Platform: Code4rena
Start Date: 13/01/2022
Pot Size: $75,000 USDC
Total HM: 9
Participants: 27
Period: 7 days
Judge: leastwood
Total Solo HM: 5
Id: 73
League: ETH
Rank: 18/27
Findings: 2
Award: $73.86
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: defsec
Also found by: Dravee, WatchPug, byterocket, robee
0.1061 LPT - $3.93
10.8143 USDC - $10.81
byterocket
Caching the array length outside a loop in a variable saves reading it on each iteration, as long as the array's length is not changed during the loop.
Therefore, the following loops could be refactored:
arbitrum-lpt-bridge: - L1/gateway/L1Migrator -> Line 472 - L2/gateway/L2Migrator -> Line 197
Use the following pattern for refactoring:
uint256 len = array.length; for (uint256 i; i < len; i++) { // ... }
#0 - yondonfu
2022-01-23T20:36:15Z
0.0614 LPT - $2.28
6.2568 USDC - $6.26
byterocket
Assigned operations to constant variables are re-evaluated every time. See here.
Therefore, refactor following AccessControl roles from being constant to immutable:
arbitrum-lpt-bridge: - L2/gateway/L2Migrator * GOVERNOR_ROLE - ControlledGateway * GOVERNOR_ROLE - L1/gateway/L1Migrator * GOVERNOR_ROLE - token/LivepeerToken * MINTER_ROLE * BURNER_ROLE
#0 - yondonfu
2022-01-23T20:35:13Z
🌟 Selected for report: WatchPug
Also found by: byterocket
0.3637 LPT - $13.49
37.086 USDC - $37.09
byterocket
The documentation for OpenZeppelins AccessControl contract states:
"By default, the admin role for all roles is DEFAULT_ADMIN_ROLE".
See here.
Therefore it is unnecessary to call _setRoleAdmin for a role with DEFAULT_ADMIN_ROLE
as argument.
Following contracts call _setRoleAdmin with DEFAULT_ADMIN_ROLE as argument in their constructor:
arbitrum-lpt-bridge: - ControlledGateway.sol - L2/gateway/L2Migrator.sol - token/LivepeerToken.sol - L1/gateway/L1Migrator.sol
Remove the unnecessary calls and, in case this is needed, emit AccessControl's
RoleAdminChanged events directly with emit RoleAdminChanged(role, DEFAULT_ADMIN_ROLE, DEFAULT_ADMIN_ROLE).
#0 - yondonfu
2022-01-23T01:05:43Z