ENS contest - rokinot's results

Decentralised naming for wallets, websites, & more.

General Information

Platform: Code4rena

Start Date: 12/07/2022

Pot Size: $75,000 USDC

Total HM: 16

Participants: 100

Period: 7 days

Judge: LSDan

Total Solo HM: 7

Id: 145

League: ETH

ENS

Findings Distribution

Researcher Performance

Rank: 59/100

Findings: 2

Award: $118.90

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository ENS

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x1f8b, 0x29A, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 8olidity, Aussie_Battlers, Bnke0x0, Ch_301, Critical, Deivitto, Dravee, ElKu, Funen, GimelSec, JC, JohnSmith, Lambda, MiloTruck, PwnedNoMore, ReyAdmirado, Rohan16, Rolezn, Ruhum, RustyRabbit, Sm4rty, TomJ, Waze, _Adam, __141345__, alan724, asutorufos, benbaessler, berndartmueller, bin2chen, brgltd, bulej93, c3phas, cRat1st0s, cryptonue, cryptphi, csanuragjain, delfin454000, dxdv, exd0tpy, fatherOfBlocks, gogo, hake, hyh, joestakey, kyteg, lcfr_eth, minhtrng, p_crypt0, pashov, pedr02b2, philogy, rajatbeladiya, rbserver, rishabh, robee, rokinot, sach1r0, sashik_eth, seyni, simon135, svskaushik, zuhaibmohd, zzzitron

Awards

78.9385 USDC - $78.94

Labels

bug

QA (Quality Assurance)

External Links

Link to GitHub issue

Non-critical

`now` declarations shadows the built-in `now` keyword (which is synonymous to block.timestamp)

DNSSECImpl.sol

Findings Information

🌟 Selected for report: 0xKitsune

Also found by: 0x040, 0x1f8b, 0x29A, 0xNazgul, 0xNineDec, 0xsam, 8olidity, Aussie_Battlers, Aymen0909, Bnke0x0, CRYP70, Ch_301, Chom, Deivitto, Dravee, ElKu, Fitraldys, Funen, GimelSec, IllIllI, JC, JohnSmith, Lambda, MiloTruck, Noah3o6, RedOneN, ReyAdmirado, Rohan16, Rolezn, Ruhum, Sm4rty, TomJ, Tomio, Waze, _Adam, __141345__, ajtra, ak1, arcoun, asutorufos, benbaessler, brgltd, bulej93, c3phas, cRat1st0s, cryptonue, delfin454000, durianSausage, fatherOfBlocks, gogo, hake, hyh, joestakey, karanctf, kyteg, lcfr_eth, lucacez, m_Rassska, rajatbeladiya, rbserver, robee, rokinot, sach1r0, sahar, samruna, sashik_eth, seyni, simon135, zuhaibmohd

Awards

39.9648 USDC - $39.96

Labels

bug

G (Gas Optimization)

External Links

Link to GitHub issue

`x = x + y` is more efficient than `x += y`, same for `x = x - y` and `x -= y`

RRUtils.sol BytesUtils.sol

variables that are assigned as zero should be left unitialized

RRUtils.sol DNSSECImpl.sol BytesUtils.sol

Potencies of 2 (and multiples of 2) i.e. `2**(number)` can be converted into left-shift minus one `2<<(number - 1)` for a more efficient operation

#L219 #L69

Multiplications by multiples of 2 can be turned into a left shift which uses cheaper opcodes

#L316

`require()` statements using `&&` operators should be split into two different `require()` operations.

#L268

Use a more recent version of Solidity

NameWrapper.sol

This is an important mention because not only v0.8.15 has introduced better heuristics for yul optimization, relevant for the assembly codes in here, but also because the developers have compiled this very project and found a decrease in 4.89% in deployment costs and 0.29% in runtime gas. Source

`++i` iterators are more efficient than `i++` iterators.

RRUtils.sol DNSSECImpl.sol ETHRegistrarController.sol

`uint256` iterators should be left `unchecked {}` as there's no risk of overflow

RRUtils.sol DNSSECImpl.sol ETHRegistrarController.sol

`<array>.length` loop comparisons being iterated one by one can use the `!=` operator instead of `<`

RRUtils.sol DNSSECImpl.sol ETHRegistrarController.sol

#L93

`!= 0` comparisons are more efficient than `> 0` for unsigned integers

#L245 #L93

`require()` statements will consume less gas if the revert string contains less than 32 characters

ETHRegistrarController.sol

Using unsigned integers other than `uint256` incurs overhead costs

#L47

Remove unused error message

#L25

Functions that necessarily revert when called by normal users can be set as `payable`

DNSSECImpl.sol

Use calldata for read-only arguments for `external` functions

DNSSECImpl.sol

ENS contest - rokinot's results

Decentralised naming for wallets, websites, & more.

General Information

Findings Distribution

Researcher Performance

External Links

[Q-58] QA Report - $78.94

Findings Information

Awards

Labels

External Links

Non-critical

Multiple require() statements do not have a revert message

ABIEncoderV2 is deprecated, as it's activated on Solidity v0.8 by default

Incomplete comment

Unused function

Add private constants instead of using magic numbers for improved readability

Consider providing a SPDX license identifier before publishing contracts

now declarations shadows the built-in now keyword (which is synonymous to block.timestamp)

[G-57] Gas Report - $39.96

Findings Information

Awards

Labels

External Links

x = x + y is more efficient than x += y, same for x = x - y and x -= y

variables that are assigned as zero should be left unitialized

Potencies of 2 (and multiples of 2) i.e. 2**(number) can be converted into left-shift minus one 2<<(number - 1) for a more efficient operation

Multiplications by multiples of 2 can be turned into a left shift which uses cheaper opcodes

require() statements using && operators should be split into two different require() operations.

Use a more recent version of Solidity

++i iterators are more efficient than i++ iterators.

uint256 iterators should be left unchecked {} as there's no risk of overflow

<array>.length loop comparisons being iterated one by one can use the != operator instead of <

!= 0 comparisons are more efficient than > 0 for unsigned integers

require() statements will consume less gas if the revert string contains less than 32 characters

Using unsigned integers other than uint256 incurs overhead costs

Remove unused error message

Functions that necessarily revert when called by normal users can be set as payable

Use calldata for read-only arguments for external functions

Multiple `require()` statements do not have a revert message

`now` declarations shadows the built-in `now` keyword (which is synonymous to block.timestamp)

`x = x + y` is more efficient than `x += y`, same for `x = x - y` and `x -= y`

Potencies of 2 (and multiples of 2) i.e. `2**(number)` can be converted into left-shift minus one `2<<(number - 1)` for a more efficient operation

`require()` statements using `&&` operators should be split into two different `require()` operations.

`++i` iterators are more efficient than `i++` iterators.

`uint256` iterators should be left `unchecked {}` as there's no risk of overflow

`<array>.length` loop comparisons being iterated one by one can use the `!=` operator instead of `<`

`!= 0` comparisons are more efficient than `> 0` for unsigned integers

`require()` statements will consume less gas if the revert string contains less than 32 characters

Using unsigned integers other than `uint256` incurs overhead costs

Functions that necessarily revert when called by normal users can be set as `payable`

Use calldata for read-only arguments for `external` functions