Platform: Code4rena
Start Date: 12/08/2022
Pot Size: $35,000 USDC
Total HM: 10
Participants: 126
Period: 3 days
Judge: Justin Goro
Total Solo HM: 3
Id: 154
League: ETH
Rank: 87/126
Findings: 2
Award: $44.84
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: oyc_109
Also found by: 0x1f8b, 0x52, 0xDjango, 0xLovesleep, 0xNazgul, 0xNineDec, 0xbepresent, 0xmatt, 0xsolstars, Aymen0909, Bahurum, Bnke0x0, CertoraInc, Chom, CodingNameKiki, DecorativePineapple, Deivitto, Dravee, ElKu, Funen, GalloDaSballo, IllIllI, JC, JohnSmith, Junnon, KIntern_NA, Lambda, LeoS, MiloTruck, Noah3o6, PaludoX0, RedOneN, Respx, ReyAdmirado, Rohan16, RoiEvenHaim, Rolezn, Ruhum, Sm4rty, TomJ, Vexjon, Waze, Yiko, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, auditor0517, bin2chen, bobirichman, brgltd, bulej93, byndooa, c3phas, cRat1st0s, cryptphi, csanuragjain, d3e4, defsec, delfin454000, djxploit, durianSausage, ellahi, erictee, exd0tpy, fatherOfBlocks, gogo, jonatascm, ladboy233, medikko, mics, natzuu, neumo, p_crypt0, paribus, pfapostol, rbserver, reassor, ret2basic, robee, rokinot, rvierdiiev, sach1r0, saneryee, seyni, sikorico, simon135, sseefried, wagmi, wastewa
29.8918 USDC - $29.89
While floating pragmas make sense for libraries to allow them to be included with multiple different versions of applications, it may be a security risk for application implementations.
There are 4 instances of this issue:
File: /contracts/VotingEscrow.sol 2: pragma solidity ^0.8.3;
File: /contracts/features/Blocklist.sol 2: pragma solidity ^0.8.3;
File: ./contracts/mocks/MockERC20.sol 7: pragma solidity ^0.8.0;
File: ./contracts/mocks/MockSmartWallet.sol 2: pragma solidity ^0.8.3;
🌟 Selected for report: IllIllI
Also found by: 0x040, 0x1f8b, 0xDjango, 0xHarry, 0xLovesleep, 0xNazgul, 0xNineDec, 0xSmartContract, 0xackermann, 0xbepresent, 2997ms, Amithuddar, Aymen0909, Bnke0x0, CRYP70, CertoraInc, Chom, CodingNameKiki, Deivitto, Dravee, ElKu, Fitraldys, Funen, GalloDaSballo, JC, JohnSmith, Junnon, LeoS, Metatron, MiloTruck, Noah3o6, NoamYakov, PaludoX0, RedOneN, Respx, ReyAdmirado, Rohan16, Rolezn, Ruhum, Sm4rty, SooYa, SpaceCake, TomJ, Tomio, Waze, Yiko, __141345__, a12jmx, ajtra, ak1, apostle0x01, asutorufos, bobirichman, brgltd, bulej93, c3phas, cRat1st0s, carlitox477, chrisdior4, csanuragjain, d3e4, defsec, delfin454000, djxploit, durianSausage, ellahi, erictee, fatherOfBlocks, gerdusx, gogo, ignacio, jag, ladboy233, m_Rassska, medikko, mics, natzuu, newfork01, oyc_109, paribus, pfapostol, rbserver, reassor, ret2basic, robee, rokinot, rvierdiiev, sach1r0, saian, sashik_eth, sikorico, simon135
14.9472 USDC - $14.95
constant or immutable will cost more gas rather than use default value of zero.If you not overwritte the default value you will save 8 gas for stack variables and more for storage and memory variables.
There are 10 instances of this issue:
File: ./contracts/VotingEscrow.sol 298: uint256 blockSlope = 0; // dblock/dt 309: for (uint256 i = 0; i < 255; i++) { 714: uint256 min = 0; 717: for (uint256 i = 0; i < 128; i++) { 737: uint256 min = 0; 739: for (uint256 i = 0; i < 128; i++) { 793: uint256 dBlock = 0; 794: uint256 dTime = 0; 834: for (uint256 i = 0; i < 255; i++) { 889: uint256 dTime = 0;
++i should be unchecked{++i} in for-loopsNot using a `unchecked{++i} will cost more gas because the default compiler overflow and underflow safety checks. This is true from version 0.8.0, code below match that requirments.
There are 4 instances of this issue:
File: ./contracts/VotingEscrow.sol 309: for (uint256 i = 0; i < 255; i++) { 717: for (uint256 i = 0; i < 128; i++) { 739: for (uint256 i = 0; i < 128; i++) { 834: for (uint256 i = 0; i < 255; i++) {
++i instead of i++ to save a gas (same for --i/i--)This will save you 6 gas per instance/loop
There are 4 instances of this issue:
File: ./contracts/VotingEscrow.sol 309: for (uint256 i = 0; i < 255; i++) { 717: for (uint256 i = 0; i < 128; i++) { 739: for (uint256 i = 0; i < 128; i++) { 834: for (uint256 i = 0; i < 255; i++) {
x = x + y will be more cheap rather than x += y for state variables.There are 1 instances of this issue:
File: ./contracts/VotingEscrow 654: penaltyAccumulated += penaltyAmount;
uints/ints that aren't 256 bits may cost more gas because of EVM.EVM operates on 256 bits at the time and to use small varibles than 256 bits, they will need to resize and that may cost more gas.
There are 2 instances of this issue:
File: ./contracts/VotingEscrow 567: int128 value = locked_.amount; 836: int128 dSlope = 0;
Use bit shifting will be may harder to code read rather than normal multiplication/division but it will save some gas. In the EVM MUl/DIV cost 5 gas rather than SHL/SHR that costs 3 gas.
There are 2 instances of this issue:
File: ./contracts/VotingEscrow 719: uint256 mid = (min + max + 1) / 2; 743: uint256 mid = (min + max + 1) / 2;
Instead of this you can order struct diffrent to save a slot
There are 1 instances of this issue:
75: struct LockedBalance { 76: int128 amount; 77: uint256 end; 78: int128 delegated; 79: address delegatee; 80: }
Order like this will save one slot also and gas.
75: struct LockedBalance { 76: int128 amount; 77: int128 delegated; 78: uint256 end; 79: address delegatee; 80: }