Platform: Code4rena
Start Date: 12/08/2022
Pot Size: $50,000 USDC
Total HM: 15
Participants: 120
Period: 5 days
Judge: Justin Goro
Total Solo HM: 6
Id: 153
League: ETH
Rank: 74/120
Findings: 2
Award: $67.00
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0x1f8b
Also found by: 0x52, 0xA5DF, 0xDjango, 0xNazgul, 0xNineDec, 0xSmartContract, 0xmatt, 0xsolstars, Aymen0909, Bnke0x0, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, EthLedger, Funen, IllIllI, JC, Junnon, Lambda, LeoS, MiloTruck, Noah3o6, PaludoX0, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, SaharAP, Sm4rty, SooYa, The_GUILD, TomJ, Waze, Yiko, _Adam, __141345__, a12jmx, ak1, asutorufos, auditor0517, ayeslick, ballx, beelzebufo, berndartmueller, bin2chen, brgltd, c3phas, cRat1st0s, cccz, cryptonue, cryptphi, d3e4, delfin454000, dipp, djxploit, durianSausage, dy, erictee, fatherOfBlocks, gogo, gzeon, hyh, ignacio, kyteg, ladboy233, medikko, mics, minhquanym, oyc_109, pfapostol, rbserver, reassor, ret2basic, robee, sach1r0, simon135, sryysryy, tabish, yac, yash90, zzzitron
45.8343 USDC - $45.83
QA
Contract: SafeERC20.sol
Initializing the uint8 in line 22 is unnecessary as they get set to 0 by default
Recommendation:
uint8 i;
2.
Initializing the variable in the following for loops is unnecessary as they get set to 0 by default
Contract: FraxlendWhitelist.sol
line 51 line 66 line 81
Contract: FraxlendPairCore.sol
line 265 line 270
Contract: FraxlendPair.sol
line 289 line 308
Contract: FraxlendPairDeployer.sol
line 402
Recommendations:
for (uint256 i; i < _addresses.length; i++) for (uint256 i; i < _approvedBorrowers.length; ++i) for (uint256 i; i < _approvedLenders.length; ++i) for (uint256 i; i < _lenders.length; i++) for (uint256 i; i < _borrowers.length; i++) for (uint256 i; i < _lengthOfArray; )
3.
Contract: FraxlendPairDeployer.sol
Not initializing uint256 i in line 126 and line 150 is excellent, but there is no need for this, and the for var to then get set to i = 0 in line 127 and line 152 as they get set to 0 by default. Both uint256 do not get used outside of the for loops throughout the rest of either function so this might as well be added inside the for loops.
Recommendation:
for (uint256 i; i < _lengthOfArray; )
#0 - gititGoro
2022-10-06T00:47:04Z
Point 3 was a little unclear.
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0xA5DF, 0xDjango, 0xNazgul, 0xSmartContract, 0xackermann, 0xbepresent, 0xc0ffEE, 0xkatana, 2997ms, Amithuddar, Aymen0909, Bnke0x0, Chinmay, Chom, CodingNameKiki, Deivitto, Diraco, Dravee, ElKu, EthLedger, Fitraldys, Funen, IgnacioB, JC, Junnon, Lambda, LeoS, Metatron, MiloTruck, Noah3o6, NoamYakov, PaludoX0, Randyyy, ReyAdmirado, Rohan16, Rolezn, Ruhum, SaharAP, Sm4rty, SooYa, TomJ, Tomio, Waze, Yiko, _Adam, __141345__, a12jmx, ajtra, ak1, asutorufos, ballx, brgltd, c3phas, cRat1st0s, carlitox477, chrisdior4, d3e4, delfin454000, dharma09, djxploit, durianSausage, erictee, fatherOfBlocks, find_a_bug, flyx, francoHacker, gerdusx, gogo, gzeon, hakerbaya, ignacio, jag, kyteg, ladboy233, ltyu, m_Rassska, medikko, mics, mrpathfindr, newfork01, nxrblsrpr, oyc_109, pfapostol, rbserver, reassor, ret2basic, robee, sach1r0, saian, simon135, sryysryy, zeesaw
21.1705 USDC - $21.17
Contract: SafeERC20.sol
When dealing with function arguments such as in line 22, there is no inherent benefit to set to uint8 because the compiler does not pack these values. Using smaller-size uints such as uint8 is only more efficient when you can pack variables into the same storage slot, such as in structs. In this case, a function and in a loop, uint256 is more gas efficient than uint8. It brings a difference of about 1500 gas per contract deployment.
Recommendation:
uint256;
2.
Switching the i++ to ++i in for loops will save about 5 gas per iteration
Contract: SafeERC20.sol
line 27
Contract: FraxlendWhitelist.sol
line 51 line 66 line 81
Contract: FraxlendPair.sol
line 289 line 308
Recommendations:
for (i = 0; i < 32 && data[i] != 0; ++i) for (uint256 i = 0; i < _addresses.length; ++i) for (uint256 i = 0; i < _lenders.length; ++i) for (uint256 i = 0; i < _borrowers.length; ++i)