Platform: Code4rena
Start Date: 03/05/2022
Pot Size: $50,000 USDC
Total HM: 4
Participants: 46
Period: 5 days
Judge: gzeon
Total Solo HM: 2
Id: 117
League: ETH
Rank: 23/46
Findings: 2
Award: $166.81
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: BowTiedWardens
Also found by: 0x1337, 0x1f8b, 0x4non, 0xDjango, David_, Funen, GimelSec, IllIllI, Picodes, TerrierLover, WatchPug, bobi, cryptphi, csanuragjain, delfin454000, dirk_y, ellahi, fatherOfBlocks, hyh, ilan, jayjonah8, kebabsec, leastwood, oyc_109, robee, samruna, simon135, sorrynotsorry, throttle
114.326 USDC - $114.33
Minoor issues, code improvements:
Mitigation Check the logic one more time.
Description: In above function, the if(from == to) check is done after super..() is called. If the condition fails, then execution is halted. Is there a reason the check if not first line in funtion
Mitigation: Check logic.
Description:
bool success;
assembly {
switch returndatasize()
case 0 { // This is a non-standard ERC-20
success := not(0) // set success to true
}
case 32 { // This is a compliant ERC-20
returndatacopy(0, 0, 32)
success := mload(0) // Set success = returndata of external call
}
default { // This is an excessively non-compliant ERC-20, revert.
revert(0, 0)
}
}
Above code is commong for dotransferIn and dotransferOut functions. It can be extracted out to reduce contract size. Infact both functions can be combined to reduce size further.
Mitigation: Change logic to,
bool success = isTransferSuccessful();
function isTransferSuccessful() returns bool(success) {
bool success;
assembly {
switch returndatasize()
case 0 { // This is a non-standard ERC-20
success := not(0) // set success to true
}
case 32 { // This is a compliant ERC-20
returndatacopy(0, 0, 32)
success := mload(0) // Set success = returndata of external call
}
default { // This is an excessively non-compliant ERC-20, revert.
revert(0, 0)
}
}
}
Unused function Code: https://github.com/bunkerfinance/bunker-protocol/blob/752126094691e7457d08fc62a6a5006df59bd2fe/contracts/CEther.sol#L158 Description: The doTransferIn() function has internal scope and has no implementation. Also not called from within the contract. Mitigation: Consider removing the unused function.
Unused variables: Code: https://github.com/bunkerfinance/bunker-protocol/blob/752126094691e7457d08fc62a6a5006df59bd2fe/contracts/Comptroller.sol#L452-453 Description: In above functions, parameters liquidator and borrower are not used. Mitigation: Removed unused parameters.
🌟 Selected for report: BowTiedWardens
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xkatana, Cityscape, Fitraldys, Funen, GimelSec, IllIllI, MaratCerby, Picodes, TerrierLover, Tomio, delfin454000, ellahi, fatherOfBlocks, hansfriese, ilan, joestakey, oyc_109, rfa, robee, samruna, simon135, slywaters, throttle
52.4836 USDC - $52.48
Description: Instead of doin require(a==b,"..."), make use of revert with custom error. With Solidity 0.8 and above the revert function is better in terms of gas fee usage. It'll revert the transaction and refund any unused gas fees.
Mitigation: Replace require(numSold < maxDaSupply, 'Auction sold out'); with If (tokenIds.length != amounts.length) error CNFT_AMountLengthMismatch();