Platform: Code4rena
Start Date: 09/09/2022
Pot Size: $42,000 USDC
Total HM: 2
Participants: 101
Period: 3 days
Judge: hickuphh3
Total Solo HM: 2
Id: 161
League: ETH
Rank: 76/101
Findings: 1
Award: $33.58
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: GalloDaSballo
Also found by: 0x040, 0x1f8b, 0x4non, 0x52, 0x85102, 0xNazgul, 0xSky, 0xSmartContract, Aymen0909, Bnke0x0, CertoraInc, Chandr, Chom, CodingNameKiki, Deivitto, Diana, Funen, JC, Jeiwan, Junnon, KIntern_NA, Lambda, Mohandes, Noah3o6, Ocean_Sky, Picodes, R2, Randyyy, RaymondFam, ReyAdmirado, Rohan16, Rolezn, Samatak, Sm4rty, SnowMan, SooYa, StevenL, Tagir2003, Tointer, TomJ, Tomo, V_B, Waze, _Adam, __141345__, a12jmx, ajtra, ak1, asutorufos, bharg4v, bobirichman, brgltd, c3phas, cccz, cryptonue, cryptostellar5, cryptphi, csanuragjain, d3e4, datapunk, delfin454000, dipp, djxploit, durianSausage, erictee, fatherOfBlocks, gogo, got_targ, hansfriese, horsefacts, hyh, ignacio, innertia, izhuer, karanctf, ladboy233, leosathya, lucacez, lukris02, mics, oyc_109, pashov, pauliax, prasantgupta52, rbserver, ret2basic, rfa, robee, rokinot, rotcivegaf, rvierdiiev, sach1r0, scaraven, sikorico, simon135, smiling_heretic, sorrynotsorry, unforgiven, wagmi, yixxas
33.5761 USDC - $33.58
Contract: SimpleFeiDaiPSM.sol
The word "governanceless" in line 7 is not a globally recognizable English word.
Recommendation:
Consider replacing with the phrase: "governless" or "ungoverned"
2.
Contract: SimpleFeiDaiPSM.sol
Code can be refactored to be more readable.
Consider refactoring variables, functions and phrasing in comments
amountFeiIn to depositedFei,
amountAssetOut to withdrawnAsset,
amountIn to deposited,
amountFeiOut to withdrawnFei,
getMintAmountOut() to getMintWithdrawn(),
"amount out" to "withdrawn",
minAmountOut to minWithdrawal,
getRedeemAmountOut() to getRedeemWithdrawn(),
accordingly to recommendation for potentially better user readability.
Recommendation:
line 27: event Redeem(address to, uint256 depositedFei, uint256 withdrawnAsset);
line 29: event Mint(address to, uint256 deposited, uint256 withdrawnFei);
line 31: /// @notice mint withdrawnFei FEI to address to for deposited underlying tokens
line 32: /// @dev see getMintWithdrawn() to pre-calculate withdrawn
line 35: uint256 deposited,
line 36: uint256 minWithdrawal
line 37: ) external returns (uint256 withdrawnFei) {
line 38: withdrawnFei = deposited;
line 39: require(withdrawnFei >= minWithdrawal, "SimpleFeiDaiPSM: Mint not enough out");
line 40: DAI.safeTransferFrom(msg.sender, address(this), deposited);
line 41: FEI.mint(to, withdrawnFei);
line 42: emit Mint(to, deposited, deposited);
line 45: /// @notice redeem depositedFei FEI for amountOut underlying tokens and send to address to
line 46: /// @dev see getRedeemWithdrawn() to pre-calculate amount out
line 50: uint256 depositedFei,
line 51: uint256 minWithdrawal
line 52: ) external returns (uint256 amountOut) {
line 53: amountOut = depositedFei;
line 54: require(amountOut >= minWithdrawal, "SimpleFeiDaiPSM: Redeem not enough out");
line 55: FEI.safeTransferFrom(msg.sender, address(this), depositedFei);
line 56: DAI.safeTransfer(to, amountOut);
line 57: emit Redeem(to, depositedFei, depositedFei);
line 60: /// @notice calculate the amount of FEI out for a given deposited of underlying
line 61: function getMintWithdrawn(uint256 deposited) external pure returns (uint256) {
line 62: return deposited;
line 65: /// @notice calculate the amount of FEI out for a given deposited of underlying
line 66: function getRedeemWithdrawn(uint256 deposited) external pure returns (uint256) {
line 67: return deposited;
This will also bring consistency to the code in respect to the PCVDeposit interface.
Cotract: RariMerkleRedeemer.sol
It is best practice and unnecessary to initialize for variables as they get set to 0 by default in:
line 128 line 141 line 193 line 229 line 247
Recommendation:
for (uint256 i; i < _cTokens.length; i++) {
4.
Contract: TribeRedeemer.sol
It is best practice and unnecessary to initialize for variables as they get set to 0 by default in:
line 53 line 71
Recommendation:
for (uint256 i; i < tokensReceived.length; i++) { for (uint256 i; i < tokens.length; i++) {