Platform: Code4rena
Start Date: 21/06/2022
Pot Size: $55,000 USDC
Total HM: 29
Participants: 88
Period: 5 days
Judge: gzeon
Total Solo HM: 7
Id: 134
League: ETH
Rank: 53/88
Findings: 2
Award: $127.02
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: defsec
Also found by: 0x1f8b, 0x29A, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 0xkowloon, 0xmint, Bnke0x0, BowTiedWardens, Chom, ElKu, Funen, GalloDaSballo, GimelSec, IllIllI, JC, Kenshin, Kulk0, Lambda, Limbooo, MadWookie, Metatron, Picodes, Soosh, StErMi, TomJ, WatchPug, Waze, Yiko, _Adam, ak1, asutorufos, aysha, bardamu, catchup, datapunk, delfin454000, dipp, fatherOfBlocks, grGred, hake, hansfriese, hyh, joestakey, kebabsec, kenzo, kirk-baird, oyc_109, pashov, poirots, rfa, robee, saian, sashik_eth, shenwilly, simon135, slywaters, z3s, zeesaw, zer0dot
63.9425 USDC - $63.94
marketplace/MarketPlace.sol: L11
/// @notice This contract is in charge of managing the avaialable principals for each loan market.
Change avaialable to avaialable
marketplace/MarketPlace.sol: L34
/// @notice The principal tokens those addresses represent correspond to their Principals enum value, thus the array should be ordered in that way
Change those addresses represent to whose addresses
marketplace/MarketPlace.sol: L50
/// @notice intializes the MarketPlace contract
Change intializes to initializes
import './MarketPlace.sol'; // library of market place specific constructs
Change market place to marketplace
// max is the maximum integer value for a 256 unsighed integer
Change unsighed to unsigned
The same typo (gauruntee) occurs in both lines referenced below:
lender/Lender.sol: L500
lender/Lender.sol: L504
Example:
if (token.underlying() != u) { // gauruntee the input token is the right token
Change gauruntee to guarantee in both cases
// send the remaing amount to the given yield pool
Change remaing to remaining
/// @return uint256 The total for for the given amount
Remove the repeated word for
The same typo (prinicipal) occurs in both lines referenced below:
redeemer/Redeemer.sol: L125
redeemer/Redeemer.sol: L189
Example:
// Burn the prinicipal token from Illuminate
Change prinicipal to principal in both cases
/// @param d Sense contract that splits the loan's prinicpal and yield
Change prinicpal to principal
/// @param a amount of the underlying asset to be burned and sent to the to
Replaceto the to with to the t address
Such comments should be addressed and modified or removed
// Potentially add redundant implied maturity calculation
🌟 Selected for report: BowTiedWardens
Also found by: 0v3rf10w, 0x1f8b, 0x29A, 0xKitsune, 0xNazgul, 0xf15ers, 0xkatana, 0xkowloon, Bnke0x0, ElKu, Fitraldys, Funen, GalloDaSballo, IllIllI, JC, Kaiziron, Lambda, MadWookie, Noah3o6, Nyamcil, RoiEvenHaim, TomJ, Tomio, UnusualTurtle, Waze, _Adam, ajtra, asutorufos, bardamu, c3phas, catchup, datapunk, defsec, delfin454000, fatherOfBlocks, grGred, hake, hansfriese, hyh, ignacio, joestakey, kebabsec, ladboy233, oyc_109, pashov, poirots, rfa, robee, sach1r0, samruna, sashik_eth, simon135, slywaters, z3s, zer0dot
63.0781 USDC - $63.08
Initializing uint variables to their default value of 0 is unnecessary and costs gas
for (uint256 i = 0; i < o.length; ) {
Recommendation: Change uint256 i = 0; to uint256 i;
for loopSince calculating the array length costs gas, it's best to read the length of the array from memory before executing the loop
for (uint256 i = 0; i < o.length; ) {
Recommendation:
uint256 totalO = o.length; for (uint256 i; i < totalO; ++i) {
i++ to increase count in a for loopSince use of i++ (or equivalent counter) cost more gas, it is better to use ++i
Recommendation: Use ++i instead of i++ in the three for loops referenced below:
lender/Lender.sol: L87-97
lender/Lender.sol: L114-122
lender/Lender.sol: L265-291
uints or ints smaller than 32 bytesStorage of uints or ints smaller than 32 bytes incurs overhead. Instead, use size of at least 32, then downcast where needed
Recommendation: Increase size of the loop counter i from uint8 to at least uint32 in the following for loop:
Recommendation: Increase size of p (which is initiated as uint8 in multiple lines throughout), to at least uint32. Below are representative examples where p is used as a parameter in mint, lend and redeem functions, respectively:
lender/Lender.sol: L168
lender/Lender.sol: L193
redeemer/Redeemer.sol: L108