Submission Details
Severity:
Gas/QA report
Gas report
[G-01] Don't overcheck
The following are double checked since they are validated in: OZ ERC20
File: src/DecentralizedStableCoin.sol
47: uint256 balance = balanceOf(msg.sender);
51: if (balance < _amount) {
52: revert DecentralizedStableCoin__BurnAmountExceedsBalance();
53: }
58: if (_to == address(0)) {
59: revert DecentralizedStableCoin__NotZeroAddress();
60: }
[G-02] Save value to avoid SLOAD
File: src/DSCEngine.sol
/// @audit: Save `tokenAddresses[i]` in local var
119: s_priceFeeds[tokenAddresses[i]] = priceFeedAddresses[i];
120: s_collateralTokens.push(tokenAddresses[i]);
[G-03] Add unchecked{} in operations where the operands cannot over/underflow
File: src/DSCEngine.sol
251: uint256 bonusCollateral = (tokenAmountFromDebtCovered * LIQUIDATION_BONUS) / LIQUIDATION_PRECISION;
252: uint256 totalCollateralToRedeem = tokenAmountFromDebtCovered + bonusCollateral;
[G-04] constructor could be marked as payable
File: src/DecentralizedStableCoin.sol
44: constructor() ERC20("DecentralizedStableCoin", "DSC") {}
File: src/DSCEngine.sol
112: constructor(address[] memory tokenAddresses, address[] memory priceFeedAddresses, address dscAddress) {
[G-05] Implement a burnFrom function to save approve transaction
Since the DSCEngine contract is the owner of the DecentralizedStableCoin, it could implement the burnFrom function to burn the tokens directly, saving an approve transaction for the user:
@@ -40,6 +40,7 @@ contract DecentralizedStableCoin is ERC20Burnable, Ownable {
error DecentralizedStableCoin__MustBeMoreThanZero();
error DecentralizedStableCoin__BurnAmountExceedsBalance();
error DecentralizedStableCoin__NotZeroAddress();
+ error DecentralizedStableCoin__BlockFunction();
constructor() ERC20("DecentralizedStableCoin", "DSC") {}
@@ -54,6 +55,10 @@ contract DecentralizedStableCoin is ERC20Burnable, Ownable {
super.burn(_amount);
}
+ function burnFrom(address account, uint256 amount) public override onlyOwner {
+ _burn(account, amount);
+ }
+
function mint(address _to, uint256 _amount) external onlyOwner returns (bool) {
if (_to == address(0)) {
revert DecentralizedStableCoin__NotZeroAddress();
@@ -271,12 +271,7 @@ contract DSCEngine is ReentrancyGuard {
*/
function _burnDsc(uint256 amountDscToBurn, address onBehalfOf, address dscFrom) private {
s_DSCMinted[onBehalfOf] -= amountDscToBurn;
- bool success = i_dsc.transferFrom(dscFrom, address(this), amountDscToBurn);
- // This conditional is hypothtically unreachable
- if (!success) {
- revert DSCEngine__TransferFailed();
- }
- i_dsc.burn(amountDscToBurn);
+ i_dsc.burnFrom(dscFrom, amountDscToBurn);
}
Non-critical
[N‑01] Typo
File: src/DSCEngine.sol
/// @audit: `Algoritmically` to `Algorithmically`
040: * - Algoritmically Stable
[N-02] Non-library/interface files should use fixed compiler versions, not floating ones
File: src/DSCEngine.sol
24:
File: src/DecentralizedStableCoin.sol
24:
Prize pool breakdown
Total prize
15,000 USDC
nSLOC
23664 USDC / LOC
14,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.