Platform: Code4rena
Start Date: 17/03/2022
Pot Size: $30,000 USDC
Total HM: 8
Participants: 43
Period: 3 days
Judge: gzeon
Total Solo HM: 5
Id: 100
League: ETH
Rank: 30/43
Findings: 2
Award: $79.47
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: defsec
Also found by: 0x1f8b, 0xDjango, 0xNazgul, 0xkatana, 0xwags, CertoraInc, Funen, GeekyLumberjack, GreyArt, IllIllI, Kenshin, Ruhum, TerrierLover, WatchPug, berndartmueller, bugwriter001, cccz, cmichel, csanuragjain, hake, kenta, kirk-baird, leastwood, minhquanym, oyc_109, peritoflores, rayn, remora, rfa, robee, saian, samruna, sorrynotsorry, wuwe1
50.8486 USDC - $50.85
Issue Information: L001 - Unsafe ERC20 Operation(s)
../code4rena/2022-03-prepo/contracts/core/Collateral.sol::76 => _baseToken.approve(address(_strategyController), _amountToDeposit); ../code4rena/2022-03-prepo/contracts/core/PrePOMarket.sol::121 => _collateral.transferFrom(msg.sender, _treasury, _fee); ../code4rena/2022-03-prepo/contracts/core/PrePOMarket.sol::123 => _collateral.transferFrom(msg.sender, address(this), _amount); ../code4rena/2022-03-prepo/contracts/core/PrePOMarket.sol::168 => _collateral.transfer(_treasury, _fee); ../code4rena/2022-03-prepo/contracts/core/PrePOMarket.sol::170 => _collateral.transfer(msg.sender, _collateralOwed); ../code4rena/2022-03-prepo/contracts/core/SingleStrategyController.sol::60 => _baseToken.approve(address(_newStrategy), type(uint256).max); ../code4rena/2022-03-prepo/contracts/core/SingleStrategyController.sol::62 => _baseToken.approve(address(_oldStrategy), 0);
#0 - ramenforbreakfast
2022-03-22T22:41:35Z
duplicate of #4
#1 - ramenforbreakfast
2022-04-13T21:20:05Z
@gzeoneth I'm going to assume duplicates also don't apply to QA reports and are all assigned an individual score?
#2 - gzeoneth
2022-04-14T16:37:21Z
@gzeoneth I'm going to assume duplicates also don't apply to QA reports and are all assigned an individual score?
correct
28.6158 USDC - $28.62
Issue Information: G001 - variables with default value
../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::44 => for (uint256 _i = 0; _i < _accounts.length; _i++) { ../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::55 => for (uint256 _i = 0; _i < _accounts.length; _i++) { ../code4rena/2022-03-prepo/contracts/core/Collateral.sol::81 => uint256 _shares = 0;
Issue Information: G002 - array length outside loop
../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::44 => for (uint256 _i = 0; _i < _accounts.length; _i++) { ../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::55 => for (uint256 _i = 0; _i < _accounts.length; _i++) {
Issue Information: G003 - use !=0 for unsigned int comparison
../code4rena/2022-03-prepo/contracts/core/Collateral.sol::326 => (_totalAssets > 0) ../code4rena/2022-03-prepo/contracts/core/mocks/MockStrategy.sol::63 => if (_actualBalance > 0) {
Issue Information: G009 - Prefix increments are cheaper than postfix increments
../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::35 => _blockedAccountsIndex++; ../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::44 => for (uint256 _i = 0; _i < _accounts.length; _i++) { ../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::55 => for (uint256 _i = 0; _i < _accounts.length; _i++) { ../code4rena/2022-03-prepo/contracts/core/AccountAccessController.sol::101 => _allowedAccountsIndex++;
#0 - ramenforbreakfast
2022-03-22T22:41:00Z
Duplicates issues mentioned in #5 and #18