Platform: Code4rena
Start Date: 25/01/2022
Pot Size: $50,000 USDT
Total HM: 17
Participants: 39
Period: 3 days
Judge: LSDan
Total Solo HM: 9
Id: 79
League: ETH
Rank: 27/39
Findings: 2
Award: $138.27
🌟 Selected for report: 1
🚀 Solo Findings: 0
🌟 Selected for report: cccz
Also found by: csanuragjain, defsec, robee
csanuragjain
Some tokens (like USDT) do not work when changing the allowance from an existing non-zero allowance value.They must first be approved by zero and then the actual allowance must be approved. In this case allowance was not set to 0 first
Navigate to contract at https://github.com/code-423n4/2022-01-trader-joe/blob/main/contracts/LaunchEvent.sol
Observe the createPair function
function createPair() external isStopped(false) atPhase(Phase.PhaseThree) { token.approve(address(router), tokenAllocated); }
Add below line
token.approve(address(router), 0); token.approve(address(router), tokenAllocated);
#0 - cryptofish7
2022-02-11T00:52:16Z
Duplicate of #22
csanuragjain
Gas savings
Navigate to contract https://github.com/code-423n4/2022-01-trader-joe/blob/main/contracts/RocketJoeFactory.sol
Observe that _eventImplementation, _wavax is meant to be declared only once and hence can be declared immutable
#0 - cryptofish7
2022-02-11T00:56:56Z
Duplicate of #284
🌟 Selected for report: csanuragjain
39.7792 USDT - $39.78
csanuragjain
Gas savings
Navigate to contract https://github.com/code-423n4/2022-01-trader-joe/blob/main/contracts/LaunchEvent.sol
Observe that _issuer is meant to be declared only once and hence can be declared immutable
In getPenalty function timeElapsed < PHASE_ONE_NO_FEE_DURATION could be changed to timeElapsed <= PHASE_ONE_NO_FEE_DURATION since penalty will be 0 in both cases