Platform: Code4rena
Start Date: 06/03/2023
Pot Size: $36,500 USDC
Total HM: 8
Participants: 93
Period: 3 days
Judge: cccz
Total Solo HM: 3
Id: 218
League: ETH
Rank: 56/93
Findings: 1
Award: $21.70
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: adriro
Also found by: 0x1f8b, 0xAgro, 0xSmartContract, 0xfuje, 0xkazim, 0xnev, Aymen0909, Bason, Cyfrin, DadeKuma, LethL, Madalad, MohammedRizwan, Rolezn, SAAJ, SunSec, Udsen, Yukti_Chinta, ast3ros, bin2chen, brgltd, bshramin, btk, bugradar, catellatech, cryptostellar5, descharre, dontonka, erictee, fatherOfBlocks, georgits, glcanvas, hl_, horsefacts, igingu, juancito, lukris02, martin, nadin, nomoi, peanuts, pipoca, sakshamguruji, seeu, slvDev, tnevler, zaskoh
21.7018 USDC - $21.70
While floating pragmas make sense for libraries to allow them to be included with multiple different versions of applications, it may be a security risk for application implementations.
A known vulnerable compiler version may accidentally be selected or security tools might fall-back to an older compiler version ending up checking a different EVM compilation that is ultimately deployed on the blockchain.
It is recommended to pin to a concrete compiler version.
./VRFv2RNSource.sol:L3 pragma solidity ^0.8.7; ./staking/StakedTokenLock.sol:L3 pragma solidity ^0.8.17; ./interfaces/IVRFv2RNSource.sol:L3 pragma solidity ^0.8.7;
_safemint() should be used rather than _mint() wherever possible_mint() is discouraged in favor of _safeMint() which ensures that the recipient is either an EOA or implements IERC721Receiver. Both OpenZeppelin and solmate have versions of this function
./Ticket.sol:L26 _mint(to, ticketId);
require() should be used instead of assert()Prior to solidity version 0.8.0, hitting an assert consumes the remainder of the transaction’s available gas rather than returning it, as require()/revert() do. assert() should be avoided even past solidity version 0.8.0 as its documentation states that “The assert function creates an error of type Panic(uint256). … Properly functioning code should never create a Panic, not even on invalid external input. If this happens, then there is a bug in your contract which you should fix”.
./LotterySetup.sol:L147 assert(initialPot > 0); ./TicketUtils.sol:L99 assert((winTier <= selectionSize) && (intersection == uint256(0)));
/// @dev Registers the ticket in the system. To be called when user is buying the ticket. /// @param drawId Draw identifier ticket is bought for. /// @param ticket Combination packed as uint120. function registerTicket( uint128 drawId, uint120 ticket, address frontend, address referrer )
Missing @param frontend & @param referrer.
The function _beforeTokenTransfer is not used anywhere in the contract and should be removed.
function _beforeTokenTransfer(address from, address to, uint256) internal override { if (from != address(0)) { _updateReward(from); } if (to != address(0)) { _updateReward(to); } }
#0 - thereksfour
2023-03-12T11:55:31Z
1 L 2INFO 3 NC
#1 - c4-judge
2023-03-12T11:55:35Z
thereksfour marked the issue as grade-b
#2 - 0xluckydev
2023-03-14T11:24:42Z
Low. Disputed _safemint
#3 - c4-sponsor
2023-03-14T11:24:46Z
0xluckydev marked the issue as sponsor confirmed