Back to fatherOfBlocks's contests

Mimo August 2022 contest - fatherOfBlocks's results

Bridging the chasm between the DeFi world and the world of regulated financial institutions.

General Information

Platform: Code4rena

Start Date: 02/08/2022

Pot Size: $50,000 USDC

Total HM: 12

Participants: 69

Period: 5 days

Judge: gzeon

Total Solo HM: 5

Id: 150

League: ETH

Mimo DeFi

Findings Distribution

Researcher Performance

Rank: 30/69

Findings: 2

Award: $118.83

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryMimo DeFi

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x1f8b, 0xDjango, 0xNazgul, 0xc0ffEE, 8olidity, Bnke0x0, Chom, CodingNameKiki, Deivitto, Dravee, Funen, JC, JohnSmith, NoamYakov, ReyAdmirado, Rohan16, Rolezn, Sm4rty, SooYa, TomFrenchBlockchain, TomJ, Waze, __141345__, ajtra, ak1, aysha, bin2chen, bobirichman, brgltd, bulej93, c3phas, delfin454000, durianSausage, erictee, fatherOfBlocks, gogo, horsefacts, hyh, ladboy233, mics, natzuu, nxrblsrpr, oyc_109, rbserver, samruna, sikorico, simon135, tofunmi, wagmi

Awards

69.6581 USDC - $69.66

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue

MIMO EmptyVault

  • L6/14 - The file name is IMIMOEmtpyVault, but the interface is called IMIMOEmtpyVault. The name should be changed to the correct one.

MIMOFlashloan

  • L8/10/11 - The Errors library, the IMIMOProxyRegistry library and IAddressProvider are imported, but they are not used in the entire contract.

MIMOAutoAction

  • L101 - It is divided by rebalanceValue, but it is never validated if it is a zero, this validation should happen before.

MIMOAutoRebalance

  • L185/186/191 - In the operation to define rebalanceValue is divided by "(targetRatio.wadDiv(toVaultMcr + autoVault.mcrBuffer) - targetRatio.wadMul(autoVault.varFee) - WadRayMath.WAD)", this would be nice to separate it into a variable and validate that it is != 0. Same thing happens on L191 with toVaultMcr + autoVault.mcrBuffer.

IMIMOAutoRebalance

  • L4 - IERC20 is imported, but never used.

IMIMOFlashloan

  • L4/7/8 - Several imports are made and only IPool is used.

IMIMO Leverage

  • L4 - IERC20 is imported but not used.

IMIMOSwap

  • L4 - IDexAddressProvider is imported but not used.

IMIMOManagedAction

  • L4/5/8 - Several imports are made and only IAddressProvider and IPool are used.

IMIMOManagedRebalance

  • L4 - IERC20 is imported but not used.

MIMOManagedAction

  • L124 - It is divided by rebalanceValue, but it is never validated if it is a zero, this validation should happen before.

MIMOProxy

  • NATSPEC IS INCOMPLETE

MIMOProxyFactory

  • NATSPEC IS INCOMPLETE

MIMOProxyRegistry

  • L7/8 - Two interfaces are imported that are never used.

Findings Information

🌟 Selected for report: Dravee

Also found by: 0x040, 0x1f8b, 0xDjango, 0xNazgul, 0xSmartContract, 0xc0ffEE, Aymen0909, Bnke0x0, Chom, CodingNameKiki, Deivitto, Fitraldys, Funen, IllIllI, JC, JohnSmith, NoamYakov, ReyAdmirado, Rolezn, TomJ, Waze, ajtra, bearonbike, bobirichman, brgltd, c3phas, durianSausage, fatherOfBlocks, gogo, ignacio, jag, joestakey, ladboy233, mics, oyc_109, rbserver, samruna, sikorico, simon135

Awards

49.1659 USDC - $49.17

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

MIMO EmptyVault

  • L96 - Instead of using a require, you can use an if with the custom error, this would generate less gas cost.

  • L82 - It is less expensive to use the amount variable in memory, instead of looping through amounts in position zero.

MIMO Leverage

  • L50 - The "variable > 0" operation can generate much less gas spending by doing: "variable != 0".

  • L86/87/133/134 - When a variable is used more than once, for example: amounts[0] and collateralBalanceAfter - flashloanRepayAmount, it is less expensive to create a variable in memory and use that variable.

  • L133/134 - As it is validated in line 132 that: collateralBalanceAfter > flashloanRepayAmount, then line 133 and 134 could be unchecked.

MIMORebalance

  • L84/85 - It is less expensive to use the variable in memory amount, instead of traversing amounts in position zero.

  • L129 - Instead of using a require, you can use an if with the custom error, this would generate less gas cost.

  • L135 - The "variable > 0" operation can generate much less gas spending by doing: "variable != 0".

MIMOSwap

  • L47/48 - Instead of using a require, you can use an if with the custom error, this would generate less gas cost.

  • L56 - The "variable > 0" operation can generate much less gas spending by doing: "variable != 0".

MIMOAutoAction

  • L79/81 - The variable in memory collateralBalance is only used once, therefore it could save gas if it is not used.

MIMOAutoRebalance

  • L112/113 - It is less expensive to use the variable in memory amount, instead of traversing amounts in position zero.

MIMO Managed Rebalance

  • L113/114 - It is less expensive to use the variable in memory amount, instead of traversing amounts in position zero.

MIMOProxy

  • L92 - The "variable > 0" operation can generate much less gas spending by doing: "variable != 0".
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter