Platform: Code4rena
Start Date: 03/11/2022
Pot Size: $115,500 USDC
Total HM: 17
Participants: 120
Period: 7 days
Judge: LSDan
Total Solo HM: 1
Id: 174
League: ETH
Rank: 55/120
Findings: 2
Award: $110.58
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0xNazgul, 0xRoxas, 0xSmartContract, Awesome, Aymen0909, B2, BClabs, Bnke0x0, Deekshith99, Deivitto, Diana, Dinesh11G, Funen, HE1M, HardlyCodeMan, Josiah, Nyx, Rahoz, RaymondFam, RedOneN, ReyAdmirado, Rolezn, Saintcode_, TomJ, Trust, __141345__, a12jmx, adriro, ajtra, aphak5010, apostle0x01, brgltd, btk, bulej93, c3phas, carlitox477, catwhiskeys, ch0bu, chaduke, chrisdior4, cryptonue, cryptostellar5, csanuragjain, ctf_sec, delfin454000, djxploit, durianSausage, erictee, fatherOfBlocks, gogo, i_got_hacked, immeas, joestakey, jumpdest7d, lukris02, martin, mcwildy, merlin, minhquanym, oyc_109, pashov, peanuts, pedr02b2, rbserver, rotcivegaf, rvierdiiev, sakman, saneryee, seyni, shark, slowmoses, tnevler, trustindistrust, w0Lfrum, yurahod, zaskoh
61.3462 USDC - $61.35
| Issue | Instances | |
|---|---|---|
| [L-001] | approve should be replaced with safeIncreaseAllowance() or safeDecreaseAllowance() | 1 |
| [L-002] | Events not emitted for important state changes / Missing event for critical parameter changes | 1 |
approve should be replaced with safeIncreaseAllowance() or safeDecreaseAllowance()approve is subject to a known front-running attack. Consider using safeIncreaseAllownce() or safeDecreaseAllowance() instead
Total:1
134: IERC20(sellToken).approve(swapTarget, amount);
When changing state variables events are not emitted. Emitting events allows monitoring activities with off-chain monitoring tools.
Total:1
74: function setRate(
#0 - c4-judge
2022-12-06T21:46:33Z
dmvt marked the issue as grade-b
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0xRajkumar, Awesome, Aymen0909, B2, Bnke0x0, Deivitto, Diana, JC, Metatron, Rahoz, RaymondFam, RedOneN, ReyAdmirado, Rolezn, Saintcode_, TomJ, __141345__, ajtra, aphak5010, brgltd, c3phas, ch0bu, chrisdior4, cryptonue, durianSausage, emrekocak, erictee, exolorkistis, gogo, karanctf, lukris02, martin, me_na0mi, oyc_109, peanuts, rotcivegaf, saneryee, seyni, tnevler, zaskoh
49.2315 USDC - $49.23
| Issue | Instances | |
|---|---|---|
| [G-001] | Functions guaranteed to revert when called by normal users can be marked payable | 2 |
| [G-002] | Use Assembly to check for address(0) | 4 |
| [G-003] | internal function only called once can be inlined to save gas | 1 |
If a function modifier such as onlyOwner is used, the function will revert if a normal user tries to pay the function. Marking the function as payable will lower the gas cost for legitimate callers because the compiler will not include checks for whether a payment was provided.
Total:2
38: ) external override onlyLineContract returns (uint256) {
78: ) external onlyLineContract returns (bool) {
Saves 6 gas per instance if using assemlby to check for address(0)
Total:4
445: if(credits[id].lender != address(0)) { revert PositionExists(); }
180: require(newOwner != address(0));
189: require(newOperator != address(0));
201: require(newTreasury != address(0));
Not inlining costs 20 to 40 gas because of two extra JUMP instructions and additional stack operations needed for function calls.
Total:1
25: function _init() internal virtual returns(LineLib.STATUS) {
#0 - c4-judge
2022-11-17T22:58:02Z
dmvt marked the issue as grade-b