Back to rvierdiiev's contests

Canto Dex Oracle contest - rvierdiiev's results

Execution layer for original work.

General Information

Platform: Code4rena

Start Date: 07/09/2022

Pot Size: $20,000 CANTO

Total HM: 7

Participants: 65

Period: 1 day

Judge: 0xean

Total Solo HM: 3

Id: 159

League: ETH

Canto

Findings Distribution

Researcher Performance

Rank: 65/65

Findings: 1

Award: $39.22

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryCanto

Findings Information

🌟 Selected for report: lukris02

Also found by: 0x040, 0x1f8b, 0x52, 0xA5DF, 0xNazgul, 0xSky, Bnke0x0, Bronicle, CertoraInc, Chom, CodingNameKiki, Deivitto, Diraco, Dravee, EthLedger, IgnacioB, JC, JansenC, Jeiwan, R2, RaymondFam, ReyAdmirado, Rolezn, SinceJuly, TomJ, Tomo, Yiko, a12jmx, ajtra, ak1, codexploder, cryptphi, csanuragjain, erictee, fatherOfBlocks, gogo, hake, hansfriese, hickuphh3, ignacio, ontofractal, oyc_109, p_crypt0, pashov, peritoflores, rajatbeladiya, rbserver, rokinot, rvierdiiev, tnevler

Awards

242.8216 CANTO - $39.22

Labels

bug
QA (Quality Assurance)

External Links

Link to GitHub issue
  1. Use same code convention(spacing and tabulation) through the code. Add spaces here between signes. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L225 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L241 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L248 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L274 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L281
  2. Remove empty comment. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L231
  3. Do not initialize with 0. It will be done by default. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L244-L245 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L277-L278
  4. Use any kind of named params(or constant) instead of magic numbers for clarity. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L225 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L261 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L544 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L532 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L550 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L561-L562 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L565-L566 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L571-L572 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L575-L576 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L581 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L586
  5. Check ctoken for zero address. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-core.sol#L277-L278
  6. Avoid redundant cast, pass underlying param instead of address(wcanto). https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L493
  7. Avoid redundant cast, pass underlying = ICErc20(address(ctoken)).underlying() param instead of underlying = address(ICErc20(address(ctoken)).underlying()). https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L495
  8. Avoid redundant cast, pass token_ param instead of address(token). https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L527 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L532 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L539 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L544
  9. Use else if ((compareStrings(symbol, "cUSDT") || compareStrings(symbol, "cUSDC")) && (msg.sender == Comptroller )) condition instead of creating 2 similar if blocks. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L501 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L505
  10. Use same code convention(spacing and tabulation) for if else blocks. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L491-L496 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L498-L508 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L511-L521
  11. Cash pair.stable() value as you use it on the line 588 again. https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L558 https://github.com/code-423n4/2022-09-canto/blob/main/src/Swap/BaseV1-periphery.sol#L588
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter