Back to giovannidisiena's contests

Art Gobblers contest - giovannidisiena's results

Experimental Decentralized Art Factory By Justin Roiland and Paradigm.

General Information

Platform: Code4rena

Start Date: 20/09/2022

Pot Size: $100,000 USDC

Total HM: 4

Participants: 109

Period: 7 days

Judge: GalloDaSballo

Id: 163

League: ETH

Art Gobblers

Findings Distribution

Researcher Performance

Rank: 83/109

Findings: 1

Award: $55.20

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryArt Gobblers

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x1f8b, 0x4non, 0x52, 0x5rings, 0xNazgul, 0xRobocop, 0xSmartContract, 0xdeadbeef, 0xsanson, 8olidity, Amithuddar, Aymen0909, B2, B353N, CertoraInc, Ch_301, Chom, CodingNameKiki, Deivitto, ElKu, Funen, JC, JohnnyTime, Kresh, Lambda, Noah3o6, RaymondFam, ReyAdmirado, RockingMiles, Rolezn, Sm4rty, SuldaanBeegsi, Tadashi, TomJ, Tomio, V_B, Waze, __141345__, a12jmx, ak1, arcoun, asutorufos, aviggiano, berndartmueller, bharg4v, bin2chen, brgltd, bulej93, c3phas, catchup, cccz, ch0bu, cryptonue, cryptphi, csanuragjain, delfin454000, devtooligan, djxploit, durianSausage, eighty, erictee, exd0tpy, fatherOfBlocks, giovannidisiena, hansfriese, ignacio, joestakey, ladboy233, lukris02, m9800, malinariy, martin, minhtrng, obront, oyc_109, pedr02b2, pedroais, pfapostol, philogy, prasantgupta52, rbserver, ronnyx2017, rotcivegaf, rvierdiiev, sach1r0, shung, simon135, throttle, tnevler, tonisives, wagmi, yixxas, zkhorse, zzykxx, zzzitron

Awards

55.1985 USDC - $55.20

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue

RandomBytesRequested Event Always Emits Zero – ChainlinkV1RandProvider.sol #L66

requestId is declared as the return value of this function however usage in emitting an event prior to assignment means that it is never non-zero at the time of emitting the event. Instead consider: emit RandomBytesRequested(requestId = requestRandomness(chainlinkKeyHash, chainlinkFee)); combining with #L69.

Incorrect Legendary Gobbler Auction Start Price Type – ArtGobblers.sol #L461

The start price type should be uint128 to be consistent with other usage.

Explicit Uint Type – ArtGobblers.sol #L763

Use the explicit uint256 type, as in some circumstances (e.g. abi-encoding with signature) they are not synonymous.

Consider Extending Withdraw Functionality – GobblerReserve.sol #L34

It may be wise to make this function internal and then have a single generalised public onlyOwner function which is capable of executing arbitrary abi-encoded calls e.g. to call the proposed internal withdraw functinon or transfer other assets which may be sent to the contract GobblerReserve contract address.

Re-Write Left Shift As Exp – ArtGobblers.sol #L674

Here shl(64, 1) is equivalent to exp(2, 64) so re-write for readability.

Re-Write Left Shift As Exp – ArtGobblers.sol #L844

numGobblersEach << 1 is equivalent to numGobblersEach * 2 so re-write for readability.

#0 - GalloDaSballo

2022-10-06T19:17:42Z

RandomBytesRequested Event Always Emits Zero – ChainlinkV1RandProvider.sol #L66

R

Incorrect Legendary Gobbler Auction Start Price Type – ArtGobblers.sol #L461

R

Explicit Uint Type – ArtGobblers.sol #L763

NC

Consider Extending Withdraw Functionality – GobblerReserve.sol #L34

R

Shifts

R

3R 1NC

Good intentions but needs more findings

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter