Platform: Code4rena
Start Date: 07/08/2023
Pot Size: $36,500 USDC
Total HM: 11
Participants: 125
Period: 3 days
Judge: alcueca
Total Solo HM: 4
Id: 274
League: ETH
Rank: 99/125
Findings: 1
Award: $4.23
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: RED-LOTUS-REACH
Also found by: 0x3b, 0x4non, 0xCiphky, 0xDING99YA, 0xDetermination, 0xE1, 0xG0P1, 0xStalin, 0xWaitress, 0xbrett8571, 0xhacksmithh, 0xkazim, 0xmuxyz, 0xweb3boy, 14si2o_Flint, AlexCzm, Alhakista, Bube, Bughunter101, Deekshith99, Eeyore, Giorgio, HChang26, InAllHonesty, JP_Courses, KmanOfficial, MatricksDeCoder, Mike_Bello90, MrPotatoMagic, Naubit, QiuhaoLi, RHaO-sec, Raihan, Rolezn, SUPERMAN_I4G, Shubham, Silverskrrrt, Strausses, T1MOH, Topmark, Tripathi, Watermelon, _eperezok, aakansha, auditsea, audityourcontracts, ayden, carlos__alegre, castle_chain, cducrest, ch0bu, d23e, deadrxsezzz, deth, devival, erebus, fatherOfBlocks, halden, hassan-truscova, hpsb, hunter_w3b, imkapadia, immeas, jat, kaden, kaveyjoe, klau5, koxuan, kutugu, ladboy233, lanrebayode77, leasowillow, lsaudit, markus_ether, matrix_0wl, merlin, nemveer, ni8mare, nonseodion, oakcobalt, owadez, p_crypt0, pipidu83, piyushshukla, popular00, ppetrov, rjs, sandy, sl1, supervrijdag, tay054, thekmj, wahedtalash77, windhustler, zhaojie
4.2289 USDC - $4.23
src/LendingLedger.sol
L4 - VotingEscrow import of contract that is not used are made, apart from generating an extra amount of gas in the deploy, it also generates little readability in the code when viewing the code in the blockchain explorer.
L36/41/55/83/106/117/129/188/204 - The names of the functions respond to different writing styles, some functions are camelCase such as: onlyGovernance and setRewards. But others are underscore case: is_valid_epoch or sync_ledger. Only one way should be respected, to maintain a standard.
L47/48 - No validation is performed in the constructor and the variables (gaugeController and governance) are immutable, therefore they should be validated before setting the variable to != 0x.
L174 - A division is made by 1e18 * marketBalance and if marketBalance == 0 it would generate an exception, therefore a previous validation should be carried out to handle it, if it happens.
src/GaugeController.sol
L24/26/27/28/29/31/32/35/36/50/66/91/118/127/141/152 - The name of the functions and variables in storage respond to different writing styles, some are camelCase like: votingEscrow or isValidGauge. But others are underscore case: vote_user_slopes or last_user_vote. Only one way should be respected, to maintain a standard.
L69 - The number 500 is used, but the reason why is not explained, this should be explained to increase the understanding of the code.
L211 - The vote_for_gauge_weights() function has 67 lines and within it many logics are performed, therefore it would be beneficial to raise the level of understanding, create auxiliary functions.
L58/59 - No validation is performed in the constructor and the variables (votingEscrow and governance) are immutable, therefore they should be validated before setting the variable to != 0x.
src/VotingEscrow.sol
#0 - c4-judge
2023-08-22T14:19:11Z
alcueca marked the issue as grade-b