Back to mics's contests

Sturdy contest - mics's results

The first protocol for interest-free borrowing and high yield lending.

General Information

Platform: Code4rena

Start Date: 13/05/2022

Pot Size: $30,000 USDC

Total HM: 8

Participants: 65

Period: 3 days

Judge: hickuphh3

Total Solo HM: 1

Id: 125

League: ETH

Sturdy

Findings Distribution

Researcher Performance

Rank: 39/65

Findings: 2

Award: $68.45

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositorySturdy

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x1f8b, 0x4non, 0xNazgul, 0xf15ers, 0xkatana, 0xliumin, AlleyCat, BouSalman, Dravee, Funen, GimelSec, Hawkeye, MaratCerby, Picodes, StErMi, TerrierLover, WatchPug, Waze, berndartmueller, bobirichman, cryptphi, csanuragjain, defsec, delfin454000, dipp, fatherOfBlocks, hake, hickuphh3, hyh, joestakey, kebabsec, mics, mtz, oyc_109, p4st13r4, p_crypt0, robee, rotcivegaf, sikorico, simon135, sorrynotsorry, tintin

Awards

44.9929 USDC - $44.99

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue

Low Risk Findings

[QA-1] Use timelock modifier for setter functions

Timelock modifier is commonly used for storage variable setters that effects the contract logic. Consider adding timelocks on such setters.

    ConvexCurveLPVault.solL#37
    GeneralVault.solL#165
    YieldManager.solL#64
    YieldManager.solL#92

[QA-2] you have open TODOs in the codebase

Open TODOs can hint at programming or architectural errors that still need to be fixed.

    GeneralVault.solL#76

[QA-3] Use safe math for solidity version <8

You should use safe math for solidity version <8 since there is no default over/under flow check it those versions.

    CollateralAdapter.sol
    ConvexCurveLPVault.sol
    LidoVault.sol

#0 - HickupHH3

2022-06-06T03:08:34Z

Low issues: QA-1 NC issues: QA-2 Invalid: QA-3 safemath: no justification of why safemath should be used in these contracts if there isn't any math operations requiring its usage.

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xNazgul, 0xf15ers, 0xkatana, 0xliumin, Cityscape, Dravee, Fitraldys, Funen, GimelSec, Hawkeye, JC, MaratCerby, SooYa, StErMi, Tomio, WatchPug, Waze, bobirichman, defsec, delfin454000, fatherOfBlocks, hake, hansfriese, hickuphh3, ignacio, joestakey, kebabsec, mics, mtz, oyc_109, robee, rotcivegaf, samruna, sikorico, simon135, z3s

Awards

23.4569 USDC - $23.46

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Gas Optimizations Report

Table of contents

Gas Findings

[Gas-1] Unnecessary index init

In for loops you initialize the index to start from 0, but it already initialized to 0 in default and this assignment cost gas. It is more clear and gas efficient to declare without assigning 0 and will have the same meaning:

    ConvexCurveLPVault.solL#106
    GeneralVault.solL#218
    YieldManager.solL#120
    YieldManager.solL#130
    YieldManager.solL#156
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter