Platform: Code4rena
Start Date: 25/10/2022
Pot Size: $50,000 USDC
Total HM: 18
Participants: 127
Period: 5 days
Judge: 0xean
Total Solo HM: 9
Id: 175
League: ETH
Rank: 78/127
Findings: 1
Award: $36.73
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0x1f8b
Also found by: 0xNazgul, 0xSmartContract, Aymen0909, B2, Bnke0x0, Deivitto, Diana, Dinesh11G, ElKu, JC, Josiah, Rahoz, RaymondFam, ReyAdmirado, Rolezn, Waze, __141345__, adriro, aphak5010, brgltd, c3phas, c7e7eff, carlitox477, cducrest, ch0bu, chrisdior4, cryptonue, cryptostellar5, cylzxje, d3e4, delfin454000, enckrish, evmwanderer, fatherOfBlocks, gogo, hansfriese, horsefacts, immeas, leosathya, lukris02, neumo, oyc_109, pedr02b2, rbserver, robee, rotcivegaf, rvierdiiev, sakshamguruji, shark, simon135, tnevler, trustindistrust, wagmi
36.7345 USDC - $36.73
During the audit, 1 low and 13 non-critical issues were found.
| â„– | Title | Risk Rating | Instance Count |
|---|---|---|---|
| L-1 | Missing check for zero address | Low | 19 |
| NC-1 | Order of Functions | Non-Critical | 8 |
| NC-2 | Order of Layout | Non-Critical | 4 |
| NC-3 | Maximum line length exceeded | Non-Critical | 6 |
| NC-4 | Inconsistent comment location | Non-Critical | 1 |
| NC-5 | Open TODO | Non-Critical | 1 |
| NC-6 | No error message in require | Non-Critical | 3 |
| NC-7 | Comment lines are too long | Non-Critical | 3 |
| NC-8 | Missing NatSpec | Non-Critical | 4 |
| NC-9 | Spaces between the control structures | Non-Critical | 31 |
| NC-10 | Typos | Non-Critical | 8 |
| NC-11 | Scientific notation may be used | Non-Critical | 22 |
| NC-12 | Constants may be used | Non-Critical | 1 |
| NC-13 | Public functions can be external | Non-Critical | 62 |
If address(0x0) is set it may cause the contract to revert or work wrong.
Add checks.
According to Style Guide, ordering helps readers identify which functions they can call and to find the constructor and fallback definitions easier.
Functions should be grouped according to their visibility and ordered:
Public functions before external:
Internal functions before public:
Reorder functions where possible.
According to Order of Layout, inside each contract, library or interface, use the following order:
Events after functions:
Place events before functions.
Some lines of code are too long.
According to Style Guide, maximum suggested line length is 120 characters.
Make the lines shorter.
Some comments are above the line of code and some next to it.
Here the comments are above the line of code, although in all other contracts it is on the side of the code.
Use consistent comment location.
Resolve issues.
requireAdd error messages.
Comments are not fully visible on the screen.
For readability, split comments across multiple lines.
NatSpec is missing for 4 functions in 2 contracts.
Add NatSpec for all functions.
According to Style Guide, there should be a single space between the control structures if, while, and for and the parenthetic block representing the conditional.
Change:
if(...)
to:
if (...)
At 5000, 50% of of a borrower's underwater debt can be liquidated. => one of@param _liquidationIncentiveBps The new liqudation incentive set in basis points. 1 = 0.01% => liquidation@param amount The amount od DOLA to recall to the the lender. => of@param amount The amount od DOLA to recall to the the lender. => one the@notice Sets pending operator of the contract. Operator role must be claimed by the new oprator. => operator@notice Removes a minter from the set of addresses allowe to mint DBR tokens. => allowedWill return 0 if th user has zero DBR or more. => the@param deniedContract The addres of the denied contract => addressFor readability and to avoid misprints, it is better to use scientific notation.
10000:
Replace 10000 with 10e4.
Constants may be used instead of literal values.
For 10000:
Define constant variables for repeated values.
If functions are not called by the contract where they are defined, they can be declared external.
21 functions in Market.sol:
18 functions in DBR.sol:
Make public functions external, where possible.
#0 - c4-judge
2022-11-07T21:54:00Z
0xean marked the issue as grade-b