Platform: Code4rena
Start Date: 07/01/2022
Pot Size: $80,000 USDC
Total HM: 21
Participants: 37
Period: 7 days
Judge: 0xean
Total Solo HM: 14
Id: 71
League: ETH
Rank: 12/37
Findings: 2
Award: $1,540.47
π Selected for report: 6
π Solo Findings: 0
37.3929 INSURE - $13.09
22.7028 USDC - $22.70
defsec
Contracts use assert() instead of require() in the Vault.
Per to Solidityβs documentation:
"Assert should only be used to test for internal errors, and to check invariants. Properly functioning code should never create a Panic, not even on invalid external input. If this happens, then there is a bug in your contract which you should fix. Language analysis tools can evaluate your contract to identify the conditions and function calls which will cause a Panic.β
if (available() < _amount) { //when USDC in this contract isn't enough uint256 _shortage = _amount - available(); _unutilize(_shortage); assert(available() >= _amount); }
None
Change to require().
#0 - oishun1112
2022-01-19T05:42:24Z
#1 - 0xean
2022-02-22T13:59:43Z
Moving these to dupe of #21
π Selected for report: defsec
379.9514 INSURE - $132.98
230.6848 USDC - $230.68
defsec
the owner parameter are used for the onlyOwner modifier. In the state variable , proper check up should be done , other wise error in these state variable can lead to redeployment of contract. If the zero address is assigned to rebalanceManager parameter, that will fail all Owner functions.
Code Review
Add proper zero address validation.
π Selected for report: defsec
379.9514 INSURE - $132.98
230.6848 USDC - $230.68
defsec
On the ERC20, There is a known problem named as Approve/TransferFrom race condition. On the transferFrom, allowance max check has not been added.
function transferFrom( address sender, address recipient, uint256 amount ) public virtual override returns (bool) { uint256 currentAllowance = _allowances[sender][_msgSender()]; if (currentAllowance != type(uint256).max) { require(currentAllowance >= amount, "ERC20: transfer amount exceeds allowance"); unchecked { _approve(sender, _msgSender(), currentAllowance - amount); } } _transfer(sender, recipient, amount); return true; }
None
Consider to use openzeppelin erc20 contract. The sample transferFrom function can be seen from below.
function transferFrom( address sender, address recipient, uint256 amount ) public virtual override returns (bool) { uint256 currentAllowance = _allowances[sender][_msgSender()]; if (currentAllowance != type(uint256).max) { require(currentAllowance >= amount, "ERC20: transfer amount exceeds allowance"); unchecked { _approve(sender, _msgSender(), currentAllowance - amount); } } _transfer(sender, recipient, amount); return true; }
102.5869 INSURE - $35.91
62.2849 USDC - $62.28
defsec
The setFeeRate function does not have any upper or lower bounds. Values that are too large will lead to reversions in several critical functions.
None
Consider to define upper and lower bounds on the fee array.
#0 - oishun1112
2022-01-18T08:48:11Z
User pays premium that is calculated in BondingPremium.sol. paid premium goes to two parties (Underwriters and Governance). the feeRate is how much percentage of the premium goes to governance. so, user never pay inappropriate amount of premium by inappropriate feeRate
#1 - oishun1112
2022-01-19T05:28:07Z
fee amount needs to be bounded, at least, to avoid incorrect parameter to be set
#2 - oishun1112
2022-01-31T06:43:11Z
6.1284 INSURE - $2.14
3.2174 USDC - $3.22
defsec
Hardhat console is an unnecessary import in all contracts since it is used solely for development. It can therefore be removed.
None
Consider to delete 'import "hardhat/console.sol"' for the gas optimization.
#0 - oishun1112
2022-01-13T17:33:55Z
π Selected for report: defsec
379.9514 INSURE - $132.98
230.6848 USDC - $230.68
defsec
On the deposit and other functions, some of the functions are checked when the contract is paused. However, other functions like unlock or transferinsturance does not have any pause protection.
None
Review all the function behaviours and put extra pause check.
π Selected for report: defsec
62.2711 INSURE - $21.79
32.6923 USDC - $32.69
defsec
In some cases, having function arguments in calldata instead of memory is more optimal.
Consider the following generic example:
contract C { function add(uint[] memory arr) external returns (uint sum) { uint length = arr.length; for (uint i = 0; i < arr.length; i++) { sum += arr[i]; } } }
In the above example, the dynamic array arr has the storage location memory. When the function gets called externally, the array values are kept in calldata and copied to memory during ABI decoding (using the opcode calldataload and mstore). And during the for loop, arr[i] accesses the value in memory using a mload. However, for the above example this is inefficient. Consider the following snippet instead:
contract C { function add(uint[] calldata arr) external returns (uint sum) { uint length = arr.length; for (uint i = 0; i < arr.length; i++) { sum += arr[i]; } } }
In the above snippet, instead of going via memory, the value is directly read from calldata using calldataload. That is, there are no intermediate memory operations that carries this value.
Gas savings: In the former example, the ABI decoding begins with copying value from calldata to memory in a for loop. Each iteration would cost at least 60 gas. In the latter example, this can be completely avoided. This will also reduce the number of instructions and therefore reduces the deploy time cost of the contract.
In short, use calldata instead of memory if the function argument is only read.
Note that in older Solidity versions, changing some function arguments from memory to calldata may cause "unimplemented feature error". This can be avoided by using a newer (0.8.*) Solidity compiler.
Examples Note: The following pattern is prevalent in the codebase:
function f(bytes memory data) external { (...) = abi.decode(data, (..., types, ...)); }
Here, changing to bytes calldata will decrease the gas. The total savings for this change across all such uses would be quite significant.
Examples:
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L176 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L186
None
Change memory definition with calldata.
3.723 INSURE - $1.30
1.9546 USDC - $1.95
defsec
The contract has an unnecessary ==true comparison in its require statement. Since require already checks if the condition is true, there is no need for it to be compared.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L612 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L122 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L142 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L166
Code Review
Removing == true saves a tiny amount of gas.
#0 - oishun1112
2022-01-17T08:04:08Z
28.022 INSURE - $9.81
14.7115 USDC - $14.71
defsec
The use of _msgSender() when there is no implementation of a meta transaction mechanism that uses it, such as EIP-2771, very slightly increases gas consumption.
_msgSender() is utilized three times where msg.sender could have been used in the following function.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L105 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L135 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L159 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L165 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L188 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L220
None
Replace _msgSender() with msg.sender if there is no mechanism to support meta-transactions like EIP-2771 implemented.
#0 - 0xHaku
2022-01-22T08:56:40Z
@oishun1112 I did at https://github.com/code-423n4/2022-01-insure-findings/issues/166
#1 - 0xean
2022-01-28T00:34:39Z
dupe of #166
#2 - oishun1112
2022-01-31T05:24:14Z
@taka0409 thank you for letting us know!
2.9784 INSURE - $1.04
1.5637 USDC - $1.56
defsec
!= 0 is a cheaper operation compared to > 0, when dealing with uint.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/IndexTemplate.sol#L172 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/IndexTemplate.sol#L166 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/IndexTemplate.sol#L172 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/IndexTemplate.sol#L246 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/IndexTemplate.sol#L231 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L218 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L263 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L321 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L391 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L437
Code Review
Use "!=0" instead of ">0" for the gas optimization.
#0 - oishun1112
2022-01-13T17:50:50Z
#1 - 0xean
2022-01-28T00:09:04Z
dupe of #236
2.4125 INSURE - $0.84
1.2666 USDC - $1.27
defsec
These checks are pretty much useless as uint can never be negative. Remove them to save some gas.
Example :
for( uint i; i<5;i++)
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Vault.sol#L109
None
Consider to replace uint=0 to uint.
#0 - oishun1112
2022-01-13T17:23:31Z
16.8132 INSURE - $5.88
8.8269 USDC - $8.83
defsec
(After) Solidity 0.8.0 Version has built-in overflow protection mechanism. However, the following contract is still using sub function.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L938
None
Delete redundant code.
#0 - oishun1112
2022-01-17T08:46:28Z
this _sub() returns zero when minuend is smaller than subtrahend
#1 - 0xean
2022-01-28T02:41:02Z
dupe of #38
π Selected for report: TomFrenchBlockchain
Also found by: defsec
28.022 INSURE - $9.81
14.7115 USDC - $14.71
defsec
Using newer compiler versions and the optimizer gives gas optimizations and additional safety checks are available for free.
The advantages of versions 0.8.* over <0.8.0 are:
"InsureDAOERC20 Contract" - Floating Pragma version 0.8.0 is used in the all contracts. (https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L3)
None
Consider to upgrade pragma to at least 0.8.4.
#0 - oishun1112
2022-01-13T14:53:51Z
defsec
Reading array length at each iteration of the loop takes 6 gas (3 for mload and 3 to place memory_offset) in the stack.
Caching the array length in the stack saves around 3 gas per iteration.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L176 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Factory.sol#L186 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/IndexTemplate.sol#L655 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L343 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L671 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L703
None
Consider to cache array length.
#0 - oishun1112
2022-01-13T11:33:22Z
6.1284 INSURE - $2.14
3.2174 USDC - $3.22
defsec
For the arithmetic operations that will never over/underflow, using the unchecked directive (Solidity v0.8 has default overflow/underflow checks) can save some gas from the unnecessary internal over/underflow checks.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L159 https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/InsureDAOERC20.sol#L220
None
Consider applying unchecked arithmetic where overflow/underflow is not possible.
#1 - oishun1112
2022-01-16T07:25:48Z
#2 - 0xean
2022-01-28T02:50:20Z
dupe of #66
π Selected for report: Dravee
Also found by: 0x1f8b, Jujic, TomFrenchBlockchain, csanuragjain, defsec, gzeon, loop, robee
2.9784 INSURE - $1.04
1.5637 USDC - $1.56
defsec
'immutable' greatly reduces gas costs. There are variables that do not change so they can be marked as immutable to greatly improve the gast costs.
Code Review
Mark variables as immutable.
#0 - oishun1112
2022-01-17T08:42:59Z
#1 - 0xean
2022-01-28T03:11:20Z
dupe of #72
8.1712 INSURE - $2.86
4.2899 USDC - $4.29
defsec
There is a function declared as public that are never called internally within the contract. It is best practice to mark such functions as external instead, as this saves gas (especially in the case where the function takes arguments, as external functions can read arguments directly from calldata instead of having to allocate memory).
+ InsureDAOERC20 (Context, IERC20, IERC20Metadata) - [Pub] name - [Pub] symbol - [Pub] decimals - [Pub] totalSupply - [Pub] balanceOf - [Pub] transfer # - [Pub] allowance - [Pub] approve # - [Pub] transferFrom # - [Pub] increaseAllowance # - [Pub] decreaseAllowance # + Parameters (IParameters) - [Pub] getOwner + PoolTemplate (InsureDAOERC20, IPoolTemplate, IUniversalMarket) - [Pub] deposit # - [Pub] unlock # - [Pub] getPremium - [Pub] valueOfUnderlying - [Ext] pendingPremium - [Pub] worth - [Pub] allocatedCredit - [Pub] availableBalance - [Pub] utilizationRate - [Pub] totalLiquidity - [Pub] originalLiquidity + Vault (IVault) - [Pub] underlyingValue - [Pub] valueAll - [Pub] available - [Pub] getPricePerFullShare - [Pub] setController # - modifiers: onlyOwner
Code Review
All of the public functions in the contract are not called internally, so access can be changed to external to reduce gas.
#0 - oishun1112
2022-01-13T05:36:42Z
2.9784 INSURE - $1.04
1.5637 USDC - $1.56
defsec
++i is more gas efficient than i++ in loops forwarding.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/Vault.sol#L109
Code Review
It is recommend to use unchecked{++i} and change i declaration to uint256.
#0 - oishun1112
2022-01-13T14:50:37Z
π Selected for report: defsec
Also found by: sirhashalot
170.9781 INSURE - $59.84
103.8081 USDC - $103.81
defsec
On the InsureDAOERC20, transferFrom function is vulnerable on the re-entrancy.
function transferFrom( address sender, address recipient, uint256 amount ) public virtual override returns (bool) { _transfer(sender, recipient, amount); uint256 currentAllowance = _allowances[sender][_msgSender()]; require( currentAllowance >= amount, "ERC20: transfer amount exceeds allowance" ); _approve(sender, _msgSender(), currentAllowance - amount); return true; }
Code Review
Follow check effect interaction pattern. Consider to use openzeppelin erc20 contract. The sample transferFrom function can be seen from below.
function transferFrom( address sender, address recipient, uint256 amount ) public virtual override returns (bool) { uint256 currentAllowance = _allowances[sender][_msgSender()]; if (currentAllowance != type(uint256).max) { require(currentAllowance >= amount, "ERC20: transfer amount exceeds allowance"); unchecked { _approve(sender, _msgSender(), currentAllowance - amount); } } _transfer(sender, recipient, amount); return true; }
#0 - 0xkenta
2022-01-31T13:42:07Z
@oishun1112
How about unchecked{} ? Should I add it ?
#1 - 0xkenta
2022-01-31T13:45:47Z
π Selected for report: 0xngndev
Also found by: Dravee, Jujic, Meta0xNull, defsec, p4st13r4, robee, sirhashalot, tqts
2.9784 INSURE - $1.04
1.5637 USDC - $1.56
defsec
Shortening revert strings to fit in 32 bytes will decrease deploy time gas and will decrease runtime gas when the revert condition has been met.
Revert strings that are longer than 32 bytes require at least one additional mstore, along with additional overhead for computing memory offset, etc.
Revert strings > 32 bytes are here:
Manual Review
Shorten the revert strings to fit in 32 bytes. That will affect gas optimization.
#0 - oishun1112
2022-01-14T05:44:28Z