Platform: Code4rena
Start Date: 05/05/2022
Pot Size: $125,000 DAI
Total HM: 17
Participants: 62
Period: 14 days
Judge: leastwood
Total Solo HM: 15
Id: 120
League: ETH
Rank: 19/62
Findings: 2
Award: $379.89
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xkatana, 0xsomeone, AuditsAreUS, BouSalman, BowTiedWardens, Cityscape, Funen, GimelSec, Hawkeye, JC, MaratCerby, MiloTruck, Picodes, Ruhum, TerrierLover, WatchPug, Waze, bobirichman, catchup, cccz, cryptphi, csanuragjain, delfin454000, ellahi, fatherOfBlocks, hake, horsefacts, hyh, jayjonah8, joestakey, kebabsec, kenta, mics, oyc_109, robee, samruna, shenwilly, sikorico, simon135, throttle, tintin
178.6573 DAI - $178.66
Timelock modifier is commonly used for storage variable setters that effects the contract logic. Consider adding timelocks on such setters.
AlchemicTokenV1.solL#101 AlchemicTokenV1.solL#131 AlchemicTokenV2.solL#119 AlchemicTokenV2.solL#164 AlchemicTokenV2Base.solL#132
Consider changing to two steps verification process of transferring privileges. Human mistakes can happen.
gALCX.sol
You should use safe math for solidity version <8 since there is no default over/under flow check it those versions.
SelfPermit.sol SelfPermit.sol
🌟 Selected for report: IllIllI
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xf15ers, 0xkatana, 0xsomeone, AlleyCat, BowTiedWardens, Cityscape, Fitraldys, Funen, GimelSec, Hawkeye, JC, MaratCerby, MiloTruck, Randyyy, TerrierLover, Tomio, UnusualTurtle, WatchPug, Waze, _Adam, augustg, bobirichman, catchup, csanuragjain, ellahi, fatherOfBlocks, hake, hansfriese, horsefacts, ignacio, joestakey, kenta, mics, oyc_109, robee, samruna, sashik_eth, sikorico, simon135, throttle
201.2269 DAI - $201.23
We recommend not to cache msg.sender since calling it is 2 gas while reading a variable is more.
gALCX.solL#26 gALCX.solL#26
Using != 0 is slightly cheaper than > 0. We recommend to replace > with != in the following places:
AlchemicTokenV2.solL#211 AlchemicTokenV2Base.solL#243 AlchemistV2.solL#466 AlchemistV2.solL#678 AlchemistV2.solL#692
In for loops you initialize the index to start from 0, but it already initialized to 0 in default and this assignment cost gas. It is more clear and gas efficient to declare without assigning 0 and will have the same meaning:
AlchemistV2.solL#990 AlchemistV2.solL#1282 AlchemistV2.solL#1461 AlchemistV2.solL#1524 Multicall.solL#14
Reentracy guard is not be necessary in the following cases since the functuin is protected by another modifier (e.g is initializer function, or only owner). Removing the reentracy guard can save gas.
TransmuterV2.solL#250 TransmuterV2.solL#250
Unused state variables are gas consuming at deployment (since they are located in storage) and are a bad code practice. Removing those variables will decrease deployment gas cost and improve code quality.
FuseTokenAdapterV1.sol: FIXED_POINT_SCALAR