Platform: Code4rena
Start Date: 13/12/2021
Pot Size: $75,000 USDC
Total HM: 11
Participants: 30
Period: 7 days
Judge: leastwood
Total Solo HM: 4
Id: 68
League: ETH
Rank: 22/30
Findings: 2
Award: $277.64
🌟 Selected for report: 0
🚀 Solo Findings: 0
itsmeSTYJ
In the event that a premature division causes the result to round down to 0, the rest of the calculation would be wrong. It is always better to err on the side of caution and perform all multiplications first before any division.
// Replace this totalSupply.mul(annualizedFee).div(10**18).mul(timePassed).div( 365 days ); // with this totalSupply.mul(annualizedFee).mul(timePassed).div(HUNDRED_PERCENT).div(365 days);
#0 - 0xleastwood
2022-01-23T05:41:44Z
Duplicate of #155
🌟 Selected for report: pauliax
Also found by: GiveMeTestEther, itsmeSTYJ, robee
itsmeSTYJ
Some tokens e.g. USDT requires you to set allowance to 0 first before you can approve again so when you try to call _maxApprove() / approve() via singleCall() , it will fail unless you set allowance to 0 first.
That said however, there is no immediate impact for this bug thanks to the allowance w< balance check i.e. it will take many many many trades for allowance to be less than balance but when that happens, your contracts will be broken as there are no other functions to modify allowances.
To handle tokens like USDT (that requires you to set allowance to 0 first before approving), it is recommended to set allowance to 0 then approve again.
#0 - loki-sama
2022-01-04T10:56:56Z
duplicate #269
35.2492 USDC - $35.25
itsmeSTYJ
Gas optimisation
Instead of doing amountsOut.length - 1, you can simply replace this with 1 because path only has a size of 2 and since index 1 corresponds to the intermediary token, you can just reference the same number again to get the appropriate value for amountsOut.
#0 - 0xleastwood
2022-01-24T09:48:42Z
Duplicate of #195