Back to samruna's contests

Swivel v3 contest - samruna's results

The Capital-Efficient Protocol For Fixed-Rate Lending.

General Information

Platform: Code4rena

Start Date: 12/07/2022

Pot Size: $35,000 USDC

Total HM: 13

Participants: 78

Period: 3 days

Judge: 0xean

Total Solo HM: 6

Id: 135

League: ETH

Swivel

Findings Distribution

Researcher Performance

Rank: 73/78

Findings: 1

Award: $25.74

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositorySwivel

Findings Information

🌟 Selected for report: joestakey

Also found by: 0x040, 0x1f8b, 0xDjango, 0xNazgul, 0xsam, Avci, Aymen0909, Bnke0x0, CRYP70, ElKu, Fitraldys, Funen, JC, Kaiziron, MadWookie, Meera, ReyAdmirado, Sm4rty, Soosh, TomJ, Waze, _Adam, __141345__, ajtra, benbaessler, c3phas, csanuragjain, durianSausage, exd0tpy, fatherOfBlocks, hake, ignacio, karanctf, kyteg, m_Rassska, oyc_109, rbserver, robee, rokinot, samruna, sashik_eth, simon135, slywaters

Awards

25.7426 USDC - $25.74

Labels

bug
duplicate
G (Gas Optimization)
wontfix

External Links

Link to GitHub issue
  1. !=0 is cheaper than > 0 In below code references, comparison is done using > 0. Instead consider using != for integer comparison. It's much cheaper.

Code: https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L54 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L59 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L93 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L123 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L165 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L181 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L184 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/VaultTracker.sol#L222 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L54 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L59 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L93 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L123 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L165 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L181 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L184 https://github.com/code-423n4/2022-07-swivel/blob/main/VaultTracker/VaultTracker.sol#L222

  1. Use of custom error Starting from Solidity v0.8.4, there is a convenient and gas-efficient way to explain to users why an operation failed through the use of custom errors. Until now, you could already use strings to give more information about failures (e.g., revert("Insufficient funds.");), but they are rather expensive, especially when it comes to deploy cost, and it is difficult to use dynamic information in them.

Code references: https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/LibCompound.sol#L28 https://github.com/code-423n4/2022-07-swivel/blob/main/Creator/LibFuse.sol#L36

Mitigation: replace require with if (a != b) revert ERROR()

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter