Platform: Code4rena
Start Date: 16/02/2023
Pot Size: $144,750 USDC
Total HM: 17
Participants: 154
Period: 19 days
Judge: Trust
Total Solo HM: 5
Id: 216
League: ETH
Rank: 145/154
Findings: 1
Award: $42.07
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: c3phas
Also found by: 0x3b, 0x6980, 0x73696d616f, 0xSmartContract, 0xackermann, 0xhacksmithh, 0xsomeone, Bnke0x0, Bough, Budaghyan, Darshan, DeFiHackLabs, Deivitto, GalloDaSballo, JCN, LethL, Madalad, MiniGlome, Morraez, P-384, PaludoX0, Phantasmagoria, Praise, RHaO-sec, Rageur, RaymondFam, ReyAdmirado, Rickard, Rolezn, SaeedAlipoor01988, Saintcode_, Sathish9098, TheSavageTeddy, Tomio, Viktor_Cortess, abiih, arialblack14, atharvasama, banky, codeislight, cryptonue, ddimitrov22, dec3ntraliz3d, descharre, dharma09, emmac002, favelanky, hl_, hunter_w3b, kaden, kodyvim, matrix_0wl, oyc_109, pavankv, scokaf, seeu, yamapyblack
42.0697 USDC - $42.07
Optimization details
Use a solidity version of at least 0.8.2 to get simple compiler automatic inlining
Use a solidity version of at least 0.8.3 to get better struct packing and cheaper multiple storage reads
Use a solidity version of at least 0.8.4 to get custom errors, which are cheaper at deployment than revert()/require() strings
Use a solidity version of at least 0.8.10 to have external calls skip contract existence checks if the external call has a return value
There are 12 instances of this issue:
File: contracts/ReaperStrategyGranarySupplyOnly.sol
3: pragma solidity ^0.8.0;
File: contracts/abstract/ReaperBaseStrategyv4.sol
3: pragma solidity ^0.8.0;
File: contracts/ReaperVaultERC4626.sol
3: pragma solidity ^0.8.0;
File: contracts/ReaperVaultV2.sol
3: pragma solidity ^0.8.0;
File: contracts/LUSDToken.sol
3: pragma solidity ^0.8.0;
File: contracts/LQTY/LQTYStaking.sol
3: pragma solidity 0.6.11;
File: contracts/LQTY/CommunityIssuance.sol
3: pragma solidity 0.6.11;
File: contracts/StabilityPool.sol
3: pragma solidity 0.6.11;
File: contracts/ActivePool.sol
3: pragma solidity 0.6.11;
File: contracts/TroveManager.sol
3: pragma solidity 0.6.11;
File: contracts/BorrowerOperations.sol
3: pragma solidity 0.6.11;
File: contracts/CollateralConfig.sol
3: pragma solidity 0.6.11;
Manual Analysis
Optimization details
Use abi.encodePacked() where possible to save gas
2 Results 1 File:
src/LUSDToken.sol
284: domainSeparator(), keccak256(abi.encode(
305: return keccak256(abi.encode(typeHash, name, version, _chainID(), address(this)));
Manual Analysis
Optimization details
Instead of using the operator && on a single require check. Using double require check can save more gas.
For reference, see https://github.com/code-423n4/2022-01-xdefi-findings/issues/128
There are 5 instances of this issue:
File: contracts/LUSDToken.sol
347: require( 348: _recipient != address(0) && 349: _recipient != address(this), 350: "LUSD: Cannot transfer tokens directly to the LUSD token contract or the zero address" 351: );
352: require( 353: !stabilityPools[_recipient] && 354: !troveManagers[_recipient] && 355: !borrowerOperations[_recipient], 356: "LUSD: Cannot transfer tokens directly to the StabilityPool, TroveManager or BorrowerOps" 357: );
File: contracts/TroveManager.sol
1539: require (TroveOwnersArrayLength > 1 && sortedTroves.getSize(_collateral) > 1);
File: contracts/BorrowerOperations.sol
653: require(_maxFeePercentage >= BORROWING_FEE_FLOOR && _maxFeePercentage <= DECIMAL_PRECISION, 654: "Max fee percentage must be between 0.5% and 100%");
Manual Analysis
Checks that involve constants should come before checks that involve state variables, function calls, and calculations. By doing these checks first, the function is able to revert before wasting a Gcoldsload (2100 gas*) in a function that may ultimately revert in the unhappy case.
There is 1 instance of this issue:
File: contracts/ActivePool.sol
/// @audit expensive op on line 126 127: require(_bps <= 10_000, "Invalid BPS value");
#0 - c4-judge
2023-03-09T17:54:19Z
trust1995 marked the issue as grade-b