, Kaiziron, Meera, PaludoX0, Picodes, ReyAdmirado, Sm4rty, Soosh, Waze, _Adam, __141345__, ak1, aysha, benbaessler, bin2chen, c3phas, cccz, cryptphi, csanuragjain, defsec, exd0tpy, fatherOfBlocks, gogo, hake, hansfriese, itsmeSTYJ, jonatascm, kyteg, mektigboy, oyc_109, pashov, rbserver, rishabh, robee, rokinot, sach1r0, sashik_eth, scaraven, simon135, slywaters
44.2564 USDC - $44.26
#1 add immutable to AaveAddr
State aaveAddr was call on constructor so it should be add immutable to initialize the state. it makes the state have a value and the cost are cheaper.
#2 missing natspec comment parameter a
natspect comment of param a was missing so give explanation about a to the comment natspec. it can increase readibility
#3 Missing natspect comment parameter holder
natspect comment of param holder was missing so give explanation about holder to the comment natspec. it can increase readibility
🌟 Selected for report: joestakey
Also found by: 0x040, 0x1f8b, 0xDjango, 0xNazgul, 0xsam, Avci, Aymen0909, Bnke0x0, CRYP70, ElKu, Fitraldys, Funen, JC, Kaiziron, MadWookie, Meera, ReyAdmirado, Sm4rty, Soosh, TomJ, Waze, _Adam, __141345__, ajtra, benbaessler, c3phas, csanuragjain, durianSausage, exd0tpy, fatherOfBlocks, hake, ignacio, karanctf, kyteg, m_Rassska, oyc_109, rbserver, robee, rokinot, samruna, sashik_eth, simon135, slywaters
26.8888 USDC - $26.89
#1 visibility
change visibility from public to private or internal can save gas. so i recommend to change it.
#2 use storage instead of memory
Use storage instead of memory to reduce the gas fee. i suggest to change from e.g
Hash.Order memory order = o[i];
to
Hash.Order storage order = o[i];
apply to others.
#3 use calldata instead memory
In the external functions where the function argument is read-only, the function() has an inputed parameter that using memory, if this function didnt change the parameter, its cheaper to use calldata then memory. so we suggest to change it. e.g
function setFee(uint16[] memory i, uint16[] memory d) external authorized(admin) returns (bool) {
to
function setFee(uint16[] calldata i, uint16[] calldata d) external authorized(admin) returns (bool) {
apply to others.
#4 remove max
And add type(uint256).max change max
uint256 max = 2**256 - 1; // remove this uint256 when; for (uint256 i; i < len;) { when = approvals[u[i]]; if (when == 0) { revert Exception(16, 0, 0, address(0), address(0)); } if (block.timestamp < when) { revert Exception(17, block.timestamp, when, address(0), address(0)); } approvals[u[i]] = 0; IErc20 uToken = IErc20(u[i]); Safe.approve(uToken, c[i], max); //change max
To
uint256 when; for (uint256 i; i < len;) { when = approvals[u[i]]; if (when == 0) { revert Exception(16, 0, 0, address(0), address(0)); } if (block.timestamp < when) { revert Exception(17, block.timestamp, when, address(0), address(0)); } approvals[u[i]] = 0; IErc20 uToken = IErc20(u[i]); Safe.approve(uToken, c[i], type(uint256).max);