Platform: Code4rena
Start Date: 07/01/2022
Pot Size: $80,000 USDC
Total HM: 21
Participants: 37
Period: 7 days
Judge: 0xean
Total Solo HM: 14
Id: 71
League: ETH
Rank: 27/37
Findings: 2
Award: $114.79
🌟 Selected for report: 1
🚀 Solo Findings: 0
28.022 INSURE - $9.81
14.7115 USDC - $14.71
ospwner
In IndexTemplate.sol#requestWithdraw function, there are two "require" used for input validation. One is for ensuring "_balance >= _amount" and other one is "_amount > 0". " _amount > 0" check comes after balance check; however, balance check always passes if amount is 0 since _balance is uint. Those can be reordered to save gas for the case _amount equals zero.
uint256 _balance = balanceOf(msg.sender); require(_balance >= _amount, "ERROR: REQUEST_EXCEED_BALANCE"); require(_amount > 0, "ERROR: REQUEST_ZERO");
Put _amount > 0 check before _balance >= _amount.
require(_amount > 0, "ERROR: REQUEST_ZERO"); uint256 _balance = balanceOf(msg.sender); require(_balance >= _amount, "ERROR: REQUEST_EXCEED_BALANCE");
#0 - oishun1112
2022-01-13T18:06:59Z
🌟 Selected for report: ospwner
62.2711 INSURE - $21.79
32.6923 USDC - $32.69
ospwner
Checking arrays' length before using it in a for loop is unnecessary when array's length is used in loop exit condition.
if (_references.length > 0) { for (uint256 i = 0; i < _references.length; i++)
if (_conditions.length > 0) { for (uint256 i = 0; i < _conditions.length; i++)
Remove the two unnecessary if statements.
37.3929 INSURE - $13.09
22.7028 USDC - $22.70
ospwner
Factory, Parameters and Registry contracts cannot function correctly if ownership or registry contract addresses cannot be initialized properly. Currently, they can be initialized with 0x0 address during construction.
registry = _registry; ownership = IOwnership(_ownership);
ownership = _ownership;
ownership = IOwnership(_ownership);
Require _ownership and _registry parameters are not address(0x0)
#0 - 0xean
2022-01-27T23:25:26Z
#120