Back to fatherOfBlocks's contests

FIAT DAO veFDT contest - fatherOfBlocks's results

Unlock liquidity for your DeFi fixed income assets.

General Information

Platform: Code4rena

Start Date: 12/08/2022

Pot Size: $35,000 USDC

Total HM: 10

Participants: 126

Period: 3 days

Judge: Justin Goro

Total Solo HM: 3

Id: 154

League: ETH

FIAT DAO

Findings Distribution

Researcher Performance

Rank: 72/126

Findings: 2

Award: $44.84

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryFIAT DAO

Findings Information

🌟 Selected for report: oyc_109

Also found by: 0x1f8b, 0x52, 0xDjango, 0xLovesleep, 0xNazgul, 0xNineDec, 0xbepresent, 0xmatt, 0xsolstars, Aymen0909, Bahurum, Bnke0x0, CertoraInc, Chom, CodingNameKiki, DecorativePineapple, Deivitto, Dravee, ElKu, Funen, GalloDaSballo, IllIllI, JC, JohnSmith, Junnon, KIntern_NA, Lambda, LeoS, MiloTruck, Noah3o6, PaludoX0, RedOneN, Respx, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, Ruhum, Sm4rty, TomJ, Vexjon, Waze, Yiko, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, auditor0517, bin2chen, bobirichman, brgltd, bulej93, byndooa, c3phas, cRat1st0s, cryptphi, csanuragjain, d3e4, defsec, delfin454000, djxploit, durianSausage, ellahi, erictee, exd0tpy, fatherOfBlocks, gogo, jonatascm, ladboy233, medikko, mics, natzuu, neumo, p_crypt0, paribus, pfapostol, rbserver, reassor, ret2basic, robee, rokinot, rvierdiiev, sach1r0, saneryee, seyni, sikorico, simon135, sseefried, wagmi, wastewa

Awards

29.8918 USDC - $29.89

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue

Blocklist

  • L14 - In the constructor it is not validated that manager and ve are different than zero, this could generate problems, since not having a setter, the contract should be redeployed in the event of an error in the deploy.

IERC20

  • L10 - The name of the interface is IERC20, but it does not comply with the standard, therefore, in order not to generate confusion, the name should be changed.

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x040, 0x1f8b, 0xDjango, 0xHarry, 0xLovesleep, 0xNazgul, 0xNineDec, 0xSmartContract, 0xackermann, 0xbepresent, 2997ms, Amithuddar, Aymen0909, Bnke0x0, CRYP70, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, Fitraldys, Funen, GalloDaSballo, JC, JohnSmith, Junnon, LeoS, Metatron, MiloTruck, Noah3o6, NoamYakov, PaludoX0, RedOneN, Respx, ReyAdmirado, Rohan16, Rolezn, Ruhum, Sm4rty, SooYa, SpaceCake, TomJ, Tomio, Waze, Yiko, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, bobirichman, brgltd, bulej93, c3phas, cRat1st0s, carlitox477, chrisdior4, csanuragjain, d3e4, defsec, delfin454000, djxploit, durianSausage, ellahi, erictee, fatherOfBlocks, gerdusx, gogo, ignacio, jag, ladboy233, m_Rassska, medikko, mics, natzuu, newfork01, oyc_109, paribus, pfapostol, rbserver, reassor, ret2basic, robee, rokinot, rvierdiiev, sach1r0, saian, sashik_eth, sikorico, simon135

Awards

14.9459 USDC - $14.95

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Blocklist

  • L11/12/14 - The manager and ve variables, when only set in the constructor, could be defined as immutable, generating a lower gas cost.

  • L24/25 - Requires could generate less gas cost if a private view function is used instead of require

  • L42 - Less gas cost is generated, if instead of validating "variable > 0", "variable != 0" is validated, this also does not generate a reduction in its understanding.

  • L33 - The isBlocked() function is public, but it is never used inside the contract, so you could save gas by making it external.

  • L4/27 - IVotingEscrow is imported, but only one function is used since more than 10 functions are imported, an interface with a single function could be created in the same contract.

Voting Escrow

  • L45/107 - The token, name, symbol and decimals variables, when only set in the constructor, could be defined as immutable, generating a lower gas cost.

  • L115/116 - First the value of decimals is set and then the variable in storage is consulted. It could be less expensive if the variable is created in memory, then it is consulted in the require and finally it is set in the decimals of the storage.

  • L124 - The modifier function could generate less gas costs if it were a private view function.

  • L288/412/448 - Less gas cost is generated, if instead of validating "variable > 0", "variable != 0" is validated, this also does not generate a reduction in its understanding.

  • L298/309/714/717/737/739/793/794/834/889 - It is not necessary to create a variable and set it to its default value, this generates an extra gas expense without providing greater understanding.

  • L258/261/264/309/340/717/719/739/743/796/834/891 - Instead of variable + 1 or variable ++, much more gas is saved by doing: ++variable.

  • L865/866 - It is not necessary to create a variable in memory, if it is only going to be used once.

  • L702 - The operation _t / WEEK) * WEEK is carried out, this generates an unnecessary expense of gas, since the factorization of the operation is equivalent to "return _t;".

  • L300/301/302/303 - Due to the operations that are performed and always: "block.timestamp - lastPoint.ts >= 0" these lines could be unchecked.

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter