Submission Details
Impact:
Likelihood:
Missing check on on stakedAsset
Root + Impact
Description
Should be checked if stakedAsset <> 0. This checks does not avoid errors but avoid unnecesary gas consumption.
/**
@dev cancel participation
*/
function cancelParticipation () public {
if (block.timestamp >= eventStartDate){
revert eventStarted();
}
@> missing check on stakedAsset[msg.sender] <> 0
uint256 refundAmount = stakedAsset[msg.sender];
stakedAsset[msg.sender] = 0;
uint256 shares = balanceOf(msg.sender);
_burn(msg.sender, shares);
IERC20(asset()).safeTransfer(msg.sender, refundAmount);
}
// Root cause in the codebase with @> marks to highlight the relevant section
Risk
Likelihood:
High. Each time the user decide to cancel the participation
Impact:
The impact is low. Only in gas consumption
Recommended Mitigation
function cancelParticipation () public {
if (block.timestamp >= eventStartDate){
revert eventStarted();
}
+ if (stakedAsset[msg.sender] == 0) {
+ revert depositNotDone();
+ }
uint256 refundAmount = stakedAsset[msg.sender];
stakedAsset[msg.sender] = 0;
uint256 shares = balanceOf(msg.sender);
_burn(msg.sender, shares);
IERC20(asset()).safeTransfer(msg.sender, refundAmount);
}
Updates
Appeal created
bube 19 days ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
Gas optimizations
Gas optimizations are invalid according to the CodeHawks documentation.
Rewards breakdown
nSLOC
193This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.