Platform: Code4rena
Start Date: 12/04/2023
Pot Size: $60,500 USDC
Total HM: 21
Participants: 199
Period: 7 days
Judge: hansfriese
Total Solo HM: 5
Id: 231
League: ETH
Rank: 145/199
Findings: 1
Award: $22.60
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: juancito
Also found by: 0xAgro, 0xNorman, 0xSmartContract, 0xStalin, 0xTheC0der, 0xWaitress, 0xhacksmithh, 0xnev, 3dgeville, 8olidity, Arz, Aymen0909, BGSecurity, BRONZEDISC, Bauchibred, Bauer, BenRai, ChainHunters, ChrisTina, CodeFoxInc, DedOhWale, DishWasher, EloiManuel, IceBear, Inspex, Jorgect, Kaysoft, LeoGold, LewisBroadhurst, Madalad, MiloTruck, MohammedRizwan, Nyx, Polaris_tow, RaymondFam, SaharDevep, SanketKogekar, Sathish9098, SolidityATL, Udsen, W0RR1O, aria, ayden, berlin-101, bin2chen, catellatech, codeslide, crc32, decade, descharre, evmboi32, eyexploit, fatherOfBlocks, georgits, giovannidisiena, joestakey, karanctf, kodyvim, ltyu, lukris02, m9800, matrix_0wl, mov, mrpathfindr, nadin, niser93, p0wd3r, parlayan_yildizlar_takimi, pavankv, pontifex, qpzm, ravikiranweb3, rbserver, santipu_, shealtielanz, slvDev, tnevler, wonjun, xmxanuel, yixxas
22.6007 USDC - $22.60
[L-1] Missing event for an important operation Important operations should trigger an event to allow being tracked off-chain.
Instances (1):
https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L309
It should emit an event to notify external systems that the cap table has been restructured.
event CapTableRestructured(address indexed executor, address[] addressesWiped); ... function restructureCapTable(address[] calldata helpers, address[] calldata addressesToWipe) public { ... emit CapTableRestructured(msg.sender, addressesToWipe); }
[L-2] MinterApplied & MinterDenied events are missing an important parameter The Frankencoin.sol contract has important functions; suggestMinter, denyMinter. However, the callers of these functions are not published in emits.
Instances (2):
https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Frankencoin.sol#L89 https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Frankencoin.sol#L156
Add caller to MinterApplied and MinterDenied events.
event MinterApplied(address indexed caller, address indexed minter, uint256 applicationPeriod, uint256 applicationFee, string message); event MinterDenied(address indexed caller, address indexed minter, string message);
Add msg.sender parameter in event-emits in suggestMinter() and denyMinter().
emit MinterApplied(msg.sender, _minter, _applicationPeriod, _applicationFee, _message); emit MinterDenied(msg.sender, _minter, _message);
[N-1] Spellcheck
Instances (3):
the can -> they can https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/MintingHub.sol#L153
if -> is https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/MintingHub.sol#L24
creterion -> criterion https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Position.sol#L358
Consider using tools like the VSCode extension 'Code Spell Checker' or similar to help catch spelling errors during development.
#0 - c4-judge
2023-05-16T16:16:05Z
hansfriese marked the issue as grade-b