Cally contest - robee's results

Mult instead div in compares

To improve algorithm precision instead using division in comparison use multiplication in the following scenario:

    Instead a < b / c use a * c < b. 

In all of the big and trusted contracts this rule is maintained.

Code instances:

    CallyNft.sol, 151, svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "20"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Token: "), token) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "40"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Token ID or Amount: "), tokenIdOrAmount) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "60"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Premium (WEI): "), premium) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "80"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Duration (days): "), durationDays) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "100"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Starting strike (WEI): "), dutchAuctionStartingStrike) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "120"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Expiration (UNIX): "), currentExpiration) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "140"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Strike (WEI): "), currentStrike) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "160"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Exercised (y/n): "), isExercised) ), svg.text( string.concat( svg.prop("x", "10"), svg.prop("y", "180"), svg.prop("font-size", "12"), svg.prop("fill", "white") ), string.concat(svg.cdata("Type: "), nftType) ), "</svg>" );
    Renderer.sol, 12, svg.text( string.concat( svg.prop('x', '20'), svg.prop('y', '40'), svg.prop('font-size', '22'), svg.prop('fill', 'white') ), string.concat( svg.cdata('Hello, token #'), utils.uint2str(_tokenId) ) ), svg.rect( string.concat( svg.prop('fill', 'purple'), svg.prop('x', '20'), svg.prop('y', '50'), svg.prop('width', utils.uint2str(160)), svg.prop('height', utils.uint2str(10)) ), utils.NULL ), '</svg>' );
    SVG.sol, 152, string.concat( '<', _tag, ' ', _props, '>', _children, '</', _tag, '>' );
    SVG.sol, 171, string.concat( '<', _tag, ' ', _props, '/>' );

Does not validate the input fee parameter

Some fee parameters of functions are not checked for invalid values. Validate the parameters:

Code instance:

    Cally.setFee (feeRate_)

Require with empty message

The following requires are with empty messages. This is very important to add a message for any require. So the user has enough information to know the reason of failure.

Code instances:

    Solidity file: SafeCastLib.sol, In line 39 with Empty Require message.
    Solidity file: SafeCastLib.sol, In line 51 with Empty Require message.
    Solidity file: SafeCastLib.sol, In line 21 with Empty Require message.
    Solidity file: SafeCastLib.sol, In line 9 with Empty Require message.
    Solidity file: SafeCastLib.sol, In line 33 with Empty Require message.

Require with not comprehensive message

The following requires has a non comprehensive messages. This is very important to add a comprehensive message for any require. Such that the user has enough information to know the reason of failure:

Code instances:

    Solidity file: Test.sol, In line 257 with Require message: NotFound
    Solidity file: Cally.sol, In line 354 with Require message: Not owner

Not verified input

external / public functions parameters should be validated to make sure the address is not 0. Otherwise if not given the right input it can mistakenly lead to loss of user funds.

Code instances:

    ERC20.sol.permit spender
    ERC20.sol.transferFrom to
    ERC4626.sol.deposit receiver
    ERC20.sol.approve spender
    Cally.sol.transferFrom to

Solidity compiler versions mismatch

The project is compiled with different versions of solidity, which is not recommended because it can lead to undefined behaviors.

Code instance:

Use safe math for solidity version <8

You should use safe math for solidity version <8 since there is no default over/under flow check it suchversions of solidity.

Code instances:

    The contract Test.sol doesn't use safe math and is of solidity version < 8
    The contract base64.sol doesn't use safe math and is of solidity version < 8
    The contract console.sol doesn't use safe math and is of solidity version < 8
    The contract Vm.sol doesn't use safe math and is of solidity version < 8

Not verified owner

    owner param should be validated to make sure the owner address is not address(0).
    Otherwise if not given the right input all only owner accessible functions will be unaccessible.
    
    

Code instances:

    ERC20.sol.permit owner
    ERC4626.sol.redeem owner
    ERC4626.sol.withdraw owner

Named return issue

Users can mistakenly think that the return value is the named return, but it is actually the actualreturn statement that comes after. To know that the user needs to read the code and is confusing. Furthermore, removing either the actual return or the named return will save gas.

Code instances:

    FixedPointMathLib.sol, mulDivUp
    Cally.sol, getVaultBeneficiary
    Cally.sol, getPremium
    Utils.sol, uint2str

Missing non reentrancy modifier

The following functions are missing reentrancy modifier although some other pulbic/external functions does use reentrancy modifer. Even though I did not find a way to exploit it, it seems like those functions should have the nonReentrant modifier as the other functions have it as well..

Code instances:

    Cally.sol, createVault is missing a reentrancy modifier
    Cally.sol, transferFrom is missing a reentrancy modifier
    Cally.sol, buyOption is missing a reentrancy modifier
    Cally.sol, exercise is missing a reentrancy modifier

Never used parameters

Those are functions and parameters pairs that the function doesn't use the parameter. In case those functions are external/public this is even worst since the user is required to put value that never used and can misslead him and waste its time.

Code instances:

    CREATE3.sol: function deploy parameter creationCode isn't used. (deploy is internal)
    ERC4626.sol: function beforeWithdraw parameter shares isn't used. (beforeWithdraw is internal)
    ERC4626.sol: function afterDeposit parameter assets isn't used. (afterDeposit is internal)
    ERC4626.sol: function beforeWithdraw parameter assets isn't used. (beforeWithdraw is internal)
    CREATE3.sol: function deploy parameter value isn't used. (deploy is internal)

Missing commenting

    The following functions are missing commenting as describe below:
    

Code instances:

    Cally.sol, tokenURI (public), parameter tokenId not commented
    Cally.sol, transferFrom (public), parameters from, to, id not commented
    Cally.sol, vaults (external), @return is missing
    Cally.sol, tokenURI (public), @return is missing

Check transfer receiver is not 0 to avoid burned money

Transferring tokens to the zero address is usually prohibited to accidentally avoid "burning" tokens by sending them to an unrecoverable zero address.

Code instances:

    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/src/Cally.sol#L243
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/mixins/ERC4626.sol#L63
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/mixins/ERC4626.sol#L50
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/tokens/ERC20.sol#L85
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/mixins/ERC4626.sol#L92

Never used parameters

Those are functions and parameters pairs that the function doesn't use the parameter. In case those functions are external/public this is even worst since the user is required to put value that never used and can misslead him and waste its time.

Code instances:

    CREATE3.sol: function deploy parameter creationCode isn't used. (deploy is internal)
    ERC4626.sol: function beforeWithdraw parameter shares isn't used. (beforeWithdraw is internal)
    ERC4626.sol: function afterDeposit parameter assets isn't used. (afterDeposit is internal)
    ERC4626.sol: function beforeWithdraw parameter assets isn't used. (beforeWithdraw is internal)
    CREATE3.sol: function deploy parameter value isn't used. (deploy is internal)

Missing commenting

    The following functions are missing commenting as describe below:
    

Code instances:

    Cally.sol, tokenURI (public), parameter tokenId not commented
    Cally.sol, transferFrom (public), parameters from, to, id not commented
    Cally.sol, vaults (external), @return is missing
    Cally.sol, tokenURI (public), @return is missing

Add a timelock

To give more trust to users: functions that set key/critical variables should be put behind a timelock.

Code instances:

    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/auth/authorities/RolesAuthority.sol#L95
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol#L92
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/src/Cally.sol#L351
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol#L82
    https://github.com/code-423n4/2022-05-cally/tree/main/contracts/lib/solmate/src/auth/authorities/MultiRolesAuthority.sol#L110

Unnecessary equals boolean

Boolean variables can be checked within conditionals directly without the use of equality operators to true/false.

Code instances:

    Cally.sol, 220: require(vault.isWithdrawing == false, "Vault is being withdrawn");
    Cally.sol, 328: require(vault.isExercised == false, "Vault already exercised");
    Cally.sol, 217: require(vault.isExercised == false, "Vault already exercised");

Unused state variables

Unused state variables are gas consuming at deployment (since they are located in storage) and are a bad code practice. Removing those variables will decrease deployment gas cost and improve code quality. This is a full list of all the unused storage variables we found in your code base.

Code instance:

    Utils.sol, NULL

Change transferFrom to transfer

'transferFrom(address(this), , **)' could be replaced by the following more gas efficient 'transfer(, **)' This replacement is more gas efficient and improves the code quality.

Code instances:

    Cally.sol, 295 : ? ERC721(vault.token).transferFrom(address(this), msg.sender, vault.tokenIdOrAmount)
    Cally.sol, 344 : ? ERC721(vault.token).transferFrom(address(this), msg.sender, vault.tokenIdOrAmount)

Caching array length can save gas

Caching the array length is more gas efficient. This is because access to a local variable in solidity is more efficient than query storage / calldata / memory. We recommend to change from:

for (uint256 i=0; i<array.length; i++) { ... }

to:

uint len = array.length  
for (uint256 i=0; i<len; i++) { ... }

Code instances:

    Test.sol, b, 362
    CallyNft.sol, data, 244

Prefix increments are cheaper than postfix increments

Prefix increments are cheaper than postfix increments. Further more, using unchecked {++x} is even more gas efficient, and the gas saving accumulates every iteration and can make a real change There is no risk of overflow caused by increamenting the iteration index in for loops (the ++i in for (uint256 i = 0; i < numIterations; ++i)). But increments perform overflow checks that are not necessary in this case. These functions use not using prefix increments (++x) or not using the unchecked keyword:

Code instances:

    change to prefix increment and unchecked: Test.sol, i, 353
    change to prefix increment and unchecked: Test.sol, i, 362
    change to prefix increment and unchecked: CallyNft.sol, i, 244

Unnecessary index init

In for loops you initialize the index to start from 0, but it already initialized to 0 in default and this assignment cost gas. It is more clear and gas efficient to declare without assigning 0 and will have the same meaning:

Code instances:

    Test.sol, 362
    Test.sol, 353
    CallyNft.sol, 244

Unnecessary default assignment

Unnecessary default assignments, you can just declare and it will save gas and have the same meaning.

Code instances:

    Cally.sol (L#95) : uint256 public protocolUnclaimedFees = 0; 
    Cally.sol (L#94) : uint256 public feeRate = 0;

Use bytes32 instead of string to save gas whenever possible

Use bytes32 instead of string to save gas whenever possible.
String is a dynamic data structure and therefore is more gas consuming then bytes32.

Code instances:

    CallyNft.sol (L70), string memory nftType = isVault_ ? "Vault" : "Option"; 
    SVG.sol (L186), return string.concat(_key, '=', '"', _val, '" ');
    Renderer.sol (L10), string.concat( '<svg xmlns="http:

Use != 0 instead of > 0

Using != 0 is slightly cheaper than > 0. (see https://github.com/code-423n4/2021-12-maple-findings/issues/75 for similar issue)

Code instances:

    Cally.sol, 283: change 'feeRate > 0' to 'feeRate != 0'
    Cally.sol, 170: change 'durationDays > 0' to 'durationDays != 0'

Use unchecked to save gas for certain additive calculations that cannot overflow

You can use unchecked in the following calculations since there is no risk to overflow:

Code instances:

    Cally.sol (L#238) - vault.currentExpiration = uint32(block.timestamp) + (vault.durationDays * 1 days); 
    Test.sol (L#19) - vm.warp(block.timestamp + time);

Consider inline the following functions to save gas

You can inline the following functions instead of writing a specific function to save gas.
(see https://github.com/code-423n4/2021-11-nested-findings/issues/167 for a similar issue.)

Code instances

    SVG.sol, text, { return el('text', _props, _children); }
    Bytes32AddressLib.sol, fillLast12Bytes, { return bytes32(bytes20(addressValue)); }
    Test.sol, sigs, { return bytes4(keccak256(bytes(sigStr))); }
    FixedPointMathLib.sol, divWadUp, { return mulDivUp(x, WAD, y); // Equivalent to (x * WAD) / y rounded up. }
    FixedPointMathLib.sol, divWadDown, { return mulDivDown(x, WAD, y); // Equivalent to (x * WAD) / y rounded down. }

Inline one time use functions

The following functions are used exactly once. Therefore you can inline them and save gas and improve code clearness.

Code instances:

    CREATE3.sol, getDeployed
    FixedPointMathLib.sol, sqrt

Upgrade pragma to at least 0.8.4

Using newer compiler versions and the optimizer gives gas optimizations and additional safety checks are available for free.

The advantages of versions 0.8.* over <0.8.0 are:

    1. Safemath by default from 0.8.0 (can be more gas efficient than library based safemath.)
    2. Low level inliner : from 0.8.2, leads to cheaper runtime gas. Especially relevant when the contract has small functions. For example, OpenZeppelin libraries typically have a lot of small helper functions and if they are not inlined, they cost an additional 20 to 40 gas because of 2 extra jump instructions and additional stack operations needed for function calls.
    3. Optimizer improvements in packed structs: Before 0.8.3, storing packed structs, in some cases used an additional storage read operation. After EIP-2929, if the slot was already cold, this means unnecessary stack operations and extra deploy time costs. However, if the slot was already warm, this means additional cost of 100 gas alongside the same unnecessary stack operations and extra deploy time costs.
    4. Custom errors from 0.8.4, leads to cheaper deploy time cost and run time cost. Note: the run time cost is only relevant when the revert condition is met. In short, replace revert strings by custom errors.

Code instances:

    console.sol
    base64.sol
    Vm.sol
    Test.sol