Platform: Code4rena
Start Date: 23/09/2021
Pot Size: $50,000 USDC
Total HM: 5
Participants: 14
Period: 7 days
Judge: ghoulsol
Total Solo HM: 3
Id: 32
League: ETH
Rank: 12/14
Findings: 2
Award: $147.61
🌟 Selected for report: 2
🚀 Solo Findings: 0
31.3808 USDC - $31.38
t11s
The PairFactory stores some constructor arguments as state for use in createPair. However, since no functions are provided to modify these state variables, marking them with the immutable keyword would save gas without downside, by removing SLOADs in favor of deploy-time inlining.
🌟 Selected for report: t11s
116.225 USDC - $116.23
t11s
Since Wildcredit's ERC20 implementation uses the Solidity 0.8 compiler, all math operations are checked against over/underflow by default. However, some of these checks are unnecessary due to pre-checks. Wildcredit can selectively disable these over/underflow checks using the unchecked{} construct.
There are 3 lines where use of checked math is unnecessary:
The sum of all balances in the ERC20 will never exceed type(uint256).max, as totalSupply is safely incremented in _mint when creating new tokens. If _mint was ever called with a value that would increase the sum of all balances beyond type(uint256).max, totalSupply would overflow and Solidity's checked math would cause a revert.
Hence, the balanceOf[_recipient] += _amount; can be wrapped in unchecked to prevent an unnecessary overflow check on the recipient's balance, as it cannot ever overflow.
Same as #1. totalSupply would overflow and revert first if the recipient would receive too many tokens.
Inverse of #2. A user's balance can never exceed totalSupply, hence decrementing of the totalSupply will never cause an underflow.
Wrap the 3 lines mentioned above in unchecked {}