Canto contest - defsec's results

Lines of code

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/CNote.sol#L31

Vulnerability details

Impact

CNote is vulnerable to re-entrancy because it doesn't implement CEI (check-effect-interaction) pattern for borrow functionality. borrowFresh() and redeemFresh() function are vulnerable to re-entrancy attack.

BorrowFresh/RedeemFresh is vulnerable to re-entrancy attack. (https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/CNote.sol#L31)

As an example You decided to support ERC777 Token. On the cream finance hack, you can clearly see an attack vector. You don't need deploy malicious token. You just deploy ERC777 token.

On the CreamFinance hack, The AMP token contract implements ERC777, which has the _callPostTransferHooks hook that triggers tokensReceived() function that was implemented by the recipient. The reentrancy opportunity related to ERC-777-style transfer hooks allowed the exploiter to nest a second borrow() function inside the token transfer() before the initial borrow() was updated.

Impact of the vulnerability right now is 0 if there aren't any ERC777 (or any other ERC20 that does the callback) added to the protocol. But in the future it may be possible that such token could be added. Cream finance was hacked same way Cream finance was exploited using the same vulnerability when they integrated AMP ERC777 token (https://medium.com/cream-finance/c-r-e-a-m-finance-post-mortem-amp-exploit-6ceb20a630c5)

Proof of Concept

The following steps can be seen from the PoC.

1. Borrow BadToken for CToken from CBadToken.
2. During the transfer of bad tokens to the borrower, we do a callback to the malicious contract. In the malicious contract we transfer badtokens we just got to the second contract.
3. We do the same with the remaining CToken. In the second malicious contract we redeem Token and mint CBadToken for the BadTokens in step 2. We borrow Ctoken for CBadTokens.
4. Due to lack of checks-effects-interaction pattern, totalBorrows is updated after the hack is completed. totalBorrows is used in - exchangeRateStoredInternal for calculating the exchange rate which is used for calculating the redeemAmount.

Additional Info :

How did the CREAM attack work?

As we already saw, the order of the CREAM borrow function was vulnerable to reentrancy. Furthermore, a coin that allowed an attackerto execute code during a transfer was added to the list of tokens supported by CREAM.

However, the CREAM lending pool contracts did have reentrancy locks on their contract functions. How did the contracts get hacked when they had protection here?

The CREAM lending system is made up of multiple contracts with one "CToken" pool contract for each asset supported. So CREAM has a lending contract for ETH, as it does for USDC, as it does for AMP, etc. Each one of these individual lending contracts has its own separate lock for protecting that individual contract against reentrancy.

However, the system as a whole is not protected because an attacker could be inside different lending pool contracts simultaneously.

In each round of this attack, the attacker put up one and a half million dollars of collateral, then borrowed AMP. During the borrow function for in the AMP pool contract, the AMP coin called the attackers code, allowing the attacker to start a second borrow of ETH. Because the AMP borrow had not written any record of the AMP borrow to storage yet, when the ETH borrow in the ETH pool contract checked with all pool contracts to see how much the attacker had already borrowed, it saw that the attacker had no debts and lots of collateral, and thus allowed a duplicate ETH borrow.

Tools Used

Code Review

Recommended Mitigation Steps

Follow Check Effect Interaction Pattern

/////////////////////////
      // EFFECTS & INTERACTIONS
      // (No safe failures beyond this point)

      /* We write the previously calculated values into storage */
      accountBorrows[borrower].principal = vars.accountBorrowsNew;
      accountBorrows[borrower].interestIndex = borrowIndex;
      totalBorrows = vars.totalBorrowsNew;

      /*
       * We invoke doTransferOut for the borrower and the borrowAmount.
       *  Note: The pToken must handle variations between ERC-20 and ETH underlying.
       *  On success, the pToken borrowAmount less of cash.
       *  doTransferOut reverts if anything goes wrong, since we can't be sure if side effects occurred.
       */
      doTransferOut(borrower, borrowAmount);

Reference : https://twitter.com/CreamdotFinance/status/1432249771750686721

https://github.com/OriginProtocol/security/blob/master/incidents/2021-08-31-Cream.md

ISSUE LIST

C4-001: Missing events for only functions that change critical parameters - Non Critical

C4-002 : Critical changes should use two-step procedure - Non Critical

C4-003 : Pragma Version - Non Critical

C4-004 : Missing zero-address check in the setter functions and initiliazers - Low

C4-005 : Bump OZ packages to ^4.5.0. - Non critical

ISSUES

C4-001 : Missing events for only functions that change critical parameters

Impact - Non critical

The afunctions that change critical parameters should emit events. Events allow capturing the changed parameters so that off-chain tools/interfaces can register such changes with timelocks that allow users to evaluate them and consider if they would like to engage/exit based on how they perceive the changes as affecting the trustworthiness of the protocol or profitability of the implemented financial services. The alternative of directly querying on-chain contract state for such changes is not considered practical for most users/usages.

Missing events and timelocks do not promote transparency and if such changes immediately affect users’ perception of fairness or trustworthiness, they could exit the protocol causing a reduction in liquidity which could negatively impact protocol TVL and reputation.

Proof of Concept

1. Navigate to the following contract.

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L497

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L507

See similar High-severity H03 finding OpenZeppelin’s Audit of Audius (https://blog.openzeppelin.com/audius-contracts-audit/#high) and Medium-severity M01 finding OpenZeppelin’s Audit of UMA Phase 4 (https://blog.openzeppelin.com/uma-audit-phase-4/)

Tools Used

None

Recommended Mitigation Steps

Add events to all functions that change critical parameters.

C4-002 : Critical changes should use two-step procedure

Impact - NON CRITICAL

The critical procedures should be two step process.

Proof of Concept

1. Navigate to the following contract.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L826

Tools Used

Code Review

Recommended Mitigation Steps

Lack of two-step procedure for critical operations leaves them error-prone. Consider adding two step procedure on the critical functions.

C4-003 : # Pragma Version

Impact

In the contracts, floating pragmas should not be used. Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.

## Proof of Concept

https://swcregistry.io/docs/SWC-103

All Contracts

Tools Used

Manual code review

Recommended Mitigation Steps

Lock the pragma version: delete pragma solidity 0.8.10 in favor of pragma solidity 0.8.10.

C4-004 : # Missing zero-address check in the setter functions and initiliazers

Impact

Missing checks for zero-addresses may lead to infunctional protocol, if the variable addresses are updated incorrectly.

Proof of Concept

1. Navigate to the following contracts.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/NoteInterest.sol#L73

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoDelegate.sol#L24

Tools Used

Code Review

Recommended Mitigation Steps

Consider adding zero-address checks in the discussed constructors: require(newAddr != address(0));.

C4-005: Bump OZ packages to ^4.5.0.

Impact - NON CRITICAL

Line Reference

Description

I can verify that the installed version is 4.2.0 by executing the following commands:

yarn install
yarn list @openzeppelin/contracts

Recommended Mitigation Steps

Update the versions of @openzeppelin/contracts and @openzeppelin/contracts-upgradeable to be the latest in package.json. I also recommend double checking the versions of other dependencies as a precaution, as they may include important bug fixes.

[S]: Suggested optimation, save a decent amount of gas without compromising readability;

[M]: Minor optimation, the amount of gas saved is minor, change when you see fit;

[N]: Non-preferred, the amount of gas saved is at cost of readability, only apply when gas saving is a top priority.

ISSUE LIST

C4-001: Revert String Size Optimization [S]

C4-002 : Adding unchecked directive can save gas [S]

C4-003 : Check if amount > 0 before token transfer can save gas [S]

C4-004 : There is no need to assign default values to variables [S]

C4-005 : Using operator && used more gas [S]

C4-006 : Non-strict inequalities are cheaper than strict ones [M]

C4-007 : Use Custom Errors instead of Revert Strings to save Gas [S]

C4-008 : Use Shift Right/Left instead of Division/Multiplication if possible [S]

C4-009 : Cache array length in for loops can save gas [S]

C4-010 : State Variables that can be changed to immutable [S]

C4-011 : Use calldata instead of memory for function parameters [M]

C4-012 : ++i is more gas efficient than i++ in loops forwarding

C4-013 : > 0 can be replaced with != 0 for gas optimization

C4-014 : Keccak functions in constants waste gas [M]

C4-001: Revert String Size Optimization

Impact

Shortening revert strings to fit in 32 bytes will decrease deploy time gas and will decrease runtime gas when the revert condition has been met.

Revert strings that are longer than 32 bytes require at least one additional mstore, along with additional overhead for computing memory offset, etc.

Proof of Concept

Revert strings > 32 bytes are here:

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/WETH.sol#L29

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoDelegate.sol#L45

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoDelegate.sol#L164

Tools Used

Manual Review

Recommended Mitigation Steps

Shorten the revert strings to fit in 32 bytes. That will affect gas optimization.

C4-002 : Adding unchecked directive can save gas

Impact

For the arithmetic operations that will never over/underflow, using the unchecked directive (Solidity v0.8 has default overflow/underflow checks) can save some gas from the unnecessary internal over/underflow checks.

Proof of Concept

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1347

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L126

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L735

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L959

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1106

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L207

Tools Used

None

Recommended Mitigation Steps

Consider applying unchecked arithmetic where overflow/underflow is not possible. Example can be seen from below.

Unchecked{i++};

C4-003 : Check if amount > 0 before token transfer can save gas

Impact

Since _amount can be 0. Checking if (_amount != 0) before the transfer can potentially save an external call and the unnecessary gas cost of a 0 token transfer.

Proof of Concept

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L319

All Contracts

Tools Used

None

Recommended Mitigation Steps

Consider checking amount != 0.

C4-004 : There is no need to assign default values to variables

Impact - Gas Optimization

Boolean is default initialized to false. There is no need assign false to variable.

Proof of Concept

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1347

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L126

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L735

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L959

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1106

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L207

Tools Used

Code Review

Recommended Mitigation Steps

bool x = false costs more gas than bool x without having any different functionality.

C4-005 : Using operator && used more gas

Impact

Using double require instead of operator && can save more gas.

Proof of Concept

1. Navigate to the following contracts.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1411

Tools Used

Code Review

Recommended Mitigation Steps

Example

using &&:

function check(uint x)public view{
require(x == 0 && x < 1 );
}
// gas cost 21630

using double require:

require(x == 0 );
require( x < 1);
}
}
// gas cost 21622

C4-006 : Non-strict inequalities are cheaper than strict ones

Impact

Strict inequalities add a check of non equality which costs around 3 gas.

Proof of Concept

  contracts/contracts/core/connext/facets/BridgeFacet.sol::293 => if (_args.params.callback == address(0) && _args.params.callbackFee > 0) {
  contracts/contracts/core/connext/facets/BridgeFacet.sol::499 => if (_amount > 0) {
  contracts/contracts/core/connext/facets/BridgeFacet.sol::665 => if (pathLength > 0) // make sure routers are all approved if needed
  contracts/contracts/core/connext/facets/ProposedOwnableFacet.sol::240 => // NOTE: no need to check if _proposedOwnershipTimestamp > 0 because
  contracts/contracts/core/connext/facets/StableSwapFacet.sol::416 => if (i > 0) {
  contracts/contracts/core/connext/helpers/ConnextPriceOracle.sol::150 => require(baseTokenPrice > 0, "invalid base token");
  contracts/contracts/core/connext/helpers/ProposedOwnableUpgradeable.sol::276 => // NOTE: no need to check if _proposedOwnershipTimestamp > 0 because
  contracts/contracts/core/connext/helpers/SponsorVault.sol::217 => if (sponsoredFee > 0) {
  contracts/contracts/core/connext/helpers/StableSwap.sol::82 => if (i > 0) {
  contracts/contracts/core/connext/libraries/AmplificationUtils.sol::86 => require(futureA_ > 0 && futureA_ < MAX_A, "futureA_ must be > 0 and < MAX_A");
  contracts/contracts/core/connext/libraries/LibDiamond.sol::121 => require(_functionSelectors.length > 0, "LibDiamondCut: No selectors in facet to cut");
  contracts/contracts/core/connext/libraries/LibDiamond.sol::139 => require(_functionSelectors.length > 0, "LibDiamondCut: No selectors in facet to cut");
  contracts/contracts/core/connext/libraries/LibDiamond.sol::158 => require(_functionSelectors.length > 0, "LibDiamondCut: No selectors in facet to cut");
  contracts/contracts/core/connext/libraries/LibDiamond.sol::226 => require(_calldata.length > 0, "LibDiamondCut: _calldata is empty but _init is not address(0)");
  contracts/contracts/core/connext/libraries/LibDiamond.sol::232 => if (error.length > 0) {
  contracts/contracts/core/connext/libraries/LibDiamond.sol::247 => require(contractSize > 0, _errorMessage);
  contracts/contracts/core/connext/libraries/SwapUtils.sol::369 => if (supply > 0) {
  contracts/contracts/core/connext/libraries/SwapUtils.sol::670 => if (dyAdminFee > 0) {
  contracts/contracts/core/connext/libraries/SwapUtils.sol::711 => if (dxAdminFee > 0) {
  contracts/contracts/core/connext/libraries/SwapUtils.sol::765 => if (dyAdminFee > 0) {
  contracts/contracts/core/connext/libraries/SwapUtils.sol::799 => if (dxAdminFee > 0) {
  contracts/contracts/core/connext/libraries/SwapUtils.sol::845 => require(v.totalSupply != 0 || amounts[i] > 0, "Must supply all tokens in pool");
  contracts/contracts/core/connext/libraries/SwapUtils.sol::965 => if (adminFee > 0) {

Tools Used

Code Review

Recommended Mitigation Steps

Use >= or <= instead of > and < when possible.

C4-007 : Use Custom Errors instead of Revert Strings to save Gas

Custom errors from Solidity 0.8.4 are cheaper than revert strings (cheaper deployment cost and runtime cost when the revert condition is met)

Source Custom Errors in Solidity:

Starting from Solidity v0.8.4, there is a convenient and gas-efficient way to explain to users why an operation failed through the use of custom errors. Until now, you could already use strings to give more information about failures (e.g., revert("Insufficient funds.");), but they are rather expensive, especially when it comes to deploy cost, and it is difficult to use dynamic information in them.

Custom errors are defined using the error statement, which can be used inside and outside of contracts (including interfaces and libraries).

Instances include:

All require Statements

Tools Used

Code Review

Recommended Mitigation Steps

Recommended to replace revert strings with custom errors.

C4-008 : Use Shift Right/Left instead of Division/Multiplication if possible

Impact

A division/multiplication by any number x being a power of 2 can be calculated by shifting log2(x) to the right/left.

While the DIV opcode uses 5 gas, the SHR opcode only uses 3 gas. Furthermore, Solidity's division operation also includes a division-by-0 prevention which is bypassed using shifting.

Proof of Concept

Contracts

Tools Used

None

Recommended Mitigation Steps

A division/multiplication by any number x being a power of 2 can be calculated by shifting log2(x) to the right/left.

C4-009 : Cache array length in for loops can save gas

Impact

Reading array length at each iteration of the loop takes 6 gas (3 for mload and 3 to place memory_offset) in the stack.

Caching the array length in the stack saves around 3 gas per iteration.

Proof of Concept

1. Navigate to the following smart contract line.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1347

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L126

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L735

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L959

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1106

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L207

Tools Used

None

Recommended Mitigation Steps

Consider to cache array length.

C4-010 : State Variables that can be changed to immutable

Impact

Solidity 0.6.5 introduced immutable as a major feature. It allows setting contract-level variables at construction time which gets stored in code rather than storage.

Consider the following generic example:

contract C {
 /// The owner is set during contruction time, and never changed afterwards.
 address public owner = msg.sender;
}

In the above example, each call to the function owner() reads from storage, using a sload. After EIP-2929, this costs 2100 gas cold or 100 gas warm. However, the following snippet is more gas efficient:

contract C {
 /// The owner is set during contruction time, and never changed afterwards.
 address public immutable owner = msg.sender;
}

In the above example, each storage read of the owner state variable is replaced by the instruction push32 value, where value is set during contract construction time. Unlike the last example, this costs only 3 gas.

Code Location

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/NoteInterest.sol#L22

Tools Used

None

Recommended Mitigation Steps

Consider using immutable variable.

C4-011 : Use calldata instead of memory for function parameters

Impact

In some cases, having function arguments in calldata instead of memory is more optimal.

Consider the following generic example:

contract C {
 function add(uint[] memory arr) external returns (uint sum) {
     uint length = arr.length;
     for (uint i = 0; i < arr.length; i++) {
         sum += arr[i];
     }
 }
}

In the above example, the dynamic array arr has the storage location memory. When the function gets called externally, the array values are kept in calldata and copied to memory during ABI decoding (using the opcode calldataload and mstore). And during the for loop, arr[i] accesses the value in memory using a mload. However, for the above example this is inefficient. Consider the following snippet instead:

contract C {
 function add(uint[] calldata arr) external returns (uint sum) {
     uint length = arr.length;
     for (uint i = 0; i < arr.length; i++) {
         sum += arr[i];
     }
 }
}

In the above snippet, instead of going via memory, the value is directly read from calldata using calldataload. That is, there are no intermediate memory operations that carries this value.

Gas savings: In the former example, the ABI decoding begins with copying value from calldata to memory in a for loop. Each iteration would cost at least 60 gas. In the latter example, this can be completely avoided. This will also reduce the number of instructions and therefore reduces the deploy time cost of the contract.

In short, use calldata instead of memory if the function argument is only read.

Note that in older Solidity versions, changing some function arguments from memory to calldata may cause "unimplemented feature error". This can be avoided by using a newer (0.8.*) Solidity compiler.

Proof of Concept

1. Navigate to the following smart contract line.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L122

Tools Used

None

Recommended Mitigation Steps

Some parameters in examples given above are later hashed. It may be beneficial for those parameters to be in memory rather than calldata.

C4-012 : ++i is more gas efficient than i++ in loops forwarding

Impact

++i is more gas efficient than i++ in loops forwarding.

Proof of Concept

1. Navigate to the following contracts.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1347

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L126

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L735

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L959

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1106

https://github.com/Plex-Engineer/stableswap/blob/489d010eb99a0885139b2d5ed5a2d826838cc5f9/contracts/BaseV1-core.sol#L207

Tools Used

Code Review

Recommended Mitigation Steps

It is recommend to use unchecked{++i} and change i declaration to uint256.

C4-013 : > 0 can be replaced with != 0 for gas optimization

Impact

!= 0 is a cheaper operation compared to > 0, when dealing with uint.

Proof of Concept

1. Navigate to the following contract sections.

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1215

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1221

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1311

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Comptroller.sol#L1379

Tools Used

None

Recommended Mitigation Steps

Consider to replace > 0 with != 0 for gas optimization.

C4-014 : Keccak functions in constants waste gas

Impact

The contracts assigns two constants to the result of a keccak operation, which results in gas waste since the expression is computed each time the constant is accessed.

See this issue for more context: ethereum/solidity#9232 (https://github.com/ethereum/solidity/issues/9232)

Proof of Concept

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoDelegate.sol#L15

https://github.com/Plex-Engineer/lending-market/blob/755424c1f9ab3f9f0408443e6606f94e4f08a990/contracts/Governance/GovernorBravoDelegate.sol#L18

Tools Used

None

Recommended Mitigation Steps

Replace the constant directive with immutable, or assign the already hashed value to the constants.