Platform: Code4rena
Start Date: 27/04/2022
Pot Size: $50,000 MIM
Total HM: 6
Participants: 59
Period: 5 days
Judge: 0xean
Id: 113
League: ETH
Rank: 28/59
Findings: 2
Award: $131.90
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1337, 0x1f8b, 0xDjango, 0xf15ers, AuditsAreUS, BowTiedWardens, CertoraInc, Funen, GimelSec, MaratCerby, Ruhum, WatchPug, antonttc, berndartmueller, bobi, bobirichman, broccolirob, catchup, cccz, defsec, delfin454000, gs8nrv, gzeon, horsefacts, hubble, hyh, ilan, jah, joestakey, kebabsec, kenta, kenzo, m9800, mics, oyc_109, pauliax, reassor, robee, samruna, sikorico, simon135, throttle, unforgiven, z3s
86.0794 MIM - $86.08
using old version of soldity that has no safemath on revert and bugs https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L20 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L20
spelling mistakes make it calculateInterest https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L115 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L135 make it transferred https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L257 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L359 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L234 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L321 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L352 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L390
inequality https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L435 bad comments what the is going on with this function https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L175 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L182 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L471
bad practice of having importent hashing static typed https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L340 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L343 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L378 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L381 save gass by making it ++ https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L441
#0 - cryptolyndon
2022-05-13T04:59:22Z
Seen, thanks
🌟 Selected for report: BowTiedWardens
Also found by: 0x1f8b, 0xNazgul, 0xf15ers, 0xkatana, CertoraInc, Funen, GimelSec, Hawkeye, IllIllI, Kulk0, NoamYakov, Tadashi, Tomio, TrungOre, antonttc, catchup, defsec, delfin454000, fatherOfBlocks, gzeon, horsefacts, joestakey, kenta, oyc_109, pauliax, reassor, robee, samruna, simon135, slywaters, sorrynotsorry, z3s
45.8188 MIM - $45.82
you can add more storage with out taking up more gas adding a uint48 will make it a full 1 slot instead of the it being all zeros https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L31 can add more varibles to make it take the full amout instead of zeros https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L100 add a uint24 before the contract oracle variable https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L32 can add a uint184 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L41 can add uint96 after the first address and then after all the vars you can add uint24 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L118 make a event have 3 indexed varibles saves gas https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L66 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPair.sol#L67 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L77 https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L85
save gass by making it ++ https://github.com/code-423n4/2022-04-abranft/blob/90ac5d3125a9ecd5dc5a469decc7c9527bb57ef4/contracts/NFTPairWithOracle.sol#L441
#0 - cryptolyndon
2022-05-14T01:34:16Z
Why add padding if we don't need it?
Surely adding more indexed fields does not make it cheaper?
Refuse to believe the ++ thing
#1 - 0xean
2022-05-21T15:25:18Z
@cryptolyndon - hah, our wardens all love the ++i vs i++
I have tested it in solidity 0.8.* and it is indeed a trivial amount of savings.