Platform: Code4rena
Start Date: 11/11/2022
Pot Size: $36,500 USDC
Total HM: 5
Participants: 62
Period: 3 days
Judge: berndartmueller
Id: 181
League: ETH
Rank: 31/62
Findings: 2
Award: $89.03
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rotcivegaf
Also found by: 0x4non, 0xDecorativePineapple, 9svR6w, Trust, V_B, adriro, ajtra, aviggiano, brgltd, carlitox477, chaduke, codexploder, corerouter, joestakey, ladboy233, s3cunda, saian, wait
66.8068 USDC - $66.81
In function _returnDust the return value of call is not checked for success. If a user had sent excess ether or if an order in a bulk order had failed, and if the call fails ether will remain in the contract. Users who execute orders later will be able to receive the ether
let result := delegatecall(gas(), address(), memPointer, add(size, 0x04), 0, 0)
function _returnDust() private { uint256 _remainingETH = remainingETH; assembly { if gt(_remainingETH, 0) { let callStatus := call( gas(), caller(), selfbalance(), 0, 0, 0, 0 ) } } }
Manual Analysis
Add return value checks
require(!callStatus, "transfer failed")
#0 - c4-judge
2022-11-16T11:54:40Z
berndartmueller marked the issue as duplicate of #90
#1 - c4-judge
2022-11-16T11:55:44Z
berndartmueller marked the issue as satisfactory
🌟 Selected for report: ReyAdmirado
Also found by: 0x4non, 0xRoxas, 0xab00, Awesome, Aymen0909, Bnke0x0, Deivitto, Diana, IllIllI, Rahoz, RaymondFam, Rolezn, Sathish9098, ajtra, aphak5010, aviggiano, c3phas, carlitox477, ch0bu, cryptostellar5, erictee, lukris02, martin, rotcivegaf, saian, shark, trustindistrust, zaskoh
22.2155 USDC - $22.22
Due to how the EVM natively works on 256 bit numbers, using a 8 bit number in for-loops introduces additional costs as the EVM has to properly enforce the limits of this smaller type.
https://docs.soliditylang.org/en/v0.8.17/internals/layout_in_storage.html
for (uint8 i = 0; i < executionsLength; i++) {
for (uint8 i = 0; i < orders.length; i++) {
for (uint8 i = 0; i < fees.length; i++) {
In event emits using local variables or function arguments instead of storage variable can avoid storage read and save gas
emit NewExecutionDelegate(executionDelegate);
emit NewPolicyManager(policyManager);
emit NewOracle(oracle);
emit NewBlockRange(blockRange);
When underflow/overflow is not possible, statements can be unchecked to avoid the underflow/overflow checks introduced in version 0.8+
require(remainingETH >= price); remainingETH -= price;
require(totalFee <= price, "Total amount of fees are more than the price"); /* Amount that will be received by seller. */ uint256 receiveAmount = price - totalFee;
require(_balances[msg.sender] >= amount); _balances[msg.sender] -= amount;
require(_balances[from] >= amount); require(to != address(0)); _balances[from] -= amount; _balances[to] += amount;
#0 - c4-judge
2022-11-17T12:57:50Z
berndartmueller marked the issue as grade-b