Submission Details
Severity:
Non Critical issues (69-73) of 73
NC069 - Functions should have Natspec @return annotations:
Documents the return variables of a contract’s function
Click to show 13 findings
File: v2-core/src/SablierV2LockupDynamic.sol
80 function getSegments(uint256 streamId)
91 function getStream(uint256 streamId)
123 function getTimestamps(uint256 streamId)
138 function createWithDurations(LockupDynamic.CreateWithDurations calldata params)
164 function createWithTimestamps(LockupDynamic.CreateWithTimestamps calldata params)
191 function _calculateStreamedAmount(uint256 streamId) internal view override returns (uint128) {
221 function _calculateStreamedAmountForMultipleSegments(uint256 streamId) internal view returns (uint128) {
282 function _calculateStreamedAmountForOneSegment(uint256 streamId) internal view returns (uint128) {
316 function _create(LockupDynamic.CreateWithTimestamps memory params) internal returns (uint256 streamId) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupDynamic.sol#L0:0
File: v2-core/src/SablierV2LockupLinear.sol
71 function getCliffTime(uint256 streamId) external view override notNull(streamId) returns (uint40 cliffTime) {
76 function getStream(uint256 streamId)
108 function getTimestamps(uint256 streamId)
127 function createWithDurations(LockupLinear.CreateWithDurations calldata params)
163 function createWithTimestamps(LockupLinear.CreateWithTimestamps calldata params)
189 function _calculateStreamedAmount(uint256 streamId) internal view override returns (uint128) {
237 function _create(LockupLinear.CreateWithTimestamps memory params) internal returns (uint256 streamId) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupLinear.sol#L0:0
File: v2-core/src/SablierV2LockupTranched.sol
75 function getStream(uint256 streamId)
107 function getTimestamps(uint256 streamId)
118 function getTranches(uint256 streamId)
133 function createWithDurations(LockupTranched.CreateWithDurations calldata params)
159 function createWithTimestamps(LockupTranched.CreateWithTimestamps calldata params)
183 function _calculateStreamedAmount(uint256 streamId) internal view override returns (uint128) {
220 function _create(LockupTranched.CreateWithTimestamps memory params) internal returns (uint256 streamId) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupTranched.sol#L0:0
File: v2-core/src/SablierV2NFTDescriptor.sol
47 function tokenURI(IERC721Metadata sablier, uint256 streamId) external view override returns (string memory uri) {
171 function calculateDurationInDays(uint256 startTime, uint256 endTime) internal pure returns (string memory) {
190 function calculateStreamedPercentage(
206 function generateAccentColor(address sablier, uint256 streamId) internal view returns (string memory) {
240 function generateAttributes(
261 function generateDescription(
301 function generateName(string memory sablierModel, string memory streamId) internal pure returns (string memory) {
307 function mapSymbol(IERC721Metadata sablier) internal view returns (string memory) {
322 function safeAssetDecimals(address asset) internal view returns (uint8) {
334 function safeAssetSymbol(address asset) internal view returns (string memory) {
355 function stringifyFractionalAmount(uint256 fractionalAmount) internal pure returns (string memory) {
372 function stringifyPercentage(uint256 percentage) internal pure returns (string memory) {
384 function stringifyStatus(Lockup.Status status) internal pure returns (string memory) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2NFTDescriptor.sol#L0:0
File: v2-core/src/abstracts/SablierV2Lockup.sol
83 function getAsset(uint256 streamId) external view override notNull(streamId) returns (IERC20 asset) {
88 function getDepositedAmount(uint256 streamId)
99 function getEndTime(uint256 streamId) external view override notNull(streamId) returns (uint40 endTime) {
104 function getRecipient(uint256 streamId) external view override returns (address recipient) {
110 function getRefundedAmount(uint256 streamId)
121 function getSender(uint256 streamId) external view override notNull(streamId) returns (address sender) {
126 function getStartTime(uint256 streamId) external view override notNull(streamId) returns (uint40 startTime) {
131 function getWithdrawnAmount(uint256 streamId)
142 function isCancelable(uint256 streamId) external view override notNull(streamId) returns (bool result) {
149 function isCold(uint256 streamId) external view override notNull(streamId) returns (bool result) {
155 function isDepleted(uint256 streamId) external view override notNull(streamId) returns (bool result) {
160 function isStream(uint256 streamId) external view override returns (bool result) {
165 function isTransferable(uint256 streamId) external view override notNull(streamId) returns (bool result) {
170 function isWarm(uint256 streamId) external view override notNull(streamId) returns (bool result) {
176 function refundableAmountOf(uint256 streamId)
193 function statusOf(uint256 streamId) external view override notNull(streamId) returns (Lockup.Status status) {
198 function streamedAmountOf(uint256 streamId)
209 function tokenURI(uint256 streamId) public view override(IERC721Metadata, ERC721) returns (string memory uri) {
218 function wasCanceled(uint256 streamId) external view override notNull(streamId) returns (bool result) {
223 function withdrawableAmountOf(uint256 streamId)
464 function _calculateStreamedAmount(uint256 streamId) internal view virtual returns (uint128);
468 function _isCallerStreamRecipientOrApproved(uint256 streamId) internal view returns (bool) {
476 function _isCallerStreamSender(uint256 streamId) internal view returns (bool) {
481 function _statusOf(uint256 streamId) internal view returns (Lockup.Status) {
500 function _streamedAmountOf(uint256 streamId) internal view returns (uint128) {
542 function _withdrawableAmountOf(uint256 streamId) internal view returns (uint128) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/abstracts/SablierV2Lockup.sol#L0:0
File: v2-core/src/libraries/Helpers.sol
17 function calculateSegmentTimestamps(LockupDynamic.SegmentWithDuration[] memory segments)
50 function calculateTrancheTimestamps(LockupTranched.TrancheWithDuration[] memory tranches)
80 function checkAndCalculateBrokerFee(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/libraries/Helpers.sol#L0:0
File: v2-core/src/libraries/NFTSVG.sol
44 function generateSVG(SVGParams memory params) internal pure returns (string memory) {
98 function generateDefs(
120 function generateFloatingText(
146 function generateHrefs(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/libraries/NFTSVG.sol#L0:0
File: v2-core/src/libraries/SVGElements.sol
74 function card(CardType cardType, string memory content) internal pure returns (uint256, string memory) {
78 function card(
128 function floatingText(string memory offset, string memory text) internal pure returns (string memory) {
139 function gradients(string memory accentColor) internal pure returns (string memory) {
185 function hourglass(string memory status) internal pure returns (string memory) {
198 function progressCircle(
233 function calculatePixelWidth(string memory text, bool largeFont) internal pure returns (uint256 width) {
255 function stringifyCardType(CardType cardType) internal pure returns (string memory) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/libraries/SVGElements.sol#L0:0
File: v2-periphery/src/SablierV2BatchLockup.sol
25 function createWithDurationsLD(
73 function createWithTimestampsLD(
126 function createWithDurationsLL(
174 function createWithTimestampsLL(
226 function createWithDurationsLT(
274 function createWithTimestampsLT(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2BatchLockup.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLL.sol
59 function claim(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLL.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLT.sol
65 function getTranchesWithPercentages() external view override returns (MerkleLT.TrancheWithPercentage[] memory) {
74 function claim(
120 function _calculateTranches(uint128 claimAmount)
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLT.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLockupFactory.sol
25 function createMerkleLL(
43 function createMerkleLT(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLockupFactory.sol#L0:0
File: v2-periphery/src/abstracts/SablierV2MerkleLockup.sol
83 function getFirstClaimTime() external view override returns (uint40) {
88 function hasClaimed(uint256 index) public view override returns (bool) {
93 function hasExpired() public view override returns (bool) {
98 function name() external view override returns (string memory) {
156 function _hasGracePeriodPassed() internal view returns (bool) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/abstracts/SablierV2MerkleLockup.sol#L0:0
NC070 - Functions should have Natspec @param annotations:
Documents a parameter just like in Doxygen (must be followed by parameter name)
Click to show 15 findings
File: v2-core/src/SablierV2LockupDynamic.sol
80 function getSegments(uint256 streamId)
91 function getStream(uint256 streamId)
123 function getTimestamps(uint256 streamId)
138 function createWithDurations(LockupDynamic.CreateWithDurations calldata params)
164 function createWithTimestamps(LockupDynamic.CreateWithTimestamps calldata params)
191 function _calculateStreamedAmount(uint256 streamId) internal view override returns (uint128) {
221 function _calculateStreamedAmountForMultipleSegments(uint256 streamId) internal view returns (uint128) {
282 function _calculateStreamedAmountForOneSegment(uint256 streamId) internal view returns (uint128) {
316 function _create(LockupDynamic.CreateWithTimestamps memory params) internal returns (uint256 streamId) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupDynamic.sol#L0:0
File: v2-core/src/SablierV2LockupLinear.sol
71 function getCliffTime(uint256 streamId) external view override notNull(streamId) returns (uint40 cliffTime) {
76 function getStream(uint256 streamId)
108 function getTimestamps(uint256 streamId)
127 function createWithDurations(LockupLinear.CreateWithDurations calldata params)
163 function createWithTimestamps(LockupLinear.CreateWithTimestamps calldata params)
189 function _calculateStreamedAmount(uint256 streamId) internal view override returns (uint128) {
237 function _create(LockupLinear.CreateWithTimestamps memory params) internal returns (uint256 streamId) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupLinear.sol#L0:0
File: v2-core/src/SablierV2LockupTranched.sol
75 function getStream(uint256 streamId)
107 function getTimestamps(uint256 streamId)
118 function getTranches(uint256 streamId)
133 function createWithDurations(LockupTranched.CreateWithDurations calldata params)
159 function createWithTimestamps(LockupTranched.CreateWithTimestamps calldata params)
183 function _calculateStreamedAmount(uint256 streamId) internal view override returns (uint128) {
220 function _create(LockupTranched.CreateWithTimestamps memory params) internal returns (uint256 streamId) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupTranched.sol#L0:0
File: v2-core/src/SablierV2NFTDescriptor.sol
47 function tokenURI(IERC721Metadata sablier, uint256 streamId) external view override returns (string memory uri) {
171 function calculateDurationInDays(uint256 startTime, uint256 endTime) internal pure returns (string memory) {
190 function calculateStreamedPercentage(
206 function generateAccentColor(address sablier, uint256 streamId) internal view returns (string memory) {
240 function generateAttributes(
261 function generateDescription(
301 function generateName(string memory sablierModel, string memory streamId) internal pure returns (string memory) {
307 function mapSymbol(IERC721Metadata sablier) internal view returns (string memory) {
322 function safeAssetDecimals(address asset) internal view returns (uint8) {
334 function safeAssetSymbol(address asset) internal view returns (string memory) {
384 function stringifyStatus(Lockup.Status status) internal pure returns (string memory) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2NFTDescriptor.sol#L0:0
File: v2-core/src/abstracts/Adminable.sol
34 function transferAdmin(address newAdmin) public virtual override onlyAdmin {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/abstracts/Adminable.sol#L0:0
File: v2-core/src/abstracts/NoDelegateCall.sol
13 constructor() {
29 function _preventDelegateCall() private view {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/abstracts/NoDelegateCall.sol#L0:0
File: v2-core/src/abstracts/SablierV2Lockup.sol
83 function getAsset(uint256 streamId) external view override notNull(streamId) returns (IERC20 asset) {
88 function getDepositedAmount(uint256 streamId)
99 function getEndTime(uint256 streamId) external view override notNull(streamId) returns (uint40 endTime) {
104 function getRecipient(uint256 streamId) external view override returns (address recipient) {
110 function getRefundedAmount(uint256 streamId)
121 function getSender(uint256 streamId) external view override notNull(streamId) returns (address sender) {
126 function getStartTime(uint256 streamId) external view override notNull(streamId) returns (uint40 startTime) {
131 function getWithdrawnAmount(uint256 streamId)
142 function isCancelable(uint256 streamId) external view override notNull(streamId) returns (bool result) {
149 function isCold(uint256 streamId) external view override notNull(streamId) returns (bool result) {
155 function isDepleted(uint256 streamId) external view override notNull(streamId) returns (bool result) {
160 function isStream(uint256 streamId) external view override returns (bool result) {
165 function isTransferable(uint256 streamId) external view override notNull(streamId) returns (bool result) {
170 function isWarm(uint256 streamId) external view override notNull(streamId) returns (bool result) {
176 function refundableAmountOf(uint256 streamId)
193 function statusOf(uint256 streamId) external view override notNull(streamId) returns (Lockup.Status status) {
198 function streamedAmountOf(uint256 streamId)
209 function tokenURI(uint256 streamId) public view override(IERC721Metadata, ERC721) returns (string memory uri) {
218 function wasCanceled(uint256 streamId) external view override notNull(streamId) returns (bool result) {
223 function withdrawableAmountOf(uint256 streamId)
238 function burn(uint256 streamId) external override noDelegateCall notNull(streamId) {
256 function cancel(uint256 streamId) public override noDelegateCall notNull(streamId) {
274 function cancelMultiple(uint256[] calldata streamIds) external override noDelegateCall {
284 function renounce(uint256 streamId) external override noDelegateCall notNull(streamId) updateMetadata(streamId) {
315 function setNFTDescriptor(ISablierV2NFTDescriptor newNFTDescriptor) external override onlyAdmin {
332 function withdraw(
405 function withdrawMax(uint256 streamId, address to) external override {
410 function withdrawMaxAndTransfer(
436 function withdrawMultiple(
481 function _statusOf(uint256 streamId) internal view returns (Lockup.Status) {
500 function _streamedAmountOf(uint256 streamId) internal view returns (uint128) {
542 function _withdrawableAmountOf(uint256 streamId) internal view returns (uint128) {
551 function _cancel(uint256 streamId) internal {
620 function _renounce(uint256 streamId) internal {
631 function _withdraw(uint256 streamId, address to, uint128 amount) internal {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/abstracts/SablierV2Lockup.sol#L0:0
File: v2-core/src/libraries/Helpers.sol
17 function calculateSegmentTimestamps(LockupDynamic.SegmentWithDuration[] memory segments)
50 function calculateTrancheTimestamps(LockupTranched.TrancheWithDuration[] memory tranches)
80 function checkAndCalculateBrokerFee(
111 function checkCreateLockupDynamic(
146 function checkCreateLockupLinear(uint128 depositAmount, LockupLinear.Timestamps memory timestamps) internal view {
183 function checkCreateLockupTranched(
227 function _checkSegments(
290 function _checkTranches(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/libraries/Helpers.sol#L0:0
File: v2-core/src/libraries/NFTSVG.sol
44 function generateSVG(SVGParams memory params) internal pure returns (string memory) {
98 function generateDefs(
120 function generateFloatingText(
146 function generateHrefs(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/libraries/NFTSVG.sol#L0:0
File: v2-core/src/libraries/SVGElements.sol
74 function card(CardType cardType, string memory content) internal pure returns (uint256, string memory) {
78 function card(
128 function floatingText(string memory offset, string memory text) internal pure returns (string memory) {
139 function gradients(string memory accentColor) internal pure returns (string memory) {
185 function hourglass(string memory status) internal pure returns (string memory) {
198 function progressCircle(
233 function calculatePixelWidth(string memory text, bool largeFont) internal pure returns (uint256 width) {
255 function stringifyCardType(CardType cardType) internal pure returns (string memory) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/libraries/SVGElements.sol#L0:0
File: v2-periphery/src/SablierV2BatchLockup.sol
25 function createWithDurationsLD(
73 function createWithTimestampsLD(
126 function createWithDurationsLL(
174 function createWithTimestampsLL(
226 function createWithDurationsLT(
274 function createWithTimestampsLT(
330 function _approve(address sablierContract, IERC20 asset, uint256 amount) internal {
339 function _handleTransfer(address sablierContract, IERC20 asset, uint256 amount) internal {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2BatchLockup.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLL.sol
40 constructor(
59 function claim(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLL.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLT.sol
40 constructor(
65 function getTranchesWithPercentages() external view override returns (MerkleLT.TrancheWithPercentage[] memory) {
74 function claim(
120 function _calculateTranches(uint128 claimAmount)
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLT.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLockupFactory.sol
25 function createMerkleLL(
43 function createMerkleLT(
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLockupFactory.sol#L0:0
File: v2-periphery/src/abstracts/SablierV2MerkleLockup.sol
59 constructor(MerkleLockup.ConstructorParams memory params) {
83 function getFirstClaimTime() external view override returns (uint40) {
88 function hasClaimed(uint256 index) public view override returns (bool) {
93 function hasExpired() public view override returns (bool) {
98 function name() external view override returns (string memory) {
107 function clawback(address to, uint128 amount) external override onlyAdmin {
129 function _checkClaim(uint256 index, bytes32 leaf, bytes32[] calldata merkleProof) internal {
156 function _hasGracePeriodPassed() internal view returns (bool) {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/abstracts/SablierV2MerkleLockup.sol#L0:0
NC071 - A event should be emitted if a non immutable state variable is set in a constructor:
File: v2-periphery/src/SablierV2MerkleLL.sol
40 constructor(
41 MerkleLockup.ConstructorParams memory baseParams,
42 ISablierV2LockupLinear lockupLinear,
43 LockupLinear.Durations memory streamDurations_
44 )
45 SablierV2MerkleLockup(baseParams)
46 {
47 LOCKUP_LINEAR = lockupLinear;
48 streamDurations = streamDurations_;
49
50 // Max approve the Sablier contract to spend funds from the MerkleLockup contract.
51 ASSET.forceApprove(address(LOCKUP_LINEAR), type(uint256).max);
52 }
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLL.sol#L0:0
File: v2-periphery/src/abstracts/SablierV2MerkleLockup.sol
59 constructor(MerkleLockup.ConstructorParams memory params) {
60 // Check: the campaign name is not greater than 32 bytes
61 if (bytes(params.name).length > 32) {
62 revert Errors.SablierV2MerkleLockup_CampaignNameTooLong({
63 nameLength: bytes(params.name).length,
64 maxLength: 32
65 });
66 }
67
68 admin = params.initialAdmin;
69 ASSET = params.asset;
70 CANCELABLE = params.cancelable;
71 EXPIRATION = params.expiration;
72 ipfsCID = params.ipfsCID;
73 MERKLE_ROOT = params.merkleRoot;
74 NAME = bytes32(abi.encodePacked(params.name));
75 TRANSFERABLE = params.transferable;
76 }
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/abstracts/SablierV2MerkleLockup.sol#L0:0
NC072 - It is best practice to use linear inheritance:
In Solidity, complex inheritance structures can obfuscate code understanding, introducing potential security risks. Multiple inheritance, especially with overlapping function names or state variables, can cause unintentional overrides or ambiguous behavior. Resolution: Strive for linear and simple inheritance chains. Avoid diamond or circular inheritance patterns. Clearly document the purpose and relationships of base contracts, ensuring that overrides are intentional. Tools like Remix or Hardhat can visualize inheritance chains, assisting in verification. Keeping inheritance streamlined aids in better code readability, reduces potential errors, and ensures smoother audits and upgrades.
Click to show 5 findings
File: v2-core/src/SablierV2LockupDynamic.sol
37 contract SablierV2LockupDynamic is
38 ISablierV2LockupDynamic, // 5 inherited components
39 SablierV2Lockup // 14 inherited components
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupDynamic.sol#L0:0
File: v2-core/src/SablierV2LockupLinear.sol
36 contract SablierV2LockupLinear is
37 ISablierV2LockupLinear, // 5 inherited components
38 SablierV2Lockup // 14 inherited components
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupLinear.sol#L0:0
File: v2-core/src/SablierV2LockupTranched.sol
34 contract SablierV2LockupTranched is
35 ISablierV2LockupTranched, // 5 inherited components
36 SablierV2Lockup // 14 inherited components
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/SablierV2LockupTranched.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLL.sol
17 contract SablierV2MerkleLL is
18 ISablierV2MerkleLL, // 2 inherited components
19 SablierV2MerkleLockup // 4 inherited components
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLL.sol#L0:0
File: v2-periphery/src/SablierV2MerkleLT.sol
17 contract SablierV2MerkleLT is
18 ISablierV2MerkleLT, // 2 inherited components
19 SablierV2MerkleLockup // 4 inherited components
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/SablierV2MerkleLT.sol#L0:0
NC073 - Consider only defining one library/interface/contract per sol file:
Combining multiple libraries, interfaces, or contracts in a single file can lead to clutter, reduced readability, and versioning issues. Resolution: Adopt the best practice of defining only one library, interface, or contract per Solidity file. This modular approach enhances clarity, simplifies unit testing, and streamlines code review. Furthermore, segregating components makes version management easier, as updates to one component won't necessitate changes to a file housing multiple unrelated components. Structured file management can further assist in avoiding naming collisions and ensure smoother integration into larger systems or DApps.
File: v2-core/src/types/DataTypes.sol
30 library Lockup {
31 /// @notice Struct encapsulating the deposit, withdrawn, and refunded amounts, both denoted in units of the asset's
32 /// decimals.
33 /// @dev Because the deposited and the withdrawn amount are often read together, declaring them in the same slot
34 /// saves gas.
35 /// @param deposited The initial amount deposited in the stream, net of broker fee.
36 /// @param withdrawn The cumulative amount withdrawn from the stream.
37 /// @param refunded The amount refunded to the sender. Unless the stream was canceled, this is always zero.
38 struct Amounts {
39 // slot 0
40 uint128 deposited;
41 uint128 withdrawn;
42 // slot 1
43 uint128 refunded;
44 }
45
46 /// @notice Struct encapsulating the deposit amount and the broker fee amount, both denoted in units of the asset's
47 /// decimals.
48 /// @param deposit The amount to deposit in the stream.
49 /// @param brokerFee The broker fee amount.
50 struct CreateAmounts {
51 uint128 deposit;
52 uint128 brokerFee;
53 }
54
55 /// @notice Enum representing the different statuses of a stream.
56 /// @custom:value0 PENDING Stream created but not started; assets are in a pending state.
57 /// @custom:value1 STREAMING Active stream where assets are currently being streamed.
58 /// @custom:value2 SETTLED All assets have been streamed; recipient is due to withdraw them.
59 /// @custom:value3 CANCELED Canceled stream; remaining assets await recipient's withdrawal.
60 /// @custom:value4 DEPLETED Depleted stream; all assets have been withdrawn and/or refunded.
61 enum Status {
62 PENDING,
63 STREAMING,
64 SETTLED,
65 CANCELED,
66 DEPLETED
67 }
68
69 /// @notice A common data structure to be stored in all {SablierV2Lockup} models.
70 /// @dev The fields are arranged like this to save gas via tight variable packing.
71 /// @param sender The address distributing the assets, with the ability to cancel the stream.
72 /// @param startTime The Unix timestamp indicating the stream's start.
73 /// @param endTime The Unix timestamp indicating the stream's end.
74 /// @param isCancelable Boolean indicating if the stream is cancelable.
75 /// @param wasCanceled Boolean indicating if the stream was canceled.
76 /// @param asset The contract address of the ERC-20 asset to be distributed.
77 /// @param isDepleted Boolean indicating if the stream is depleted.
78 /// @param isStream Boolean indicating if the struct entity exists.
79 /// @param isTransferable Boolean indicating if the stream NFT is transferable.
80 /// @param amounts Struct containing the deposit, withdrawn, and refunded amounts, both denoted in units of the
81 /// asset's decimals.
82 struct Stream {
83 // slot 0
84 address sender;
85 uint40 startTime;
86 uint40 endTime;
87 bool isCancelable;
88 bool wasCanceled;
89 // slot 1
90 IERC20 asset;
91 bool isDepleted;
92 bool isStream;
93 bool isTransferable;
94 // slot 2 and 3
95 Lockup.Amounts amounts;
96 }
97 }
98
99 /// @notice Namespace for the structs used in {SablierV2LockupDynamic}.
100 library LockupDynamic {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-core/src/types/DataTypes.sol#L0:0
File: v2-periphery/src/types/DataTypes.sol
9 library BatchLockup {
10 /// @notice A struct encapsulating the lockup contract's address and the stream ids to cancel.
11 struct CancelMultiple {
12 ISablierV2Lockup lockup;
13 uint256[] streamIds;
14 }
15
16 /// @notice A struct encapsulating all parameters of {SablierV2LockupDynamic.createWithDurations} except for the
17 /// asset.
18 struct CreateWithDurationsLD {
19 address sender;
20 address recipient;
21 uint128 totalAmount;
22 bool cancelable;
23 bool transferable;
24 LockupDynamic.SegmentWithDuration[] segments;
25 Broker broker;
26 }
27
28 /// @notice A struct encapsulating all parameters of {SablierV2LockupLinear.createWithDurations} except for the
29 /// asset.
30 struct CreateWithDurationsLL {
31 address sender;
32 address recipient;
33 uint128 totalAmount;
34 bool cancelable;
35 bool transferable;
36 LockupLinear.Durations durations;
37 Broker broker;
38 }
39
40 /// @notice A struct encapsulating all parameters of {SablierV2LockupTranched.createWithDurations} except for the
41 /// asset.
42 struct CreateWithDurationsLT {
43 address sender;
44 address recipient;
45 uint128 totalAmount;
46 bool cancelable;
47 bool transferable;
48 LockupTranched.TrancheWithDuration[] tranches;
49 Broker broker;
50 }
51
52 /// @notice A struct encapsulating all parameters of {SablierV2LockupDynamic.createWithTimestamps} except for the
53 /// asset.
54 struct CreateWithTimestampsLD {
55 address sender;
56 address recipient;
57 uint128 totalAmount;
58 bool cancelable;
59 bool transferable;
60 uint40 startTime;
61 LockupDynamic.Segment[] segments;
62 Broker broker;
63 }
64
65 /// @notice A struct encapsulating all parameters of {SablierV2LockupLinear.createWithTimestamps} except for the
66 /// asset.
67 struct CreateWithTimestampsLL {
68 address sender;
69 address recipient;
70 uint128 totalAmount;
71 bool cancelable;
72 bool transferable;
73 LockupLinear.Timestamps timestamps;
74 Broker broker;
75 }
76
77 /// @notice A struct encapsulating all parameters of {SablierV2LockupTranched.createWithTimestamps} except for the
78 /// asset.
79 struct CreateWithTimestampsLT {
80 address sender;
81 address recipient;
82 uint128 totalAmount;
83 bool cancelable;
84 bool transferable;
85 uint40 startTime;
86 LockupTranched.Tranche[] tranches;
87 Broker broker;
88 }
89 }
90
91 library MerkleLockup {
https://github.com/Cyfrin/2024-05-Sablier/tree/main/v2-periphery/src/types/DataTypes.sol#L0:0
Updates
Lead Judging Commences
inallhonesty about 1 year ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
Info/Gas/Invalid as per Docs
https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity
Prize pool breakdown
Total prize
53,440 USDC
nSLOC
2,65520 USDC / LOC
45,000 USDC
3,100 USDC
5,340 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.