Platform: Code4rena
Start Date: 25/11/2021
Pot Size: $80,000 USDC
Total HM: 35
Participants: 32
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 27
Id: 59
League: ETH
Rank: 30/32
Findings: 1
Award: $50.88
🌟 Selected for report: 1
🚀 Solo Findings: 0
25.436 USDC - $25.44
loop
When invoking purchaseArbitrageTokens() is will first check whether the auction is active using:
require(auctionActive(currentAuctionId), "No auction running");
auctionActive() checks for the following things:
auction.active && now >= auction.startingTime;
As a result the require statement will fail if either !auction.active or now < auction.startingTime.
Later on in purchaseArbitrageTokens() two more require statements will check the same thing:
require(auction.startingTime <= now, "Auction hasn't started yet"); (...) require(auction.active == true, "Auction is not active");
These will always pass if auctionActive(currentAuctionId) is true and never be reached if it is false, making them redundant.
Remove redundant require statements
#0 - GalloDaSballo
2021-12-31T19:16:02Z
I agree that some checks are redundant, would recommend the sponsor to rewrite the checks to make them simpler and not reduntant
loop
The checks for both Bonding:unbond() and Bonding:unbondAndBreak() look like this:
require(amount > 0, "Cannot unbond 0"); uint256 bondedBalance = balanceOfBonded(msg.sender); require(bondedBalance > 0, "< bonded balance"); require(amount <= bondedBalance, "< bonded balance");
Due to the first require statement amount can not be 0. Due to the last require statement amount must be smaller or equal to bondedBalance. Since amount can not be 0, bondedBalance can also not be 0 as it must be at least equal to amount. This makes the middle require statement of bondedBalance > 0 redundant as this is already impossible due to the other two require statements.
Remove redundant require statements
#0 - 0xScotch
2021-12-09T22:24:44Z
#316
#1 - GalloDaSballo
2022-01-01T15:01:32Z
Duplicate of #316