Platform: Code4rena
Start Date: 03/10/2023
Pot Size: $24,500 USDC
Total HM: 6
Participants: 62
Period: 3 days
Judge: LSDan
Total Solo HM: 3
Id: 288
League: ETH
Rank: 61/62
Findings: 1
Award: $4.94
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: adriro
Also found by: 0x3b, 0xAadi, 0xDING99YA, 0xTheC0der, 0xWaitress, 0xdice91, 100su, 3docSec, BRONZEDISC, BoRonGod, Eurovickk, GKBG, HChang26, IceBear, JP_Courses, MatricksDeCoder, Mike_Bello90, SovaSlava, Topmark, albahaca, cookedcookee, gzeon, hunter_w3b, kutugu, lukejohn, marqymarq10, matrix_0wl, orion, pep7siup, radev_sw, sces60107, taner2344, tpiliposian, wahedtalash77, xAriextz, zpan
4.9369 USDC - $4.94
In the LiquidityMiningPath.sol two functions setConcRewards and setAmbRewards share common requirements. While this doesn't represent a security issue, it's a potential area for code optimization and readability improvement.
Currently, both functions perform the same checks: they validate that weekFrom and weekTo are divisible by WEEK, and (maybe) they both have a governance check that is commented out. This repetition not only makes the code longer but also increases the chances of errors when maintaining the contract.
function setConcRewards(bytes32 poolIdx, uint32 weekFrom, uint32 weekTo, uint64 weeklyReward) public payable { // require(msg.sender == governance_, "Only callable by governance"); require(weekFrom % WEEK == 0 && weekTo % WEEK == 0, "Invalid weeks"); while (weekFrom <= weekTo) { concRewardPerWeek_[poolIdx][weekFrom] = weeklyReward; weekFrom += uint32(WEEK); } } function setAmbRewards(bytes32 poolIdx, uint32 weekFrom, uint32 weekTo, uint64 weeklyReward) public payable { // require(msg.sender == governance_, "Only callable by governance"); require(weekFrom % WEEK == 0 && weekTo % WEEK == 0, "Invalid weeks"); while (weekFrom <= weekTo) { ambRewardPerWeek_[poolIdx][weekFrom] = weeklyReward; weekFrom += uint32(WEEK); } }
To optimize the code and improve readability, consider creating a custom modifier, to centralize the governance and weekFrom % WEEK == 0 && weekTo % WEEK == 0 checks. Then, apply this modifier to both functions. This change will reduce code duplication and make it easier to manage access control requirements in the future.
The LiquidityMining.sol contract contains repeated code for calculating time-weighted liquidity in multiple functions. Specifically, the code responsible for tracking time-weighted liquidity over weeks is present in three separate functions with minor parameter variations. This redundancy can lead to maintenance challenges, increased risk of inconsistencies, and decreased code readability.
Specifically, the code responsible for tracking time-weighted liquidity over weeks is present in three separate functions:
accrueConcentratedGlobalTimeWeightedLiquidity(),
accrueConcentratedPositionTimeWeightedLiquidity(),
accrueAmbientGlobalTimeWeightedLiquidity().
uint32 time = lastAccrued; while (time < block.timestamp) { uint32 currWeek = uint32((time / WEEK) * WEEK); uint32 nextWeek = uint32(((time + WEEK) / WEEK) * WEEK); uint32 dt = uint32( nextWeek < block.timestamp ? nextWeek - time : block.timestamp - time ); timeWeightedWeeklyGlobalAmbLiquidity_[poolIdx][currWeek] += dt * liquidity; time += dt; }
To optimize the contract, we recommend consolidating the time-weighted liquidity calculation code into a single internal function. This function can be used internally by the existing functions that require this logic, reducing code duplication and improving maintainability.
#0 - c4-pre-sort
2023-10-09T17:23:07Z
141345 marked the issue as sufficient quality report
#1 - c4-judge
2023-10-18T22:32:38Z
dmvt marked the issue as grade-b