Platform: Code4rena
Start Date: 14/07/2022
Pot Size: $25,000 USDC
Total HM: 2
Participants: 63
Period: 3 days
Judge: PierrickGT
Total Solo HM: 1
Id: 147
League: ETH
Rank: 10/63
Findings: 2
Award: $109.82
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: hickuphh3
Also found by: 0x29A, 0x52, 0xNazgul, Chom, Deivitto, ElKu, Funen, IllIllI, Meera, ReyAdmirado, SooYa, TomJ, Trumpero, Waze, __141345__, ak1, asutorufos, c3phas, cRat1st0s, csanuragjain, delfin454000, exd0tpy, fatherOfBlocks, hake, hansfriese, horsefacts, hyh, karanctf, kenzo, kyteg, ladboy233, pashov, peritoflores, rajatbeladiya, rbserver, reassor, rokinot, simon135, wastewa
92.1691 USDC - $92.17
#1 Immutable
add immutable on ladle state because ladle state must be initialize through constructor
#3 Code and comment not match
// If liquidatorCut is 0, then auctioneerCut is 0 too, so no need to double check if (liquidatorCut > 0) { IJoin ilkJoin = ladle.joins(auction_.ilkId); require(ilkJoin != IJoin(address(0)), "Join not found"); // Pay auctioneer's cut if necessary if (auctioneerCut > 0) { ilkJoin.exit(auction_.auctioneer, auctioneerCut.u128()); }
because liquidator is 0, and then auctioneerCut is 0 too. so
if (liquidatorCut > 0) { -----> if (liquidatorCut => 0) {
and
if (auctioneerCut > 0) { -----> if (auctioneerCut => 0) {
#3 Typo
/// @dev quoutes hoy much ink a liquidator is expected to get if it repays an `artIn` amount
change hoy to how
#4 unused natspec comment https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L567-L568
remove the natspec comment if unused. it decrase readibility
#5 Missing param comment vaultid
add natspec comment param vaultid
#6 Missing param comment
function have natspec comment which is missing. Add natspec comments include all parameter in the function.
#0 - alcueca
2022-07-22T14:05:05Z
Ok QA report
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x29A, 0xKitsune, 0xNazgul, Aymen0909, Chom, Deivitto, ElKu, JC, JohnSmith, Kaiziron, Limbooo, MadWookie, Meera, ReyAdmirado, Rohan16, Sm4rty, SooYa, TomJ, Trumpero, Waze, __141345__, ajtra, ak1, antonttc, bulej93, c3phas, cRat1st0s, csanuragjain, defsec, durianSausage, fatherOfBlocks, gogo, hake, hickuphh3, ignacio, joestakey, karanctf, kyteg, m_Rassska, pashov, rajatbeladiya, rbserver, robee, rokinot, samruna, sashik_eth, simon135, tofunmi
17.6508 USDC - $17.65
#1 use storage instead memory
Use storage instead of memory to reduce the gas fee. i suggest to change from e.g
DataTypes.Vault memory vault = cauldron.vaults(vaultId);
to
DataTypes.Vault storage vault = cauldron.vaults(vaultId);
apply to others.
#2 use calldata instead of memory
In the external functions where the function argument is read-only, the function() has an inputed parameter that using memory, if this function didnt change the parameter, its cheaper to use calldata then memory. so we suggest to change it. e.g
function _calcAuction( DataTypes.Vault memory vault, DataTypes.Series memory series, address to, DataTypes.Balances memory balances, DataTypes.Debt memory debt
to
function _calcAuction( DataTypes.Vault calldata vault, DataTypes.Series calldata series, address to, DataTypes.Balances calldata balances, DataTypes.Debt calldata debt
apply to others.
#3 use != instead of >
for unsigned integer, >0 is less efficient then !=0, so use !=0 instead of >0. apply to others.
#4 custom error https://github.com/code-423n4/2022-07-yield/blob/6ab092b8c10e4dabb470918ae15c6451c861655f/contracts/Witch.sol#L358
use custom error can reduce the gas fee. it compatible in solidity 0.8.4 above