Back to rfa's contests

Rubicon contest - rfa's results

An order book protocol for Ethereum, built on L2s.

General Information

Platform: Code4rena

Start Date: 23/05/2022

Pot Size: $50,000 USDC

Total HM: 44

Participants: 99

Period: 5 days

Judge: hickuphh3

Total Solo HM: 11

Id: 129

League: ETH

Rubicon

Findings Distribution

Researcher Performance

Rank: 90/99

Findings: 1

Award: $30.84

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryRubicon

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xf15ers, 0xkatana, Chom, DavidGialdi, Dravee, ElKu, FSchmoede, Fitraldys, Funen, GimelSec, JC, Kaiziron, MaratCerby, Metatron, MiloTruck, Picodes, Randyyy, RoiEvenHaim, SmartSek, Tomio, UnusualTurtle, WatchPug, Waze, _Adam, antonttc, asutorufos, berndartmueller, blackscale, blockdev, c3phas, catchup, csanuragjain, defsec, delfin454000, ellahi, fatherOfBlocks, gzeon, hansfriese, ilan, joestakey, minhquanym, oyc_109, pauliax, pedroais, reassor, rfa, rotcivegaf, sach1r0, samruna, sashik_eth, simon135, z3s

Awards

30.8369 USDC - $30.84

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

##GAS

Title: Storage slot packing for gas optimization

https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/RubiconMarket.sol#L191

The declaration order of state variables affects storage slot packing and gas impact from reads/writes of shared slots. By declaring locked var (bool) next to feeTo (address) can save 1 slot.
Change to:

    uint256 public last_offer_id;

    /// @dev The mapping that makes up the core orderbook of the exchange
    mapping(uint256 => OfferInfo) public offers;

    /// @dev This parameter is in basis points
    uint256 internal feeBPS;

    /// @dev This parameter provides the address to which fees are sent
    address internal feeTo;

    bool locked; //@audit-info: Place here

Title: Using storage instead of memory for struct

https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/RubiconMarket.sol#L279 https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/RubiconMarket.sol#L250

By reading directly to storage instead of caching in memory can save execution gas Change to:

        OfferInfo storage _offer = offers[id];

Title: Using != instead >

https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/RubiconMarket.sol#L233 https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/RubiconMarket.sol#L400

Using != operator is more efficient than > for validating that var is not zero

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter