Platform: Code4rena
Start Date: 15/06/2022
Pot Size: $35,000 USDC
Total HM: 1
Participants: 36
Period: 3 days
Judge: Jack the Pug
Total Solo HM: 1
Id: 137
League: ETH
Rank: 13/36
Findings: 2
Award: $118.01
π Selected for report: 0
π Solo Findings: 0
π Selected for report: 0xNazgul
Also found by: 0xDjango, 0xFar5eer, 0xf15ers, BowTiedWardens, Chom, Dravee, IllIllI, Meera, MiloTruck, PierrickGT, TerrierLover, _Adam, cccz, codexploder, cryptphi, delfin454000, fatherOfBlocks, hansfriese, joestakey, oyc_109, simon135
81.8216 USDC - $81.82
Withdrawer.sol
BeefyVaultStorage.sol
StakingLPVaultHelpers.sol
#0 - obatirou
2022-06-22T15:53:13Z
Disagree, we want to withdraw from the WETH contract, and a lot of withdraw functions need an approval.
#1 - obatirou
2022-06-27T08:30:17Z
Duplicate https://github.com/code-423n4/2022-06-nested-findings/issues/40#issuecomment-1167044373
Duplicate https://github.com/code-423n4/2022-06-nested-findings/issues/40#issuecomment-1167044373
π Selected for report: IllIllI
Also found by: 0x1f8b, 0xKitsune, 0xNazgul, 0xkatana, Chom, ElKu, JC, Meera, MiloTruck, Picodes, PierrickGT, SooYa, TerrierLover, UnusualTurtle, Waze, _Adam, asutorufos, c3phas, delfin454000, fatherOfBlocks, joestakey, minhquanym, oyc_109, robee, sach1r0, simon135
36.189 USDC - $36.19
Nested Factory.sol
L66/99/107/122/125/153/160/161/168/169/191/250/251/252/286/288/289/312/313/330/331/359/379/406/407 /428/469/495/543/544/551/612/656 - It uses require but using Errors in solidity can reduce the deployment gas cost.
L98/106 - Modifiers generate a lot of gas cost, which can be modified by a private view function.
L124/136/196/256/315/333/369/412/651 - It is not necessary to initialize variables to their default value, this generates an extra gas cost (-2246 gas cost/ within a cycle for -19500 gas cost).
L124/136/196/256/315/333/369/412/651 - use a for loop with i++ instead of ++i unchecked = (in 10 iterations -21,136, in 100 iterations -32,656 gas).
L124/651- Instead of traversing an array and obtaining its length, directly obtain the length in a variable in memory and use it within the for loop.
L138 - Instead of doing a "variable - 1" or "variable + 1" operation, it is less expensive to do: ++variable or --variable.
OperatorResolver.sol
L27/39/57- It uses require but using Errors in solidity can reduce the deployment gas cost.
L40/60/75 - use a for loop with i++ instead of ++i unchecked = (in 10 iterations -21,136, in 100 iterations -32,656 gas).
L40/60/75 - It is not necessary to initialize variables to their default value, this generates an extra gas expense (-2246 gas cost/ within a cycle for -19500 gas cost).
L57/60/75 - If a local variable is generated, instead of using the length of an array inside the for, less gas is generated.
MixinOperatorResolver.sol
L23/77 - It uses require but using Errors in solidity can reduce the deployment gas cost.
L37/56 - use a for loop with i++ instead of ++i unchecked = (in 10 iterations -21,136, in 100 iterations -32,656 gas).
L37/56 - It is not necessary to initialize variables to their default value, this generates an extra gas expense (-2246 gas cost/ within a cycle for -19500 gas cost).
L37/56 - If a local variable is generated, instead of using the length of an array inside the for, less gas is generated.
OwnableProxyDelegation.sol
L25/26/27/41/57 - It uses require but using Errors in solidity can reduce the deployment gas cost.
L40 - Instead of using a modifier, a private view function could be used and it would not generate gas costs.
BeefyVaultOperator.sol
L18 - use a for loop with i++ instead of ++i unchecked = (in 10 iterations -21,136, in 100 iterations -32,656 gas).
L52/53/93/94 - These operations can be unchecked since it is not possible to generate an underflow.
BeefyZapBiswapLPVaultOperator.sol
L23/52/54/64/65/97/99/108/109/142/187/198/271/272 - It uses require but using Errors in solidity can reduce the deployment gas cost.
L27 - use a for loop with i++ instead of ++i unchecked = (in 10 iterations -21,136, in 100 iterations -32,656 gas).
L106/107 - These operations can be unchecked since it is not possible to generate an underflow.
StakingLPVaultHelpers.sol
#0 - Yashiru
2022-06-24T08:48:26Z
This optimizes the deployment costs but reduces the readability of the code. We prefer to keep good readability even if we have to pay more for the deployment.
This optimizes the deployment costs but reduces the readability of the code. We prefer to keep good readability even if we have to pay more for the deployment.
#1 - maximebrugel
2022-06-24T13:13:27Z
We canβt guarantee that the balance after is more/equal than before or the other way around (with an exotic token).
#2 - maximebrugel
2022-06-24T14:27:06Z
#6 (see comment)
#3 - Yashiru
2022-06-24T15:46:02Z
Duplicated of #2 at For loop optimizaion
Duplicated of #2 at For loop optimizaion