Platform: Code4rena
Start Date: 09/09/2022
Pot Size: $42,000 USDC
Total HM: 2
Participants: 101
Period: 3 days
Judge: hickuphh3
Total Solo HM: 2
Id: 161
League: ETH
Rank: 67/101
Findings: 1
Award: $33.58
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: GalloDaSballo
Also found by: 0x040, 0x1f8b, 0x4non, 0x52, 0x85102, 0xNazgul, 0xSky, 0xSmartContract, Aymen0909, Bnke0x0, CertoraInc, Chandr, Chom, CodingNameKiki, Deivitto, Diana, Funen, JC, Jeiwan, Junnon, KIntern_NA, Lambda, Mohandes, Noah3o6, Ocean_Sky, Picodes, R2, Randyyy, RaymondFam, ReyAdmirado, Rohan16, Rolezn, Samatak, Sm4rty, SnowMan, SooYa, StevenL, Tagir2003, Tointer, TomJ, Tomo, V_B, Waze, _Adam, __141345__, a12jmx, ajtra, ak1, asutorufos, bharg4v, bobirichman, brgltd, c3phas, cccz, cryptonue, cryptostellar5, cryptphi, csanuragjain, d3e4, datapunk, delfin454000, dipp, djxploit, durianSausage, erictee, fatherOfBlocks, gogo, got_targ, hansfriese, horsefacts, hyh, ignacio, innertia, izhuer, karanctf, ladboy233, leosathya, lucacez, lukris02, mics, oyc_109, pashov, pauliax, prasantgupta52, rbserver, ret2basic, rfa, robee, rokinot, rotcivegaf, rvierdiiev, sach1r0, scaraven, sikorico, simon135, smiling_heretic, sorrynotsorry, unforgiven, wagmi, yixxas
33.5761 USDC - $33.58
[L01] A floating pragma is set. [L02] Outdated compiler version [L03] Missing checks for address(0x0) when assigning values to address state variables
[NC01] Constants should be defined rather than using magic numbers [NC02] Event is missing indexed fields [NC03] Duplicated require()/revert() checks should be refactored to a modifier or function
Some contracts have the pragma solidity directive ^0.8.4. It is recommended to specify a fixed compiler version to ensure that the bytecode produced does not vary between builds. This is especially important if you rely on bytecode-level verification of the code.
Lock the pragma.
TribeRedeemer.sol#L2 SimpleFeiDaiPSM.sol#L2
It's a best practice to use the latest compiler version. The specified minimum compiler version is quite old. Older compilers might be susceptible to some bugs. It's recommended changing the solidity version pragma to the latest version to enforce the use of an up-to-date compiler.
A list of known compiler bugs and their severity can be found here: https://etherscan.io/solcbuginfo
To check the bugfixed and improvements of latest versions see the following link
Update the pragma to 0.8.16
RariMerkleRedeemer.sol#L2 MerkleRedeemerDripper.sol#L2 TribeRedeemer.sol#L2 SimpleFeiDaiPSM.sol#L2
Even assembly can benefit from using readable constants instead of hex/numeric literals
RariMerkleRedeemer.sol#L125 RariMerkleRedeemer.sol#L138
Index event fields make the field more quickly accessible to off-chain tools that parse events. However, note that each index field costs extra gas during emission, so it's not necessarily best to index the maximum allowed per event (three fields). Each event should use three indexed fields if there are three or more fields, and gas usage is not particularly of concern for the events in question. If there are fewer than three fields, all of the fields should be indexed.
TribeRedeemer.sol#L14 SimpleFeiDaiPSM.sol#L27 SimpleFeiDaiPSM.sol#L29
The compiler will inline the function, which will avoid JUMP instructions usually associated with functions
RariMerkleRedeemer.sol#L125 RariMerkleRedeemer.sol#L138