Skip to content

Instantly share code, notes, and snippets.

@itsmetechjay
Last active July 3, 2023 15:15
Show Gist options
  • Save itsmetechjay/09ae039958715d881a47209f74af1b7c to your computer and use it in GitHub Desktop.
Save itsmetechjay/09ae039958715d881a47209f74af1b7c to your computer and use it in GitHub Desktop.

Winning bot race submission

This is the top-ranked automated findings report, from warden favelanky's c4lanky-bot. All findings in this report will be considered known issues for the purposes of your C4 audit.

Table of Contents

Number Issues Details Count
[H-1] Incorrect comparison implementation 2
[M-1] The owner is a single point of failure and a centralization risk 92
[L-1] Contracts are vulnerable to fee-on-transfer token related accounting issues 91
[L-2] Array does not have a pop function 44
[L-3] Setters should have initial value check 14
[L-4] Division by zero not prevented 21
[L-5] Loss of precision 23
[L-6] Signature Malleability of EVM's ecrecover 2
[L-7] Use of floating pragma 52
[L-8] Solmate's SafeTransferLib doesn't check whether the ERC20 contract exists 73
[L-9] External calls in an un-bounded for-loop may result in a DOS 48
[L-10] Unsafe casting may overflow 106
[L-11] Some ERC20 revert on zero value transfer 91
[L-12] Zero address check is missing 59
[L-13] Some ERC20 tokens dust would be remained in the contract 1
[L-14] Division before multiplication can lead to precision errors 1
[L-15] Array lengths not checked 12
[L-16] Use Ownable2Step's transfer function rather than Ownable's for transfers of ownership 32
[L-17] Do not use deprecated library functions 9
[L-18] No limits when setting min/max amounts 15
[L-19] Approve type(uint256).max not work with some tokens 9
[L-20] Owner can renounce Ownership 29
[L-21] Unsafe ERC20 operations 15
[N-1] Typos in the code 98
[N-2] Use a more recent version of solidity 68
[N-3] Lines are too long 192
[N-4] Inconsistent spacing in comments 1283
[N-5] Large numeric literals should use underscores for readability 20
[N-6] TODO in the code 2
[N-7] Using named parameters in mapping is best practice 183
[N-8] Function ordering does not follow the Solidity style guide 124
[N-9] Private and internal variables must start with an underscore 231
[N-10] Function parameter name must be in mixedCase 5
[N-11] Variable name must be in mixedCase 6
[N-12] It is standard for all external and public functions to be overridden from an interface 367
[N-13] Constant name must be in capitalized SNAKE_CASE 23
[N-14] Function must not be longer than 50 lines 28
[N-15] Function name must be in mixedCase 2
[N-16] Contract name must be in CamelCase 5
[N-17] Use scientific notation (e.g. 1e18) rather than exponentiation (e.g. 10**18) 2
[N-18] constants should be defined rather than using magic numbers 102
[N-19] Reverts should use customer errors instead of strings 283
[N-20] Event missing indexed field 16
[N-21] Constants in comparisons should appear on the left side 180
[N-22] Use modifier instead of require/if for special msg.sender 11
[N-23] Use multiple require() and if statements instead of && 44
[N-24] else-block not required 5
[N-25] Unsigned divisions can be marked as unchecked 7
[N-26] Import only specific files 2
[N-27] require()/revert() statements should have descriptive reason strings 35
[N-28] Interfaces should be indicated with an I prefix in the contract name 6
[N-29] Redundant return statement with named return variable 22
[N-30] Use safeTransferOwnership instead of transferOwnership function 3
[N-31] Contract name must be in CamelCase. 7
[N-32] Critical functions should be a two step procedure 3
[N-33] Shorthand way to write if / else statement 1
[N-34] Use require instead of assert 3
[N-35] Imports could be organized more systematically 119
[N-36] Constant redefined elsewhere 37
[N-37] NatSpec @return argument is missing 75
[N-38] NatSpec @param is missing 35
Number Issues Details Count
[G-1] Pre-increments and pre-decrements are cheaper than post-increments and post-decrements 60
[G-2] Use assembly to check for address(0) 31
[G-3] Use custom errors instead of require 108
[G-4] Empty blocks should be removed or emit something 3
[G-5] Non efficient zero initialization 56
[G-6] Use assembly to write address storage values 209
[G-7] Duplicated require/if checks should be refactored to a modifier or function 2
[G-8] Functions guaranteed to revert when called by normal users can be marked payable 92
[G-9] State variable read in a loop 68
[G-10] State variables only set in the constructor should be declared immutable 18
[G-11] Don’t compare boolean expressions to boolean literals 1
[G-12] Using storage instead of memory for structs/arrays saves gas 8
[G-13] Use calldata instead of memory for function parameters 22
[G-14] Pre-increments and pre-decrements are cheaper than post-increments and post-decrements1 2
[G-15] Function calls should be cached 32
[G-16] Usage of uint/int smaller than 32 bytes (256 bits) incurs overhead 21
[G-17] Change public to external for functions that are not called internally 89
[G-18] <array>.length should not be looked up in every loop of a for-loop 29
[G-19] Multiplication by two should use bit shifting 3
[G-20] Reduce the size of error messages 65
[G-21] Internal functions only called once can be inlined to save gas 38
[G-22] Using bools for storage incurs overhead 71
[G-23] Multiple mappings can be replaced with a single struct mapping 56
[G-24] Setting the constructor to payable 57
[G-25] Use unchecked keyword for loop counter 16
[G-26] Do not reduce approval on transferFrom if current allowance is type(uint256).max 5
[G-27] Bytes constants are more efficient than string constants 1
[G-28] Pre-increments and pre-decrements are cheaper than post-increments and post-decrements1 2
[G-29] <x> += <y> costs more gas than <x> = <x> + <y> for state variables 6
[G-30] Use solidity version 0.8.20 to gain gas boost 142
[G-31] Variable names that consist of all capital letters should be reserved for constant/immutable variables 1
[G-32] Division by two should use bit shifting 9

Findings

[H-1] Incorrect comparison implementation

Use require or if to compare values. Otherwise comparison will be ignored.

There are 2 instances of this issue:
File: maia/factories/PartnerManagerFactory.sol

61:         partnerIds[newPartnerManager] == id;

70:         vaultIds[newVault] == id;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L61

[M-1] The owner is a single point of failure and a centralization risk

Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Consider changing to a multi-signature setup, or having a role-based authorization model.

There are 92 instances of this issue:
File: erc-20/ERC20Boost.sol

259:     function addGauge(address gauge) external onlyOwner {

273:     function removeGauge(address gauge) external onlyOwner {

285:     function replaceGauge(address oldGauge, address newGauge) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L259

File: erc-20/ERC20Gauges.sol

398:     function addGauge(address gauge) external onlyOwner returns (uint112) {

425:     function removeGauge(address gauge) external onlyOwner {

449:     function replaceGauge(address oldGauge, address newGauge) external onlyOwner {

455:     function setMaxGauges(uint256 newMax) external onlyOwner {

463:     function setContractExceedMaxGauges(address account, bool canExceedMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L398

File: erc-20/ERC20MultiVotes.sol

96:     function setMaxDelegates(uint256 newMax) external onlyOwner {

104:     function setContractExceedMaxDelegates(address account, bool canExceedMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L96

File: gauges/BaseV2Gauge.sol

128:     function addBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {

144:     function removeBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L128

File: gauges/UniswapV3Gauge.sol

62:     function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62

File: gauges/factories/BaseV2GaugeFactory.sol

109:     function createGauge(address strategy, bytes memory data) external onlyOwner {

130:     function removeGauge(BaseV2Gauge gauge) external onlyOwner {

144:     function addBribeToGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {

151:     function removeBribeFromGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L109

File: gauges/factories/BaseV2GaugeManager.sol

110:     function addGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {

121:     function removeGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L110

File: gauges/factories/UniswapV3GaugeFactory.sol

98:     function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L98

File: hermes/minters/BaseV2Minter.sol

86:     function setDao(address _dao) external onlyOwner {

92:     function setDaoShare(uint256 _daoShare) external onlyOwner {

98:     function setTailEmission(uint256 _tail_emission) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86

File: hermes/tokens/HERMES.sol

62:     function mint(address account, uint256 amount) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L62

File: maia/factories/PartnerManagerFactory.sol

58:     function addPartner(PartnerManager newPartnerManager) external onlyOwner {

67:     function addVault(IBaseVault newVault) external onlyOwner {

80:     function removePartner(PartnerManager partnerManager) external onlyOwner {

89:     function removeVault(IBaseVault vault) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L58

File: maia/tokens/ERC4626PartnerManager.sol

188:     function migratePartnerVault(address newPartnerVault) external onlyOwner {

216:     function increaseConversionRate(uint256 newRate) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L188

File: maia/tokens/Maia.sol

55:     function mint(address account, uint256 amount) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L55

File: rewards/base/FlywheelCore.sol

111:     function addStrategyForRewards(ERC20 strategy) external onlyOwner {

125:     function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {

137:     function setBooster(IFlywheelBooster newBooster) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L111

File: rewards/depots/MultiRewardsDepot.sol

47:     function addAsset(address rewardsContract, address asset) external onlyOwner {

57:     function removeAsset(address rewardsContract) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L47

File: talos/TalosOptimizer.sol

62:     function setMaxTotalSupply(uint256 _maxTotalSupply) external onlyOwner {

68:     function setTwapDuration(uint32 _twapDuration) external onlyOwner {

74:     function setMaxTwapDeviation(int24 _maxTwapDeviation) external onlyOwner {

80:     function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {

85:     function setPriceImpact(uint24 _priceImpactPercentage) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L62

File: talos/base/TalosBaseStrategy.sol

394:     function collectProtocolFees(uint256 amount0, uint256 amount1) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L394

File: talos/boost-aggregator/BoostAggregator.sol

143:     function addWhitelistedAddress(address user) external onlyOwner {

148:     function removeWhitelistedAddress(address user) external onlyOwner {

153:     function setProtocolFee(uint256 _protocolFee) external onlyOwner {

159:     function withdrawProtocolFees(address to) external onlyOwner {

165:     function withdrawAllGaugeBoost(address to) external onlyOwner {

172:     function withdrawGaugeBoost(address to, uint256 amount) external onlyOwner {

180:     function decrementGaugesBoostIndexed(uint256 boost, uint256 offset, uint256 num) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L143

File: ulysses-amm/UlyssesPool.sol

159:     function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {

223:     function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {

308:     function setFees(Fees calldata _fees) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L159

File: ulysses-amm/UlyssesToken.sol

44:     function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {

60:     function removeAsset(address asset) external nonReentrant onlyOwner {

88:     function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L44

File: ulysses-amm/factories/UlyssesFactory.sol

65:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L65

File: ulysses-omnichain/BaseBranchRouter.sol

37:     function initialize(address _localBridgeAgentAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L37

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

70:     function executeNoSettlement(address _router, bytes calldata _data)

88:     function executeWithSettlement(address _recipient, address _router, bytes calldata _data)

125:     function executeWithSettlementMultiple(address _recipient, address _router, bytes calldata _data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L70

File: ulysses-omnichain/BranchPort.sol

99:     function initialize(address _coreBranchRouter, address _bridgeAgentFactory) external virtual onlyOwner {

113:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L99

File: ulysses-omnichain/CoreRootRouter.sol

63:     function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {

227:     function toggleBranchBridgeAgentFactory(

253:     function removeBranchBridgeAgent(address _branchBridgeAgent, address _gasReceiver, uint24 _toChain)

275:     function manageStrategyToken(

300:     function managePortStrategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L63

File: ulysses-omnichain/MulticallRootRouter.sol

74:     function initialize(address _bridgeAgentAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L74

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

78:     function executeSystemRequest(address _router, bytes calldata _data, uint24 _fromChainId)

98:     function executeNoDeposit(address _router, bytes calldata _data, uint24 _fromChainId)

117:     function executeWithDeposit(address _router, bytes calldata _data, uint24 _fromChainId)

154:     function executeWithDepositMultiple(address _router, bytes calldata _data, uint24 _fromChainId)

201:     function executeSignedNoDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)

221:     function executeSignedWithDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)

259:     function executeSignedWithDepositMultiple(

308:     function executeRetrySettlement(uint32 _settlementNonce)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L78

File: ulysses-omnichain/RootPort.sol

128:     function initialize(address _bridgeAgentFactory, address _coreRootRouter) external onlyOwner {

140:     function initializeCore(

158:     function forefeitOwnership(address _owner) external onlyOwner {

165:     function renounceOwnership() public payable override onlyOwner {

399:     function toggleBridgeAgent(address _bridgeAgent) external onlyOwner {

406:     function addBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {

413:     function toggleBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {

420:     function addNewChain(

484:     function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {

491:     function addEcosystemToken(address _ecoTokenGlobalAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L128

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

54:     function initialize(address _coreRootBridgeAgent) external override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L54

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

83:     function initialize(address _coreRootBridgeAgent) external virtual onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L83

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

35:     function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L35

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

40:     function initialize(address _coreRouter) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L40

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

23:     function mint(address account, uint256 amount) external override onlyOwner returns (bool) {

29:     function burn(uint256 value) public override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L23

[L-1] Contracts are vulnerable to fee-on-transfer token related accounting issues

Without measuring the balance before and after the transfer, there's no way to ensure that enough tokens were transferred, in the cases where the token has a fee-on-transfer mechanic. If there are latent funds in the contract, subsequent transfers will succeed.

There are 91 instances of this issue:
File: erc-20/ERC20Boost.sol

313:         return super.transfer(to, amount);

329:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L313

File: erc-20/ERC20Gauges.sol

498:         return super.transfer(to, amount);

510:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L498

File: erc-20/ERC20MultiVotes.sol

293:         return super.transfer(to, amount);

305:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L293

File: erc-4626/ERC4626.sol

37:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

51:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

76:         address(asset).safeTransfer(receiver, assets);

96:         address(asset).safeTransfer(receiver, assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L37

File: erc-4626/ERC4626DepositOnly.sol

37:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

51:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L37

File: erc-4626/ERC4626MultiToken.sol

69:             assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);

80:             assets[i].safeTransfer(receiver, assetsAmounts[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L69

File: erc-4626/UlyssesERC4626.sol

36:         asset.safeTransferFrom(msg.sender, address(this), assets);

52:         asset.safeTransferFrom(msg.sender, address(this), assets);

79:         asset.safeTransfer(receiver, assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L36

File: hermes/UtilityManager.sol

72:         address(gaugeWeight).safeTransferFrom(msg.sender, address(this), amount);

81:         address(gaugeBoost).safeTransferFrom(msg.sender, address(this), amount);

90:         address(governance).safeTransferFrom(msg.sender, address(this), amount);

113:         address(gaugeWeight).safeTransfer(msg.sender, amount);

122:         address(gaugeBoost).safeTransfer(msg.sender, amount);

131:         address(governance).safeTransfer(msg.sender, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L72

File: hermes/bHermes.sol

148:         return super.transfer(to, amount);

166:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L148

File: hermes/minters/BaseV2Minter.sol

143:             underlying.safeTransfer(address(vault), _growth);

145:             if (dao != address(0)) underlying.safeTransfer(dao, share);

166:         underlying.safeTransfer(msg.sender, totalQueuedForCycle);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L143

File: maia/PartnerUtilityManager.sol

104:         address(partnerGovernance).safeTransferFrom(msg.sender, address(this), amount);

160:         address(partnerGovernance).safeTransfer(msg.sender, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L104

File: maia/tokens/ERC4626PartnerManager.sol

270:         return super.transfer(to, amount);

286:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L270

File: rewards/base/FlywheelCore.sol

100:             rewardToken.safeTransferFrom(address(flywheelRewards), user, accrued);

128:             rewardToken.safeTransferFrom(address(flywheelRewards), address(newFlywheelRewards), oldRewardBalance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L100

File: rewards/depots/RewardsDepot.sol

21:         _asset.safeTransfer(_rewardsContract, balance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L21

File: rewards/rewards/FlywheelGaugeRewards.sol

234:         if (accruedRewards > 0) rewardToken.safeTransfer(msg.sender, accruedRewards);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L234

File: talos/TalosStrategyStaked.sol

91:         return super.transfer(_to, _amount);

96:         return super.transferFrom(_from, _to, _amount);

177:         try nonfungiblePositionManager.safeTransferFrom(address(this), address(boostAggregator), _tokenId) {
178:             stakeFlag = true; // flag to store staking state to avoid failing to unstake when it is not staked
179:         } catch {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L91

File: talos/base/TalosBaseStrategy.sol

125:         address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);

126:         address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);

168:             address(_token0).safeTransfer(msg.sender, refund0);

173:             address(_token1).safeTransfer(msg.sender, refund1);

196:         address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);

197:         address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);

228:             address(_token0).safeTransfer(msg.sender, refund0);

233:             address(_token1).safeTransfer(msg.sender, refund1);

339:         if (zeroForOne) address(token0).safeTransfer(msg.sender, uint256(amount0));

340:         else address(token1).safeTransfer(msg.sender, uint256(amount1));

409:         if (amount0 > 0) _token0.transfer(msg.sender, amount0);

410:         if (amount1 > 0) _token1.transfer(msg.sender, amount1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L125

File: talos/boost-aggregator/BoostAggregator.sol

90:         nonfungiblePositionManager.safeTransferFrom(address(this), address(uniswapV3Staker), tokenId);

168:         address(hermesGaugeBoost).safeTransfer(to, hermesGaugeBoost.balanceOf(address(this)));

176:         address(hermesGaugeBoost).safeTransfer(to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L90

File: ulysses-amm/UlyssesPool.sol

154:             asset.safeTransfer(factory.owner(), claimed);

218:             asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);

303:             asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);

1109:         asset.safeTransferFrom(msg.sender, address(this), assets);

1189:         asset.safeTransfer(user, output);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L154

File: ulysses-amm/UlyssesRouter.sol

74:         address(getUlyssesLP(routes[0].from).asset()).safeTransferFrom(msg.sender, address(this), amount);

92:         address(getUlyssesLP(routes[length].to).asset()).safeTransfer(msg.sender, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L74

File: ulysses-amm/UlyssesToken.sol

84:         asset.safeTransfer(msg.sender, asset.balanceOf(address(this)));

116:                 assets[i].safeTransfer(msg.sender, assetBalance - newAssetBalance);

118:                 assets[i].safeTransferFrom(msg.sender, address(this), newAssetBalance - assetBalance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L84

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

127:         address(wrappedNativeToken).safeTransfer(rootBridgeAgentAddress, _gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L127

File: ulysses-omnichain/ArbitrumBranchPort.sol

52:         _underlyingAddress.safeTransferFrom(_depositor, address(this), _deposit);

72:         underlyingAddress.safeTransfer(_recipient, _denormalizeDecimals(_deposit, ERC20(underlyingAddress).decimals()));

81:         _underlyingAddress.safeTransfer(
82:             _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
83:         );

119:             _underlyingAddress.safeTransferFrom(
120:                 _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
121:             );

138:                 _underlyingAddresses[i].safeTransferFrom(
139:                     _depositor,
140:                     address(this),
141:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142:                 );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L52

File: ulysses-omnichain/BranchBridgeAgent.sol

930:         address(wrappedNativeToken).safeTransfer(localPortAddress, _gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L930

File: ulysses-omnichain/BranchPort.sol

166:         _token.safeTransfer(msg.sender, _amount);

211:         _underlyingAddress.safeTransfer(
212:             _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
213:         );

249:             _localAddress.safeTransferFrom(_depositor, address(this), _amount - _deposit);

253:             _underlyingAddress.safeTransferFrom(
254:                 _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
255:             );

269:                 _underlyingAddresses[i].safeTransferFrom(
270:                     _depositor,
271:                     address(this),
272:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273:                 );

276:                 _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L166

File: ulysses-omnichain/RootBridgeAgent.sol

454:             _globalAddress.safeTransferFrom(_sender, localPortAddress, _amount - _deposit);

651:         address(data.tokenIn).safeTransfer(msg.sender, uint256(amount0 > 0 ? amount0 : amount1));

751:                 address(wrappedNativeToken).safeTransfer(getBranchBridgeAgent[localChainId], userFeeInfo.gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L454

File: ulysses-omnichain/RootPort.sol

282:         if (_amount - _deposit > 0) _hToken.safeTransfer(_recipient, _amount - _deposit);

311:         _hToken.safeTransferFrom(_from, address(this), _amount);

320:         _hToken.safeTransfer(_to, _amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L282

File: ulysses-omnichain/VirtualAccount.sol

32:         _token.safeTransfer(msg.sender, _amount);

37:         ERC721(_token).transferFrom(address(this), msg.sender, _tokenId);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L32

File: uni-v3-staker/UniswapV3Staker.sol

151:         hermes.safeTransferFrom(msg.sender, address(this), reward);

177:         hermes.safeTransferFrom(msg.sender, address(this), reward);

204:         hermes.safeTransfer(minter, refund);

254:         nonfungiblePositionManager.safeTransferFrom(address(this), to, tokenId, data);

271:         if (reward > 0) hermes.safeTransfer(to, reward);

281:         if (reward > 0) hermes.safeTransfer(to, reward);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L151

[L-2] Array does not have a pop function

Arrays without the pop operation in Solidity can lead to inefficient memory management and increase the likelihood of out-of-gas errors.

There are 44 instances of this issue:
File: gauges/BaseV2Gauge.sol

50:     FlywheelCore[] private bribeFlywheels;

136:         bribeFlywheels.push(bribeFlywheel);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L50

File: gauges/factories/BaseV2GaugeFactory.sol

33:     BaseV2Gauge[] public override gauges;

116:         gauges.push(gauge);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L33

File: gauges/factories/BaseV2GaugeManager.sol

29:     BaseV2GaugeFactory[] public gaugeFactories;

114:         gaugeFactories.push(gaugeFactory);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L29

File: gauges/factories/BribesFactory.sol

29:     FlywheelCore[] public bribeFlywheels;

92:         bribeFlywheels.push(flywheel);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L29

File: maia/factories/PartnerManagerFactory.sol

21:     PartnerManager[] public override partners;

24:     IBaseVault[] public override vaults;

40:         partners.push(PartnerManager(address(0)));

60:         partners.push(newPartnerManager);

69:         vaults.push(newVault);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L21

File: rewards/base/FlywheelCore.sol

27:     ERC20[] public override allStrategies;

120:         allStrategies.push(strategy);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L27

File: talos/factories/BoostAggregatorFactory.sol

25:     BoostAggregator[] public boostAggregators;

38:         boostAggregators.push(BoostAggregator(address(0)));

56:         boostAggregators.push(boostAggregator);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L25

File: talos/factories/OptimizerFactory.sol

15:     TalosOptimizer[] public optimizers;

27:         optimizers.push(TalosOptimizer(address(0)));

54:         optimizers.push(optimizer);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L15

File: talos/factories/TalosBaseStrategyFactory.sol

29:     TalosBaseStrategy[] public strategies;

68:         strategies.push(strategy);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L29

File: ulysses-amm/UlyssesPool.sol

31:     BandwidthState[] public bandwidthStateList;

94:         bandwidthStateList.push(BandwidthState({bandwidth: 0, destination: UlyssesPool(address(0)), weight: 0}));

202:         bandwidthStateList.push(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L31

File: ulysses-omnichain/BranchPort.sol

30:     address[] public bridgeAgents;

43:     address[] public bridgeAgentFactories;

57:     address[] public strategyTokens;

74:     address[] public portStrategies;

108:         bridgeAgentFactories.push(_bridgeAgentFactory);

292:         bridgeAgents.push(_bridgeAgent);

310:         bridgeAgentFactories.push(_newBridgeAgentFactory);

333:         strategyTokens.push(_token);

354:         portStrategies.push(_portStrategy);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L30

File: ulysses-omnichain/RootPort.sol

64:     address[] public bridgeAgents;

80:     address[] public bridgeAgentFactories;

134:         bridgeAgentFactories.push(_bridgeAgentFactory);

369:         bridgeAgents.push(_bridgeAgent);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L64

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

22:     ERC20hTokenBranch[] public hTokens;

44:         hTokens.push(newToken);

66:         hTokens.push(newToken);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L22

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

24:     ERC20hTokenRoot[] public hTokens;

66:         hTokens.push(newToken);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L24

[L-3] Setters should have initial value check

Setters should have initial value check to prevent assigning wrong value to the variable. Assginment of wrong value can lead to unexpected behavior of the contract.

There are 14 instances of this issue:
File: erc-20/ERC20Gauges.sol

// @audit Not validated: newMax

455:     function setMaxGauges(uint256 newMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L455

File: erc-20/ERC20MultiVotes.sol

// @audit Not validated: newMax

96:     function setMaxDelegates(uint256 newMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L96

File: gauges/UniswapV3Gauge.sol

// @audit Not validated: _minimumWidth

62:     function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62

File: gauges/factories/UniswapV3GaugeFactory.sol

// @audit Not validated: minimumWidth

98:     function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L98

File: hermes/minters/BaseV2Minter.sol

// @audit Not validated: _dao

86:     function setDao(address _dao) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86

File: rewards/base/FlywheelCore.sol

// @audit Not validated: newFlywheelRewards

125:     function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {

// @audit Not validated: newBooster

137:     function setBooster(IFlywheelBooster newBooster) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L125

File: rewards/rewards/FlywheelBribeRewards.sol

// @audit Not validated: rewardsDepot

37:     function setRewardsDepot(RewardsDepot rewardsDepot) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L37

File: talos/TalosOptimizer.sol

// @audit Not validated: _tickRangeMultiplier

80:     function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L80

File: talos/boost-aggregator/BoostAggregator.sol

// @audit Not validated: rewardsDepot

100:     function setOwnRewardsDepot(address rewardsDepot) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L100

File: ulysses-amm/UlyssesPool.sol

// @audit Not validated: poolId

223:     function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L223

File: ulysses-omnichain/RootPort.sol

// @audit Not validated: _fromChain

247:     function setAddresses(address _globalAddress, address _localAddress, address _underlyingAddress, uint24 _fromChain)

// @audit Not validated: _fromChain

261:     function setLocalAddress(address _globalAddress, address _localAddress, uint24 _fromChain)

// @audit Not validated: _chainId

484:     function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L247

[L-4] Division by zero not prevented

The divisions below take an input parameter which does not have any zero-value checks, which may lead to the functions reverting when zero is passed.

There are 21 instances of this issue:
File: erc-20/ERC20Gauges.sol

77:             return (nowPlusOneCycle / gaugeCycleLength) * gaugeCycleLength; // cannot divide by zero and always <= nowPlusOneCycle so no overflow

180:         return (quantity * weight) / total;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L77

File: governance/GovernorBravoDelegateMaia.sol

88:         return govToken.totalSupply() * proposalThreshold / DIVISIONER;

92:         return govToken.totalSupply() * quorumVotes / DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L88

File: hermes/minters/BaseV2Minter.sol

119:         return (vault.totalAssets() * _minted) / HERMES(underlying).totalSupply();

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L119

File: maia/tokens/ERC4626PartnerManager.sol

162:         return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;

168:         return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L162

File: rewards/base/FlywheelCore.sol

171:                 deltaIndex = ((strategyRewardsAccrued * ONE) / supplyTokens).toUint224();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L171

File: rewards/rewards/FlywheelAcummulatedRewards.sol

50:             uint256 newEndCycle = ((timestamp + rewardsCycleLength) / rewardsCycleLength) * rewardsCycleLength;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L50

File: rewards/rewards/FlywheelGaugeRewards.sol

60:         gaugeCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;

79:         uint32 currentCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;

114:         uint32 currentCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L60

File: talos/TalosStrategyVanilla.sol

120:         uint256 earnedProtocolFees0 = (collect0 * _protocolFee) / _GLOBAL_DIVISIONER;

121:         uint256 earnedProtocolFees1 = (collect1 * _protocolFee) / _GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L120

File: talos/base/TalosBaseStrategy.sol

261:             uint128 liquidityToDecrease = uint128((liquidity * shares) / totalSupply);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L261

File: talos/libraries/PoolVariables.sol

97:         int24 compressed = tick / tickSpacing;

214:         return int24((tickCumulatives[1] - tickCumulatives[0]) / int56(int32(_twapDuration)));

251:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L97

File: uni-v3-staker/libraries/IncentiveTime.sol

20:         return uint96(((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) * INCENTIVES_DURATION + INCENTIVES_OFFSET);

26:         return uint96(
27:             (((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) + 1) * INCENTIVES_DURATION + INCENTIVES_OFFSET
28:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L20

File: uni-v3-staker/libraries/RewardMath.sol

34:             boostedSecondsInsideX128 = uint160(
35:                 ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
36:             );

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L34-L36

[L-5] Loss of precision

Division by large numbers may result in the result being zero, due to solidity not supporting fractions. Consider requiring a minimum amount for the numerator to ensure that it is always larger than the denominator

There are 23 instances of this issue:
File: erc-20/ERC20Gauges.sol

77:             return (nowPlusOneCycle / gaugeCycleLength) * gaugeCycleLength; // cannot divide by zero and always <= nowPlusOneCycle so no overflow

180:         return (quantity * weight) / total;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L77

File: governance/GovernorBravoDelegateMaia.sol

88:         return govToken.totalSupply() * proposalThreshold / DIVISIONER;

92:         return govToken.totalSupply() * quorumVotes / DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L88

File: hermes/minters/BaseV2Minter.sol

114:         return (circulatingSupply() * tailEmission) / base;

119:         return (vault.totalAssets() * _minted) / HERMES(underlying).totalSupply();

136:             uint256 share = (_required * daoShare) / base;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L114

File: maia/tokens/ERC4626PartnerManager.sol

162:         return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;

168:         return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L162

File: rewards/rewards/FlywheelAcummulatedRewards.sol

50:             uint256 newEndCycle = ((timestamp + rewardsCycleLength) / rewardsCycleLength) * rewardsCycleLength;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L50

File: talos/base/TalosBaseStrategy.sol

261:             uint128 liquidityToDecrease = uint128((liquidity * shares) / totalSupply);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L261

File: talos/libraries/PoolVariables.sol

97:         int24 compressed = tick / tickSpacing;

214:         return int24((tickCumulatives[1] - tickCumulatives[0]) / int56(int32(_twapDuration)));

251:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L97

File: ulysses-omnichain/BranchBridgeAgent.sol

1341:         return _decimals == 18 ? _amount : _amount * (10 ** _decimals) / 1 ether;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1341

File: ulysses-omnichain/BranchPort.sol

150:         return ((_currBalance + getStrategyTokenDebt[_token]) * getMinimumTokenReserveRatio[_token]) / DIVISIONER;

389:         return _decimals == 18 ? _amount : _amount * 1 ether / (10 ** _decimals);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L150

File: ulysses-omnichain/RootBridgeAgent.sol

677:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

720:             uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677

File: uni-v3-staker/libraries/IncentiveTime.sol

20:         return uint96(((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) * INCENTIVES_DURATION + INCENTIVES_OFFSET);

26:         return uint96(
27:             (((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) + 1) * INCENTIVES_DURATION + INCENTIVES_OFFSET
28:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L20

File: uni-v3-staker/libraries/RewardMath.sol

34:             boostedSecondsInsideX128 = uint160(
35:                 ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
36:             );

44:             boostedSecondsInsideX128 = (secondsInsideX128 * 4) / 10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L34-L36

[L-6] Signature Malleability of EVM's ecrecover

/ The function calls the Solidity ecrecover() function directly to verify the given signatures. However, the ecrecover() EVM opcode allows malleable (non-unique) signatures and thus is susceptible to replay attacks. Consider using the OpenZeppelin ECDSA library instead, which provides a safe ecrecover() wrapper that guarantees unique signatures.

There are 2 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

365:         address signer = ecrecover(
366:             keccak256(
367:                 abi.encodePacked(
368:                     "\x19\x01", DOMAIN_SEPARATOR(), keccak256(abi.encode(DELEGATION_TYPEHASH, delegatee, nonce, expiry))
369:                 )
370:             ),
371:             v,
372:             r,
373:             s
374:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L365-L374

File: governance/GovernorBravoDelegateMaia.sol

349:         address signatory = ecrecover(digest, v, r, s);

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L349

[L-7] Use of floating pragma

Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.\n\nhttps://swcregistry.io/docs/SWC-103

There are 52 instances of this issue:
File: gauges/UniswapV3Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L2

File: gauges/factories/BaseV2GaugeManager.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L3

File: gauges/factories/BribesFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L2

File: gauges/factories/UniswapV3GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L3

File: governance/GovernorBravoDelegateMaia.sol

2: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L2

File: governance/GovernorBravoDelegator.sol

2: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L2

File: hermes/bHermes.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L2

File: hermes/minters/BaseV2Minter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L2

File: hermes/tokens/HERMES.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L2

File: hermes/tokens/bHermesBoost.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L2

File: hermes/tokens/bHermesGauges.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L2

File: hermes/tokens/bHermesVotes.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L2

File: maia/factories/PartnerManagerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L2

File: maia/tokens/Maia.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L2

File: maia/vMaia.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L3

File: rewards/FlywheelCoreInstant.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L2

File: rewards/FlywheelCoreStrategy.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L2

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L3

File: rewards/depots/MultiRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L2

File: rewards/depots/SingleRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L2

File: rewards/rewards/FlywheelBribeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L3

File: rewards/rewards/FlywheelGaugeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L3

File: rewards/rewards/FlywheelInstantRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L3

File: talos/TalosManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L2

File: talos/TalosOptimizer.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L3

File: talos/factories/BoostAggregatorFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L2

File: talos/factories/OptimizerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L2

File: talos/factories/TalosStrategyStakedFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L2

File: talos/factories/TalosStrategyVanillaFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L3

File: talos/libraries/PoolActions.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L3

File: ulysses-amm/UlyssesPool.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L2

File: ulysses-amm/UlyssesRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L2

File: ulysses-amm/UlyssesToken.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L2

File: ulysses-omnichain/ArbitrumBranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L3

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L2

File: ulysses-omnichain/BaseBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L2

File: ulysses-omnichain/BranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L3

File: ulysses-omnichain/CoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L2

File: ulysses-omnichain/CoreRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L2

File: ulysses-omnichain/MulticallRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L2

File: ulysses-omnichain/RootPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L3

File: ulysses-omnichain/VirtualAccount.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L3

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L2

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L2

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L2

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L2

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L2

File: uni-v3-staker/UniswapV3Staker.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L3

File: uni-v3-staker/libraries/IncentiveId.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L2

File: uni-v3-staker/libraries/IncentiveTime.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L2

[L-8] Solmate's SafeTransferLib doesn't check whether the ERC20 contract exists

Solmate's SafeTransferLib, which is often used to interact with non-compliant/unsafe ERC20 tokens, does not check whether the ERC20 contract exists. The following code will not revert in case the token doesn't exist (yet).

This is stated in the Solmate library: https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.sol#L9

Consider using OpenZeppelin's SafeERC20 library instead.

There are 73 instances of this issue:
File: erc-4626/ERC4626.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

14:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L5

File: erc-4626/ERC4626DepositOnly.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

14:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L5

File: erc-4626/ERC4626MultiToken.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

15:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L5

File: erc-4626/UlyssesERC4626.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

15:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L5

File: gauges/UniswapV3Gauge.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

13:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L4

File: hermes/UtilityManager.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

18:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L6

File: hermes/bHermes.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

53:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L4

File: hermes/minters/BaseV2Minter.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

17:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L5

File: maia/PartnerUtilityManager.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

13:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L4

File: maia/tokens/ERC4626PartnerManager.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

23:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L6

File: maia/vMaia.sol

7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

27:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L7

File: rewards/FlywheelCoreInstant.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L6

File: rewards/FlywheelCoreStrategy.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L6

File: rewards/base/BaseFlywheelRewards.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

19:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L5

File: rewards/base/FlywheelCore.sol

7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

16:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L7

File: rewards/depots/RewardsDepot.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

13:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L5

File: rewards/rewards/FlywheelAcummulatedRewards.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L6

File: rewards/rewards/FlywheelGaugeRewards.sol

7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

19:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L7

File: rewards/rewards/FlywheelInstantRewards.sol

7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

18:     using SafeTransferLib for ERC20;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L7

File: talos/base/TalosBaseStrategy.sol

7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

25:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L7

File: talos/boost-aggregator/BoostAggregator.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

20:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L5

File: ulysses-amm/UlyssesPool.sol

7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

20:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L7

File: ulysses-amm/UlyssesRouter.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

12:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L4

File: ulysses-amm/UlyssesToken.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

16:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L6

File: ulysses-amm/factories/UlyssesFactory.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

39:     using SafeTransferLib for ERC20;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L6

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

68:     using SafeTransferLib for address;

69:     using SafeTransferLib for ERC20;

165:             SafeTransferLib.safeTransferETH(_recipient, gasRemaining);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L5

File: ulysses-omnichain/ArbitrumBranchPort.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

19:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L6

File: ulysses-omnichain/BranchBridgeAgent.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

59:     using SafeTransferLib for address;

1044:         SafeTransferLib.safeTransferETH(_recipient, gasRemaining - minExecCost);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L5

File: ulysses-omnichain/BranchPort.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

17:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L6

File: ulysses-omnichain/MulticallRootRouter.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

48:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L5

File: ulysses-omnichain/RootBridgeAgent.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

91:     using SafeTransferLib for address;

1263:         SafeTransferLib.safeTransferETH(daoAddress, _accumulatedFees);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L5

File: ulysses-omnichain/RootPort.sol

6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

21:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L6

File: ulysses-omnichain/VirtualAccount.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

17:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L5

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

13:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L4

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

13:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L5

File: uni-v3-staker/UniswapV3Staker.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

27:     using SafeTransferLib for address;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L5

[L-9] External calls in an un-bounded for-loop may result in a DOS

Consider limiting the number of iterations in for-loops that make external calls

There are 48 instances of this issue:
File: erc-20/ERC20Boost.sol

54:                 values[i] = _gauges.at(offset + i); // will revert if out of bounds

100:                 values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds

239:             require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L54

File: erc-20/ERC20Gauges.sol

116:                 values[i] = _gauges.at(offset + i); // will revert if out of bounds

157:                 values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L116

File: erc-4626/ERC4626MultiToken.sol

51:             require(ERC20(_assets[i]).decimals() == 18);

69:             assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);

80:             assets[i].safeTransfer(receiver, assetsAmounts[i]);

202:             uint256 share = assetsAmounts[i].mulDiv(_totalWeights, weights[i]);

217:             assetsAmounts[i] = shares.mulDiv(weights[i], _totalWeights);

236:             assetsAmounts[i] = shares.mulDivUp(weights[i], _totalWeights);

251:             uint256 share = assetsAmounts[i].mulDivUp(_totalWeights, weights[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L51

File: gauges/BaseV2Gauge.sol

115:             if (isActive[_bribeFlywheels[i]]) _bribeFlywheels[i].accrue(ERC20(address(this)), user);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L115

File: gauges/factories/BaseV2GaugeFactory.sol

78:             if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();

94:             if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L78

File: gauges/factories/BaseV2GaugeManager.sol

65:             if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();

81:             if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L65

File: rewards/rewards/FlywheelGaugeRewards.sol

186:             uint256 nextRewards = gaugeToken.calculateGaugeAllocation(address(gauge), totalQueuedForCycle);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L186

File: ulysses-amm/UlyssesPool.sol

131:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

176:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

192:                 bandwidthStateList[i].bandwidth = oldBandwidth.mulDivUp(oldTotalWeights, newTotalWeights).toUint248();

233:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

258:                             oldBandwidth.mulDivUp(oldTotalWeights, newTotalWeights).toUint248();

281:                         bandwidthStateList[i].bandwidth += leftOverBandwidth.toUint248();

284:                             leftOverBandwidth.mulDiv(bandwidthStateList[i].weight, weightsWithoutPool).toUint248();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L131

File: ulysses-amm/UlyssesRouter.sol

79:             amount = getUlyssesLP(routes[i].from).swapIn(amount, routes[i].to);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L79

File: ulysses-amm/UlyssesToken.sol

112:             uint256 assetBalance = assets[i].balanceOf(address(this));

113:             uint256 newAssetBalance = totalSupply.mulDivUp(weights[i], totalWeights);

116:                 assets[i].safeTransfer(msg.sender, assetBalance - newAssetBalance);

118:                 assets[i].safeTransferFrom(msg.sender, address(this), newAssetBalance - assetBalance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L112

File: ulysses-amm/factories/UlyssesFactory.sol

111:                 if (j != i && weights[i][j] > 0) pools[poolIds[i]].addNewBandwidth(poolIds[j], weights[i][j]);

124:             pools[poolIds[i]].transferOwnership(owner);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L111

File: ulysses-omnichain/ArbitrumBranchPort.sol

102:             IRootPort(rootPortAddress).bridgeToLocalBranchFromRoot(_recipient, _localAddresses[i], _amounts[i]);

138:                 _underlyingAddresses[i].safeTransferFrom(

141:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())

145:                 IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L102

File: ulysses-omnichain/BranchBridgeAgent.sol

624:                 IPort(localPortAddress).bridgeIn(_recipient, _hTokens[i], _amounts[i] - _deposits[i]);

628:                 IPort(localPortAddress).withdraw(_recipient, _tokens[i], _deposits[i]);

1355:             deposits[i] = _normalizeDecimals(_deposits[i], ERC20(_tokens[i]).decimals());

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L624

File: ulysses-omnichain/BranchPort.sol

232:             ERC20hTokenBranch(_localAddresses[i]).mint(_recipient, _amounts[i]);

269:                 _underlyingAddresses[i].safeTransferFrom(

272:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())

276:                 _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);

277:                 ERC20hTokenBranch(_localAddresses[i]).burn(_amounts[i] - _deposits[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L232

File: ulysses-omnichain/MulticallRootRouter.sol

148:             ERC20hTokenRoot(outputTokens[i]).approve(bridgeAgentAddress, amountsOut[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L148

File: ulysses-omnichain/RootBridgeAgent.sol

344:             hTokens[i] = IPort(localPortAddress).getLocalTokenFromGlobal(_globalAddresses[i], _toChain);

345:             tokens[i] = IPort(localPortAddress).getUnderlyingTokenFromLocal(hTokens[i], _toChain);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L344

File: ulysses-omnichain/VirtualAccount.sol

49:             (bool success, bytes memory data) = calls[i].target.call(calls[i].callData);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L49

[L-10] Unsafe casting may overflow

SafeMath and Solidity 0.8.* handles overflows for basic math operations but not for casting. Consider using OpenZeppelin’s SafeCast library to prevent unexpected overflows.

There are 106 instances of this issue:
File: rewards/rewards/FlywheelGaugeRewards.sol

134:             nextCycleQueuedRewards += uint112(newRewards); // in case a previous incomplete cycle had rewards, add on

191:                 cycleRewards: uint112(nextRewards),

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L134

File: talos/base/TalosBaseStrategy.sol

261:             uint128 liquidityToDecrease = uint128((liquidity * shares) / totalSupply);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L261

File: talos/libraries/PoolVariables.sol

214:         return int24((tickCumulatives[1] - tickCumulatives[0]) / int56(int32(_twapDuration)));

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L214

File: ulysses-omnichain/BranchBridgeAgent.sol

435:         bytes memory packedData = abi.encodePacked(bytes1(0x08), _depositNonce, msg.value.toUint128(), uint128(0));
File: ulysses-omnichain/RootBridgeAgent.sol

247:             userFeeInfo.depositedGas = uint128(msg.value);

362:             uint8(hTokens.length),

687:             int256(_amount),

731:             int256(_amount),

754:             return uint128(userFeeInfo.gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L247

File: uni-v3-staker/UniswapV3Staker.sol

318:                 uint128(boostAmount),

319:                 uint128(boostTotalSupply),

419:                 uint128(boostAmount),

420:                 uint128(boostTotalSupply),

485:         if (uint24(tickUpper - tickLower) < poolsMinimumWidth[pool]) revert RangeTooSmallError();

515:             stake.liquidityNoOverflow = uint96(liquidity);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L318

[L-11] Some ERC20 revert on zero value transfer

Example: https://github.com/d-xo/weird-erc20#revert-on-zero-value-transfers.

There are 91 instances of this issue:
File: erc-20/ERC20Boost.sol

313:         return super.transfer(to, amount);

329:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L313

File: erc-20/ERC20Gauges.sol

498:         return super.transfer(to, amount);

510:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L498

File: erc-20/ERC20MultiVotes.sol

293:         return super.transfer(to, amount);

305:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L293

File: erc-4626/ERC4626.sol

37:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

51:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

76:         address(asset).safeTransfer(receiver, assets);

96:         address(asset).safeTransfer(receiver, assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L37

File: erc-4626/ERC4626DepositOnly.sol

37:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

51:         address(asset).safeTransferFrom(msg.sender, address(this), assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L37

File: erc-4626/ERC4626MultiToken.sol

69:             assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);

80:             assets[i].safeTransfer(receiver, assetsAmounts[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L69

File: erc-4626/UlyssesERC4626.sol

36:         asset.safeTransferFrom(msg.sender, address(this), assets);

52:         asset.safeTransferFrom(msg.sender, address(this), assets);

79:         asset.safeTransfer(receiver, assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L36

File: hermes/UtilityManager.sol

72:         address(gaugeWeight).safeTransferFrom(msg.sender, address(this), amount);

81:         address(gaugeBoost).safeTransferFrom(msg.sender, address(this), amount);

90:         address(governance).safeTransferFrom(msg.sender, address(this), amount);

113:         address(gaugeWeight).safeTransfer(msg.sender, amount);

122:         address(gaugeBoost).safeTransfer(msg.sender, amount);

131:         address(governance).safeTransfer(msg.sender, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L72

File: hermes/bHermes.sol

148:         return super.transfer(to, amount);

166:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L148

File: hermes/minters/BaseV2Minter.sol

143:             underlying.safeTransfer(address(vault), _growth);

145:             if (dao != address(0)) underlying.safeTransfer(dao, share);

166:         underlying.safeTransfer(msg.sender, totalQueuedForCycle);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L143

File: maia/PartnerUtilityManager.sol

104:         address(partnerGovernance).safeTransferFrom(msg.sender, address(this), amount);

160:         address(partnerGovernance).safeTransfer(msg.sender, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L104

File: maia/tokens/ERC4626PartnerManager.sol

270:         return super.transfer(to, amount);

286:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L270

File: rewards/base/FlywheelCore.sol

100:             rewardToken.safeTransferFrom(address(flywheelRewards), user, accrued);

128:             rewardToken.safeTransferFrom(address(flywheelRewards), address(newFlywheelRewards), oldRewardBalance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L100

File: rewards/depots/RewardsDepot.sol

21:         _asset.safeTransfer(_rewardsContract, balance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L21

File: rewards/rewards/FlywheelGaugeRewards.sol

234:         if (accruedRewards > 0) rewardToken.safeTransfer(msg.sender, accruedRewards);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L234

File: talos/TalosStrategyStaked.sol

91:         return super.transfer(_to, _amount);

96:         return super.transferFrom(_from, _to, _amount);

177:         try nonfungiblePositionManager.safeTransferFrom(address(this), address(boostAggregator), _tokenId) {
178:             stakeFlag = true; // flag to store staking state to avoid failing to unstake when it is not staked
179:         } catch {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L91

File: talos/base/TalosBaseStrategy.sol

125:         address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);

126:         address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);

168:             address(_token0).safeTransfer(msg.sender, refund0);

173:             address(_token1).safeTransfer(msg.sender, refund1);

196:         address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);

197:         address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);

228:             address(_token0).safeTransfer(msg.sender, refund0);

233:             address(_token1).safeTransfer(msg.sender, refund1);

339:         if (zeroForOne) address(token0).safeTransfer(msg.sender, uint256(amount0));

340:         else address(token1).safeTransfer(msg.sender, uint256(amount1));

409:         if (amount0 > 0) _token0.transfer(msg.sender, amount0);

410:         if (amount1 > 0) _token1.transfer(msg.sender, amount1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L125

File: talos/boost-aggregator/BoostAggregator.sol

90:         nonfungiblePositionManager.safeTransferFrom(address(this), address(uniswapV3Staker), tokenId);

168:         address(hermesGaugeBoost).safeTransfer(to, hermesGaugeBoost.balanceOf(address(this)));

176:         address(hermesGaugeBoost).safeTransfer(to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L90

File: ulysses-amm/UlyssesPool.sol

154:             asset.safeTransfer(factory.owner(), claimed);

218:             asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);

303:             asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);

1109:         asset.safeTransferFrom(msg.sender, address(this), assets);

1189:         asset.safeTransfer(user, output);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L154

File: ulysses-amm/UlyssesRouter.sol

74:         address(getUlyssesLP(routes[0].from).asset()).safeTransferFrom(msg.sender, address(this), amount);

92:         address(getUlyssesLP(routes[length].to).asset()).safeTransfer(msg.sender, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L74

File: ulysses-amm/UlyssesToken.sol

84:         asset.safeTransfer(msg.sender, asset.balanceOf(address(this)));

116:                 assets[i].safeTransfer(msg.sender, assetBalance - newAssetBalance);

118:                 assets[i].safeTransferFrom(msg.sender, address(this), newAssetBalance - assetBalance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L84

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

127:         address(wrappedNativeToken).safeTransfer(rootBridgeAgentAddress, _gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L127

File: ulysses-omnichain/ArbitrumBranchPort.sol

52:         _underlyingAddress.safeTransferFrom(_depositor, address(this), _deposit);

72:         underlyingAddress.safeTransfer(_recipient, _denormalizeDecimals(_deposit, ERC20(underlyingAddress).decimals()));

81:         _underlyingAddress.safeTransfer(
82:             _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
83:         );

119:             _underlyingAddress.safeTransferFrom(
120:                 _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
121:             );

138:                 _underlyingAddresses[i].safeTransferFrom(
139:                     _depositor,
140:                     address(this),
141:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142:                 );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L52

File: ulysses-omnichain/BranchBridgeAgent.sol

930:         address(wrappedNativeToken).safeTransfer(localPortAddress, _gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L930

File: ulysses-omnichain/BranchPort.sol

166:         _token.safeTransfer(msg.sender, _amount);

211:         _underlyingAddress.safeTransfer(
212:             _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
213:         );

249:             _localAddress.safeTransferFrom(_depositor, address(this), _amount - _deposit);

253:             _underlyingAddress.safeTransferFrom(
254:                 _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
255:             );

269:                 _underlyingAddresses[i].safeTransferFrom(
270:                     _depositor,
271:                     address(this),
272:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273:                 );

276:                 _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L166

File: ulysses-omnichain/RootBridgeAgent.sol

454:             _globalAddress.safeTransferFrom(_sender, localPortAddress, _amount - _deposit);

651:         address(data.tokenIn).safeTransfer(msg.sender, uint256(amount0 > 0 ? amount0 : amount1));

751:                 address(wrappedNativeToken).safeTransfer(getBranchBridgeAgent[localChainId], userFeeInfo.gasToBridgeOut);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L454

File: ulysses-omnichain/RootPort.sol

282:         if (_amount - _deposit > 0) _hToken.safeTransfer(_recipient, _amount - _deposit);

311:         _hToken.safeTransferFrom(_from, address(this), _amount);

320:         _hToken.safeTransfer(_to, _amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L282

File: ulysses-omnichain/VirtualAccount.sol

32:         _token.safeTransfer(msg.sender, _amount);

37:         ERC721(_token).transferFrom(address(this), msg.sender, _tokenId);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L32

File: uni-v3-staker/UniswapV3Staker.sol

151:         hermes.safeTransferFrom(msg.sender, address(this), reward);

177:         hermes.safeTransferFrom(msg.sender, address(this), reward);

204:         hermes.safeTransfer(minter, refund);

254:         nonfungiblePositionManager.safeTransferFrom(address(this), to, tokenId, data);

271:         if (reward > 0) hermes.safeTransfer(to, reward);

281:         if (reward > 0) hermes.safeTransfer(to, reward);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L151

[L-12] Zero address check is missing

Zero-address checks are a best-practise for input validation of critical address parameters. While the codebase applies this to most addresses in setters, there are many places where this is missing in constructors and setters.

There are 59 instances of this issue:
File: erc-20/ERC20Gauges.sol

463:     function setContractExceedMaxGauges(address account, bool canExceedMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L463

File: erc-20/ERC20MultiVotes.sol

104:     function setContractExceedMaxDelegates(address account, bool canExceedMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L104

File: erc-4626/ERC4626MultiToken.sol

39:     constructor(address[] memory _assets, uint256[] memory _weights, string memory _name, string memory _symbol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L39

File: erc-4626/UlyssesERC4626.sol

24:     constructor(address _asset, string memory _name, string memory _symbol) ERC20(_name, _symbol, 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L24

File: gauges/BaseV2Gauge.sol

61:     constructor(FlywheelGaugeRewards _flywheelGaugeRewards, address _strategy, address _owner) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L61

File: gauges/UniswapV3Gauge.sol

33:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L33

File: gauges/factories/BaseV2GaugeFactory.sol

51:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L51

File: gauges/factories/BaseV2GaugeManager.sol

43:     constructor(bHermes _bHermes, address _owner, address _admin) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L43

File: gauges/factories/BribesFactory.sol

50:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L50

File: gauges/factories/UniswapV3GaugeFactory.sol

50:     constructor(

98:     function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L50

File: governance/GovernorBravoDelegator.sol

8:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L8

File: hermes/UtilityManager.sol

44:     constructor(address _gaugeWeight, address _gaugeBoost, address _governance) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L44

File: hermes/bHermes.sol

55:     constructor(ERC20 _hermes, address _owner, uint32 _gaugeCycleLength, uint32 _incrementFreezeWindow)

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L55

File: hermes/minters/BaseV2Minter.sol

53:     constructor(

86:     function setDao(address _dao) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L53

File: hermes/tokens/HERMES.sol

48:     constructor(address _owner) ERC20("Hermes", "HERMES", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L48

File: hermes/tokens/bHermesBoost.sol

22:     constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L22

File: hermes/tokens/bHermesGauges.sol

26:     constructor(address _owner, uint32 _rewardsCycleLength, uint32 _incrementFreezeWindow)

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L26

File: hermes/tokens/bHermesVotes.sol

20:     constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L20

File: maia/PartnerUtilityManager.sol

36:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L36

File: maia/factories/PartnerManagerFactory.sol

37:     constructor(ERC20 _bHermes, address _owner) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L37

File: maia/tokens/ERC4626PartnerManager.sol

50:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L50

File: maia/tokens/Maia.sol

41:     constructor(address _owner) ERC20("Maia", "MAIA", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L41

File: maia/vMaia.sol

48:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L48

File: rewards/FlywheelCoreInstant.sol

33:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L33

File: rewards/FlywheelCoreStrategy.sol

32:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L32

File: rewards/base/FlywheelCore.sol

45:     constructor(address _rewardToken, address _flywheelRewards, IFlywheelBooster _flywheelBooster, address _owner) {

125:     function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L45

File: rewards/depots/MultiRewardsDepot.sol

29:     constructor(address _owner) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L29

File: rewards/depots/SingleRewardsDepot.sol

22:     constructor(address _asset) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L22

File: rewards/rewards/FlywheelGaugeRewards.sol

53:     constructor(address _rewardToken, address _owner, ERC20Gauges _gaugeToken, IBaseV2Minter _minter) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L53

File: talos/TalosManager.sol

44:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L44

File: talos/TalosOptimizer.sol

34:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L34

File: talos/TalosStrategyStaked.sol

63:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L63

File: talos/TalosStrategyVanilla.sol

58:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L58

File: talos/base/TalosBaseStrategy.sol

79:     constructor(

102:     function init(uint256 amount0Desired, uint256 amount1Desired, address receiver)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L79

File: talos/boost-aggregator/BoostAggregator.sol

64:     constructor(UniswapV3Staker _uniswapV3Staker, ERC20 _hermes, address _owner) {

100:     function setOwnRewardsDepot(address rewardsDepot) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L64

File: talos/strategies/TalosStrategySimple.sol

18:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/strategies/TalosStrategySimple.sol#L18

File: ulysses-amm/UlyssesPool.sol

80:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L80

File: ulysses-amm/UlyssesToken.sol

21:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L21

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

71:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L71

File: ulysses-omnichain/ArbitrumBranchPort.sol

33:     constructor(uint24 _localChainId, address _rootPortAddress, address _owner) BranchPort(_owner) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L33

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

38:     constructor(address _hTokenFactoryAddress, address _localPortAddress)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L38

File: ulysses-omnichain/CoreBranchRouter.sol

26:     constructor(address _hTokenFactoryAddress, address _localPortAddress) BaseBranchRouter() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L26

File: ulysses-omnichain/CoreRootRouter.sol

56:     constructor(uint24 _rootChainId, address _wrappedNativeToken, address _rootPortAddress) {

63:     function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L56

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

61:     constructor(address owner) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L61

File: ulysses-omnichain/RootPort.sol

247:     function setAddresses(address _globalAddress, address _localAddress, address _underlyingAddress, uint24 _fromChain)

261:     function setLocalAddress(address _globalAddress, address _localAddress, uint24 _fromChain)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L247

File: ulysses-omnichain/VirtualAccount.sol

25:     constructor(address _userAddress, address _localPortAddress) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L25

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

31:     constructor(

54:     function initialize(address _coreRootBridgeAgent) external override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L31

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

35:     function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L35

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

48:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L48

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

12:     constructor(string memory _name, string memory _symbol, address _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L12

File: uni-v3-staker/UniswapV3Staker.sol

114:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L114

[L-13] Some ERC20 tokens dust would be remained in the contract

This can lead to wrong balance calculation in some cases. Recommendation is to implement withdraw function to avoid this issue like skim in the Uniswap.

There are 1 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

145:             if (dao != address(0)) underlying.safeTransfer(dao, share);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L145

[L-14] Division before multiplication can lead to precision errors

Because Solidity integer division may truncate, it is often preferable to do multiplication before division to prevent precision loss.

There are 1 instances of this issue:
File: uni-v3-staker/libraries/RewardMath.sol

35:                 ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L35

[L-15] Array lengths not checked

If the length of the arrays are not required to be of the same length, user operations may not be fully executed

There are 12 instances of this issue:
File: ulysses-omnichain/ArbitrumBranchPort.sol

// @audit _amounts _deposits
129:     function bridgeOutMultiple(
130:         address _depositor,
131:         address[] memory _localAddresses,
132:         address[] memory _underlyingAddresses,
133:         uint256[] memory _amounts,
134:         uint256[] memory _deposits
135:     ) external override(IBranchPort, BranchPort) requiresBridgeAgent {
136:         for (uint256 i = 0; i < _localAddresses.length;) {
137:             if (_deposits[i] > 0) {
138:                 _underlyingAddresses[i].safeTransferFrom(
139:                     _depositor,
140:                     address(this),
141:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142:                 );
143:             }
144:             if (_amounts[i] - _deposits[i] > 0) {
145:                 IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(
146:                     _depositor, _localAddresses[i], _amounts[i] - _deposits[i]
147:                 );
148:             }
149:
150:             unchecked {
151:                 ++i;
152:             }
153:         }
154:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L129

File: ulysses-omnichain/BranchPort.sol

// @audit _localAddresses _amounts
226:     function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
227:         external
228:         virtual
229:         requiresBridgeAgent
230:     {
231:         for (uint256 i = 0; i < _localAddresses.length;) {
232:             ERC20hTokenBranch(_localAddresses[i]).mint(_recipient, _amounts[i]);
233:
234:             unchecked {
235:                 ++i;
236:             }
237:         }
238:     }

// @audit _amounts _deposits
260:     function bridgeOutMultiple(
261:         address _depositor,
262:         address[] memory _localAddresses,
263:         address[] memory _underlyingAddresses,
264:         uint256[] memory _amounts,
265:         uint256[] memory _deposits
266:     ) external virtual requiresBridgeAgent {
267:         for (uint256 i = 0; i < _localAddresses.length;) {
268:             if (_deposits[i] > 0) {
269:                 _underlyingAddresses[i].safeTransferFrom(
270:                     _depositor,
271:                     address(this),
272:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273:                 );
274:             }
275:             if (_amounts[i] - _deposits[i] > 0) {
276:                 _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
277:                 ERC20hTokenBranch(_localAddresses[i]).burn(_amounts[i] - _deposits[i]);
278:             }
279:             unchecked {
280:                 i++;
281:             }
282:         }
283:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L226-L238

File: ulysses-omnichain/MulticallRootRouter.sol

// @audit amountsOut depositsOut
137:     function _approveMultipleAndCallOut(
138:         address owner,
139:         address recipient,
140:         address[] memory outputTokens,
141:         uint256[] memory amountsOut,
142:         uint256[] memory depositsOut,
143:         uint24 toChain
144:     ) internal virtual {
145:         //For each output token
146:         for (uint256 i = 0; i < outputTokens.length;) {
147:             //Approve Root Port to spend output hTokens.
148:             ERC20hTokenRoot(outputTokens[i]).approve(bridgeAgentAddress, amountsOut[i]);
149:             unchecked {
150:                 ++i;
151:             }
152:         }
153:
154:         //Move output hTokens from Root to Branch and call 'clearTokens'.
155:         IBridgeAgent(bridgeAgentAddress).callOutAndBridgeMultiple{value: msg.value}(
156:             owner, recipient, "", outputTokens, amountsOut, depositsOut, toChain
157:         );
158:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L137-L158

[L-16] Use Ownable2Step's transfer function rather than Ownable's for transfers of ownership

Ownable2Step and Ownable2StepUpgradeable prevent the contract ownership from mistakenly being transferred to an address that cannot handle it (e.g. due to a typo in the address), by requiring that the recipient of the owner permissions actively accept via a contract call of its own.

There are 32 instances of this issue:
File: erc-20/ERC20Boost.sol

19: abstract contract ERC20Boost is ERC20, Ownable, IERC20Boost {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L19

File: erc-20/ERC20MultiVotes.sol

20: abstract contract ERC20MultiVotes is ERC20, Ownable, IERC20MultiVotes {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L20

File: gauges/BaseV2Gauge.sol

20: abstract contract BaseV2Gauge is Ownable, IBaseV2Gauge {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L20

File: gauges/factories/BaseV2GaugeFactory.sol

18: abstract contract BaseV2GaugeFactory is Ownable, IBaseV2GaugeFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L18

File: gauges/factories/BaseV2GaugeManager.sol

14: contract BaseV2GaugeManager is Ownable, IBaseV2GaugeManager {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L14

File: gauges/factories/BribesFactory.sol

18: contract BribesFactory is Ownable, IBribesFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L18

File: hermes/minters/BaseV2Minter.sol

16: contract BaseV2Minter is Ownable, IBaseV2Minter {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L16

File: hermes/tokens/HERMES.sol

47: contract HERMES is ERC20, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L47

File: maia/factories/PartnerManagerFactory.sol

12: contract PartnerManagerFactory is Ownable, IPartnerManagerFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L12

File: maia/tokens/ERC4626PartnerManager.sol

22: abstract contract ERC4626PartnerManager is PartnerUtilityManager, Ownable, ERC4626, IERC4626PartnerManager {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L22

File: maia/tokens/Maia.sol

40: contract Maia is ERC20, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L40

File: rewards/base/FlywheelCore.sol

15: abstract contract FlywheelCore is Ownable, IFlywheelCore {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L15

File: rewards/depots/MultiRewardsDepot.sol

11: contract MultiRewardsDepot is Ownable, RewardsDepot, IMultiRewardsDepot {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L11

File: rewards/rewards/FlywheelGaugeRewards.sol

18: contract FlywheelGaugeRewards is Ownable, IFlywheelGaugeRewards {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L18

File: talos/TalosOptimizer.sol

10: contract TalosOptimizer is Ownable, ITalosOptimizer {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L10

File: talos/base/TalosBaseStrategy.sol

24: abstract contract TalosBaseStrategy is Ownable, ERC20, ReentrancyGuard, ITalosBaseStrategy {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L24

File: talos/boost-aggregator/BoostAggregator.sol

19: contract BoostAggregator is Ownable, IBoostAggregator {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L19

File: talos/factories/TalosBaseStrategyFactory.sol

17: abstract contract TalosBaseStrategyFactory is Ownable, ITalosBaseStrategyFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L17

File: ulysses-amm/UlyssesPool.sol

19: contract UlyssesPool is UlyssesERC4626, Ownable, IUlyssesPool {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L19

File: ulysses-amm/UlyssesToken.sol

15: contract UlyssesToken is ERC4626MultiToken, Ownable, IUlyssesToken {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L15

File: ulysses-amm/factories/UlyssesFactory.sol

38: contract UlyssesFactory is Ownable, IUlyssesFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L38

File: ulysses-omnichain/BaseBranchRouter.sol

21: contract BaseBranchRouter is IBranchRouter, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L21

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

25: contract BranchBridgeAgentExecutor is Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L25

File: ulysses-omnichain/BranchPort.sol

16: contract BranchPort is Ownable, IBranchPort {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L16

File: ulysses-omnichain/CoreRootRouter.sol

38: contract CoreRootRouter is IRootRouter, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L38

File: ulysses-omnichain/MulticallRootRouter.sol

47: contract MulticallRootRouter is IRootRouter, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L47

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

26: contract RootBridgeAgentExecutor is Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L26

File: ulysses-omnichain/RootPort.sol

20: contract RootPort is Ownable, IRootPort {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L20

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

16: contract BranchBridgeAgentFactory is Ownable, IBranchBridgeAgentFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L16

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

11: contract ERC20hTokenBranchFactory is Ownable, IERC20hTokenBranchFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L11

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

12: contract ERC20hTokenRootFactory is Ownable, IERC20hTokenRootFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L12

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

11: contract ERC20hTokenBranch is ERC20, Ownable, IERC20hTokenBranch {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L11

[L-17] Do not use deprecated library functions

safeApprove is deprecated in favor of increaseAllowance/decreaseAllowance. Use it only for initial value approve.

There are 9 instances of this issue:
File: gauges/UniswapV3Gauge.sol

45:         rewardToken.safeApprove(_uniswapV3Staker, type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L45

File: maia/tokens/ERC4626PartnerManager.sol

200:         address(gaugeWeight).safeApprove(newPartnerVault, type(uint256).max);

201:         address(gaugeBoost).safeApprove(newPartnerVault, type(uint256).max);

202:         address(governance).safeApprove(newPartnerVault, type(uint256).max);

203:         address(partnerGovernance).safeApprove(newPartnerVault, type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L200

File: rewards/base/BaseFlywheelRewards.sol

36:         _rewardToken.safeApprove(address(_flywheel), type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L36

File: talos/base/TalosBaseStrategy.sol

130:         address(_token0).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);

131:         address(_token1).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L130

File: ulysses-amm/UlyssesRouter.sol

40:             address(ulysses.asset()).safeApprove(address(ulysses), type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L40

[L-18] No limits when setting min/max amounts

It is important to ensure that the min/max amounts are set to a reasonable value.

There are 15 instances of this issue:
File: erc-20/ERC20Gauges.sol

457:         maxGauges = newMax;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L457

File: erc-20/ERC20MultiVotes.sol

98:         maxDelegates = newMax;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L98

File: gauges/UniswapV3Gauge.sol

41:         minimumWidth = _minimumWidth;

63:         minimumWidth = _minimumWidth;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L41

File: gauges/factories/UniswapV3GaugeFactory.sol

77:         uint24 minimumWidth = abi.decode(data, (uint24));

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L77

File: rewards/rewards/FlywheelGaugeRewards.sol

64:         minter = _minter;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L64

File: talos/TalosOptimizer.sol

51:         maxTwapDeviation = _maxTwapDeviation;

54:         maxTotalSupply = _maxTotalSupply;

64:         maxTotalSupply = _maxTotalSupply;

76:         maxTwapDeviation = _maxTwapDeviation;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L51

File: ulysses-amm/UlyssesPool.sol

739:             maxWidth := sub(upperBound1, upperBound2)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L739

File: ulysses-omnichain/BranchPort.sol

128:         uint256 minReserves = _minimumReserves(currBalance, _token);

139:         uint256 minReserves = _minimumReserves(currBalance, _token);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L128

File: uni-v3-staker/UniswapV3Staker.sol

125:         maxIncentiveStartLeadTime = _maxIncentiveStartLeadTime;

128:         minter = _minter;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L125

[L-19] Approve type(uint256).max not work with some tokens

Source: https://github.com/d-xo/weird-erc20#revert-on-large-approvals--transfers

There are 9 instances of this issue:
File: gauges/UniswapV3Gauge.sol

45:         rewardToken.safeApprove(_uniswapV3Staker, type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L45

File: maia/tokens/ERC4626PartnerManager.sol

200:         address(gaugeWeight).safeApprove(newPartnerVault, type(uint256).max);

201:         address(gaugeBoost).safeApprove(newPartnerVault, type(uint256).max);

202:         address(governance).safeApprove(newPartnerVault, type(uint256).max);

203:         address(partnerGovernance).safeApprove(newPartnerVault, type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L200

File: rewards/base/BaseFlywheelRewards.sol

36:         _rewardToken.safeApprove(address(_flywheel), type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L36

File: talos/base/TalosBaseStrategy.sol

130:         address(_token0).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);

131:         address(_token1).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L130

File: ulysses-amm/UlyssesRouter.sol

40:             address(ulysses.asset()).safeApprove(address(ulysses), type(uint256).max);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L40

[L-20] Owner can renounce Ownership

Typically, the contract’s owner is the account that deploys the contract. As a result, the owner is able to perform certain privileged activities. The OpenZeppelin’s Ownable used in this project contract implements renounceOwnership. This can represent a certain risk if the ownership is renounced for any other reason than by design. Renouncing ownership will leave the contract without an owner, thereby removing any functionality that is only available to the owner.

There are 29 instances of this issue:
File: erc-20/ERC20Boost.sol

19: abstract contract ERC20Boost is ERC20, Ownable, IERC20Boost {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L19

File: erc-20/ERC20MultiVotes.sol

20: abstract contract ERC20MultiVotes is ERC20, Ownable, IERC20MultiVotes {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L20

File: gauges/BaseV2Gauge.sol

20: abstract contract BaseV2Gauge is Ownable, IBaseV2Gauge {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L20

File: gauges/factories/BaseV2GaugeFactory.sol

18: abstract contract BaseV2GaugeFactory is Ownable, IBaseV2GaugeFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L18

File: gauges/factories/BaseV2GaugeManager.sol

14: contract BaseV2GaugeManager is Ownable, IBaseV2GaugeManager {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L14

File: hermes/minters/BaseV2Minter.sol

16: contract BaseV2Minter is Ownable, IBaseV2Minter {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L16

File: hermes/tokens/HERMES.sol

47: contract HERMES is ERC20, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L47

File: maia/factories/PartnerManagerFactory.sol

12: contract PartnerManagerFactory is Ownable, IPartnerManagerFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L12

File: maia/tokens/ERC4626PartnerManager.sol

22: abstract contract ERC4626PartnerManager is PartnerUtilityManager, Ownable, ERC4626, IERC4626PartnerManager {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L22

File: maia/tokens/Maia.sol

40: contract Maia is ERC20, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L40

File: rewards/base/FlywheelCore.sol

15: abstract contract FlywheelCore is Ownable, IFlywheelCore {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L15

File: rewards/depots/MultiRewardsDepot.sol

11: contract MultiRewardsDepot is Ownable, RewardsDepot, IMultiRewardsDepot {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L11

File: talos/TalosOptimizer.sol

10: contract TalosOptimizer is Ownable, ITalosOptimizer {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L10

File: talos/base/TalosBaseStrategy.sol

24: abstract contract TalosBaseStrategy is Ownable, ERC20, ReentrancyGuard, ITalosBaseStrategy {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L24

File: talos/boost-aggregator/BoostAggregator.sol

19: contract BoostAggregator is Ownable, IBoostAggregator {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L19

File: ulysses-amm/UlyssesPool.sol

19: contract UlyssesPool is UlyssesERC4626, Ownable, IUlyssesPool {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L19

File: ulysses-amm/UlyssesToken.sol

15: contract UlyssesToken is ERC4626MultiToken, Ownable, IUlyssesToken {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L15

File: ulysses-amm/factories/UlyssesFactory.sol

38: contract UlyssesFactory is Ownable, IUlyssesFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L38

File: ulysses-omnichain/BaseBranchRouter.sol

21: contract BaseBranchRouter is IBranchRouter, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L21

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

25: contract BranchBridgeAgentExecutor is Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L25

File: ulysses-omnichain/BranchPort.sol

16: contract BranchPort is Ownable, IBranchPort {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L16

File: ulysses-omnichain/CoreRootRouter.sol

38: contract CoreRootRouter is IRootRouter, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L38

File: ulysses-omnichain/MulticallRootRouter.sol

47: contract MulticallRootRouter is IRootRouter, Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L47

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

26: contract RootBridgeAgentExecutor is Ownable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L26

File: ulysses-omnichain/RootPort.sol

20: contract RootPort is Ownable, IRootPort {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L20

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

16: contract BranchBridgeAgentFactory is Ownable, IBranchBridgeAgentFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L16

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

11: contract ERC20hTokenBranchFactory is Ownable, IERC20hTokenBranchFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L11

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

12: contract ERC20hTokenRootFactory is Ownable, IERC20hTokenRootFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L12

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

11: contract ERC20hTokenBranch is ERC20, Ownable, IERC20hTokenBranch {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L11

[L-21] Unsafe ERC20 operations

Use require or if to compare values. Otherwise comparison will be ignored.

There are 15 instances of this issue:
File: erc-20/ERC20Boost.sol

313:         return super.transfer(to, amount);

329:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L313

File: erc-20/ERC20Gauges.sol

498:         return super.transfer(to, amount);

510:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L498

File: erc-20/ERC20MultiVotes.sol

293:         return super.transfer(to, amount);

305:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L293

File: hermes/bHermes.sol

148:         return super.transfer(to, amount);

166:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L148

File: maia/tokens/ERC4626PartnerManager.sol

270:         return super.transfer(to, amount);

286:         return super.transferFrom(from, to, amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L270

File: talos/TalosStrategyStaked.sol

91:         return super.transfer(_to, _amount);

96:         return super.transferFrom(_from, _to, _amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L91

File: talos/base/TalosBaseStrategy.sol

409:         if (amount0 > 0) _token0.transfer(msg.sender, amount0);

410:         if (amount1 > 0) _token1.transfer(msg.sender, amount1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L409

File: ulysses-omnichain/VirtualAccount.sol

37:         ERC721(_token).transferFrom(address(this), msg.sender, _tokenId);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L37

[N-1] Typos in the code

There are 98 instances of this issue:
File: ulysses-amm/UlyssesPool.sol

387:  // @audit transferred
388:             let transfered


389:  // @audit transferred
390:             let transferedChange


445:  // @audit transferred
446:                 transfered := totalDiff


447:  // @audit transferred
448:                 transferedChange := sub(amount, totalDiff)


452:  // @audit transferred
453:                 transfered := amount


460:  // @audit transferred
461:                 if gt(transfered, 0) {


465:  // @audit transferred
466:                     if mul(diff, gt(transfered, div(not(0), diff))) {


474:  // @audit transferred
475:                     // If round up then do mulDivUp(transfered, diff, totalDiff)


478:  // @audit transferred
479:                                 iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)


478:  // @audit transferred
479:                                 iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)


481:  // @audit transferred
482:                     // If round down then do mulDiv(transfered, diff, totalDiff)


482:  // @audit transferred
483:                     default { bandwidthUpdate := div(mul(transfered, diff), totalDiff) }


486:  // @audit transferred
487:                 if gt(transferedChange, 0) {


491:  // @audit transferred
492:                     if mul(weight, gt(transferedChange, div(not(0), weight))) {


500:  // @audit transferred
501:                     // If round up then do mulDivUp(transferedChange, weight, _totalWeights)


506:  // @audit transferred
507:                                     iszero(iszero(mod(mul(transferedChange, weight), _totalWeights))),


507:  // @audit transferred
508:                                     div(mul(transferedChange, weight), _totalWeights)


511:  // @audit transferred
512:                     // If round down then do mulDiv(transferedChange, weight, _totalWeights)


513:  // @audit transferred
514:                         bandwidthUpdate := add(bandwidthUpdate, div(mul(transferedChange, weight), _totalWeights))


877:  // @audit transferred
878:             // If round down then do mulDiv(transfered, diff, totalDiff)


879:  // @audit transferred
880:             // If round up then do mulDivUp(transfered, diff, totalDiff)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L387-L388

File: ulysses-amm/interfaces/IUlyssesToken.sol

7:  // @audit existing
8:  *  @dev Allows to add/remove new tokens and change exisiting weights

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesToken.sol#L7-L8

File: ulysses-amm/interfaces/IUlyssesPool.sol

7:  // @audit implementation
8:  *  @notice This contract is stableswap AMM that uses it's implemention of


148:  // @audit existing
149:      * @notice Changes the weight of a exisiting Ulysses LP with the given ID


173:  // @audit transferred
174:      * @return output The output amount transfered to user from the destination Ulysses LP


183:  // @audit transferred
184:      * @param user The user to be transfered the output


184:  // @audit transferred
185:      * @return output The output amount transfered to user


207:  // @audit setting
208:     /// @notice Throw when settng an invalid fee

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesPool.sol#L7-L8

File: ulysses-omnichain/RootPort.sol

65:  // @audit Length
66:     uint256 public bridgeAgentsLenght;


81:  // @audit Length
82:     uint256 public bridgeAgentFactoriesLenght;


155:  // @audit transferring
156:     /// @notice Function for transfering ownership of the contract to another address.


162:  // @audit overridden
163:     /// @notice Function being overrriden to prevent mistakenly renouncing ownership.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L65-L66

File: ulysses-omnichain/BranchPort.sol

31:  // @audit Length
32:     uint256 public bridgeAgentsLenght;


44:  // @audit Length
45:     uint256 public bridgeAgentFactoriesLenght;


58:  // @audit Length
59:     uint256 public strategyTokensLenght;


68:  // @audit Strategy
69:     /// @notice Mapping returns true if Port Startegy is allowed to manage a given Strategy Token. Strategy => Token => bool.


75:  // @audit Length
76:     uint256 public portStrategiesLenght;


77:  // @audit Strategy
78:     /// @notice Mapping returns the amount of Strategy Token debt a given Port Startegy has.  Strategy => Token => uint256.


110:  // @audit overridden
111:     /// @notice Function being overrriden to prevent mistakenly renouncing ownership.


332:  // @audit Length
333:         strategyTokensLenght++;


353:  // @audit Length
354:         portStrategiesLenght++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L31-L32

File: ulysses-omnichain/MulticallRootRouter.sol

85:  // @audit Account
86:      *   @notice Function to perform a set of actions on the omnichian environment without using the user's Virtual Acccount.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L85-L86

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

24:  // @audit Length
25:     uint256 public hTokensLenght;


65:  // @audit Length
66:         hTokensLenght++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L24-L25

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

23:  // @audit Length
24:     uint256 public hTokensLenght;


43:  // @audit Length
44:         hTokensLenght++;


65:  // @audit Length
66:         hTokensLenght++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L23-L24

File: ulysses-omnichain/BranchBridgeAgent.sol

644:  // @audit encoded
645:      *   @param _params RLP enconded parameters to execute on the root chain.


664:  // @audit encoded
665:      *   @param _params RLP enconded parameters to execute on the root chain.


700:  // @audit encoded
701:      *   @param _params RLP enconded parameters to execute on the root chain.


968:  // @audit addresses
969:      *     @param _hToken  local hToken addresse to clear balance for.


969:  // @audit addresses
970:      *     @param _token  native / underlying token addresse to clear balance for.


1056:  // @audit attached
1057:      *   @param _depositNonce Identifier for user deposit attatched to interaction being fallback.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L644-L645

File: ulysses-omnichain/CoreBranchRouter.sol

196:  // @audit environment
197:      * @notice Function to deploy/add a token already active in the global enviornment in the Root Chain. Must be called from another chain.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L196-L197

File: ulysses-omnichain/interfaces/IRootPort.sol

132:  // @audit ACCOUNTING
133:                         hTOKEN ACCOUTING FUNCTIONS

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootPort.sol#L132-L133

File: ulysses-omnichain/interfaces/IPortStrategy.sol

6:  // @audit Branch
7:  * @notice Base Contract for interfacing with Brach Port Strategy contracts

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IPortStrategy.sol#L6-L7

File: ulysses-omnichain/interfaces/IBranchRouter.sol

35:  // @audit encoded
36:      *   @param params RLP enconded parameters to execute on the root chain.


44:  // @audit encoded
45:      *   @param params RLP enconded parameters to execute on the root chain.


56:  // @audit encoded
57:      *   @param params RLP enconded parameters to execute on the root chain.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchRouter.sol#L35-L36

File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol

87:  // @audit responsible
88:  * @notice Contract for deployment in Branch Chains of Omnichain System, responible for


104:  // @audit invalid
105:  *              as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change


161:  // @audit encoded
162:      *   @param params enconded parameters to execute on the root chain router.


170:  // @audit encoded
171:      *   @param params enconded parameters to execute on the root chain router.


182:  // @audit encoded
183:      *   @param params enconded parameters to execute on the root chain router.


196:  // @audit encoded
197:      *   @param params enconded parameters to execute on the root chain router.


205:  // @audit encoded
206:      *   @param params enconded parameters to execute on the root chain router.


217:  // @audit encoded
218:      *   @param params enconded parameters to execute on the root chain router.


272:  // @audit addresses
273:      *     @param _hToken  local hToken addresse to clear balance for.


273:  // @audit addresses
274:      *     @param _token  native / underlying token addresse to clear balance for.


328:  // @audit encoded
329:      *   @param params enconded parameters to execute on the root chain router.


346:  // @audit encoded
347:      *   @param params enconded parameters to execute on the root chain router.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchBridgeAgent.sol#L87-L88

File: ulysses-omnichain/interfaces/IVirtualAccount.sol

13:  // @audit performed
14:  * @dev    This contract is based off Maker's `Multicall2` contract, executes a set of `Call` objects if any of the perfomed call is invalid the whole batch should revert.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IVirtualAccount.sol#L13-L14

File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol

101:  // @audit invalid
102:  *              as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change


162:  // @audit initial
163:      * @notice External function to get the intial gas available for remote request execution.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootBridgeAgent.sol#L101-L102

File: ulysses-omnichain/RootBridgeAgent.sol

472:  // @audit receiver
473:      *    @param _recipient destination chain reciever address.


508:  // @audit receiver
509:      *    @param _recipient destination chain reciever address.


574:  // @audit Status
575:         //Update Settlement Staus

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L472-L473

File: talos/interfaces/ITalosBaseStrategy.sol

116:  // @audit transferred
117:      * @param receiver address that tlp should be transfered


131:  // @audit transferred
132:      * @param receiver address that tokens should be transfered


163:  // @audit swapping
164:     /// @notice Called to `msg.sender` after minting swaping from IUniswapV3Pool#swap.


229:  // @audit position
230:     /// @param tickLower Lower price tick of the positon

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L116-L117

File: talos/TalosStrategyVanilla.sol

125:  // @audit perspective
126:     /// @notice Compounds fees from the pool from a user prespective

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L125-L126

File: talos/libraries/PoolVariables.sol

246:  // @audit conversion
247:             : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L246-L247

File: uni-v3-staker/UniswapV3Staker.sol

50:  // @audit Attachments
51:     mapping(address => mapping(IUniswapV3Pool => uint256)) private _userAttachements;


74:  // @audit Attachments
75:     function userAttachements(address user, IUniswapV3Pool pool) external view override returns (uint256) {


75:  // @audit Attachments
76:         return hermesGaugeBoost.isUserGauge(user, address(gauges[pool])) ? _userAttachements[user][pool] : 0;


302:  // @audit Attachments
303:             if (_userAttachements[owner][key.pool] == tokenId) {


400:  // @audit Attachments
401:             if (hermesGaugeBoost.isUserGauge(owner, address(gauge)) && _userAttachements[owner][key.pool] == tokenId) {


404:  // @audit Attachments
405:                 _userAttachements[owner][key.pool] = 0;


495:  // @audit Attachments
496:             _userAttachements[tokenOwner][pool] = tokenId;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L50-L51

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

139:  // @audit Attachments
140:     function userAttachements(address user, IUniswapV3Pool pool) external view returns (uint256);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L139-L140

File: hermes/interfaces/IBaseV2Minter.sol

116:  // @audit initialize
117:     /// @dev Throws when the caller of `intialize()` is not the initializer contract.

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L116-L117

File: erc-20/interfaces/IERC20Boost.sol

14:  // @audit calculated
15:  *          Then liquidity per user should be caculated by using this formula, from curve finance:


213:  // @audit emitted
214:     /// @notice emmitted when a user attaches boost to a gauge.


216:  // @audit emitted
217:     /// @notice emmitted when a user detaches boost from a gauge.


219:  // @audit emitted
220:     /// @notice emmitted when a user updates their boost.


222:  // @audit emitted
223:     /// @notice emmitted when a user decrements their gauge boost.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L14-L15

File: rewards/rewards/FlywheelInstantRewards.sol

32:  // @audit existing
33:         return rewardsDepot.getRewards(); // get exisiting rewards

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L32-L33

[N-2] Use a more recent version of solidity

Solidity 0.8.10 has a useful change that reduced gas costs of external calls which expect a return value.

In 0.8.15 the conditions necessary for inlining are relaxed. Benchmarks show that the change significantly decreases the bytecode size (which impacts the deployment cost) while the effect on the runtime gas usage is smaller.

In 0.8.17 prevent the incorrect removal of storage writes before calls to Yul functions that conditionally terminate the external EVM call; Simplify the starting offset of zero-length operations to zero. More efficient overflow checks for multiplication.

There are 68 instances of this issue:
File: rewards/FlywheelCoreStrategy.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L2

File: rewards/FlywheelCoreInstant.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L2

File: rewards/rewards/FlywheelAcummulatedRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L3

File: rewards/rewards/FlywheelInstantRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L3

File: rewards/rewards/FlywheelGaugeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L3

File: rewards/rewards/FlywheelBribeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L3

File: rewards/base/BaseFlywheelRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L3

File: rewards/base/FlywheelCore.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L3

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L3

File: rewards/depots/RewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L2

File: rewards/depots/SingleRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L2

File: rewards/depots/MultiRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L2

File: hermes/UtilityManager.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L3

File: hermes/bHermes.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L2

File: hermes/tokens/bHermesVotes.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L2

File: hermes/tokens/bHermesBoost.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L2

File: hermes/tokens/bHermesGauges.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L2

File: hermes/minters/BaseV2Minter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L2

File: erc-20/ERC20Boost.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L3

File: erc-20/ERC20Gauges.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L3

File: erc-20/ERC20MultiVotes.sol

4: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L4

File: gauges/UniswapV3Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L2

File: gauges/BaseV2Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L2

File: gauges/factories/BribesFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L2

File: gauges/factories/BaseV2GaugeManager.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L3

File: gauges/factories/BaseV2GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L3

File: gauges/factories/UniswapV3GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L3

File: uni-v3-staker/UniswapV3Staker.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L3

File: uni-v3-staker/libraries/IncentiveTime.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L2

File: uni-v3-staker/libraries/NFTPositionInfo.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/NFTPositionInfo.sol#L3

File: uni-v3-staker/libraries/IncentiveId.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L2

File: uni-v3-staker/libraries/RewardMath.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L2

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L3

File: talos/TalosManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L2

File: talos/TalosOptimizer.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L3

File: talos/factories/OptimizerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L2

File: talos/factories/TalosStrategyVanillaFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L3

File: talos/factories/BoostAggregatorFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L2

File: talos/factories/TalosBaseStrategyFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L2

File: talos/factories/TalosStrategyStakedFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L2

File: ulysses-omnichain/RootBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L2

File: ulysses-omnichain/ArbitrumBranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L3

File: ulysses-omnichain/CoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L2

File: ulysses-omnichain/BaseBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L2

File: ulysses-omnichain/BranchBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L2

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L2

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L2

File: ulysses-omnichain/MulticallRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L2

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L2

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L2

File: ulysses-omnichain/VirtualAccount.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L3

File: ulysses-omnichain/CoreRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L2

File: ulysses-omnichain/BranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L3

File: ulysses-omnichain/RootPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L3

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L2

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L2

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L2

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L2

File: ulysses-amm/UlyssesToken.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L2

File: ulysses-amm/UlyssesRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L2

File: ulysses-amm/UlyssesPool.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L2

File: maia/PartnerUtilityManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L2

File: maia/vMaia.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L3

File: maia/factories/PartnerManagerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L2

File: maia/tokens/ERC4626PartnerManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L2

File: maia/tokens/Maia.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L2

[N-3] Lines are too long

The solidity style guide recommends a maximumum line length of 120 characters, so the lines below should be split when they reach that length.

There are 192 instances of this issue:
File: rewards/FlywheelCoreStrategy.sol

19:  *          It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.


22:  * the rewards index which determines how many rewards are owed per token per strategy. User indexes track how far behind the strategy they are to lazily calculate all catch-up rewards.


26:  *          Core does not manage any tokens directly. The rewards module maintains token balances, and approves core to pull transfer them to users when they claim.


28:  *          SECURITY NOTE: For maximum accuracy and to avoid exploits, rewards accrual should be notified atomically through the accrue hook.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L19

File: rewards/FlywheelCoreInstant.sol

19:  *          It takes a single reward stream to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.


22:  * the rewards index which determines how many rewards are owed per token per strategy. User indexes track how far behind the strategy they are to lazily calculate all catch-up rewards.


26:  *          Core does not manage any tokens directly. The rewards module maintains token balances, and approves core to pull transfer them to users when they claim.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L19

File: rewards/rewards/FlywheelGaugeRewards.sol

74:         /// This will make this call fail if it is a new epoch, because the minter calls this function, the first call would fail with "CycleError()".


109:         /// This will make this call fail if it is a new epoch, because the minter calls this function, the first call would fail with "CycleError()".


141:         // Important to do non-strict inequality to include the case where the numRewards is just enough to complete the cycle

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L74

File: rewards/interfaces/IFlywheelAcummulatedRewards.sol

11:  *          Once every cycle all the rewards can be accrued from the strategy's corresponding rewards depot for subsequent distribution.


13:  *          The getNextCycleRewards() hook should also transfer the next cycle's rewards to this contract to ensure proper accounting.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelAcummulatedRewards.sol#L11

File: rewards/interfaces/IFlywheelBooster.sol

11:  *          It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.


18:  *          SECURITY NOTE: similar to how Core needs to be notified any time the strategy user composition changes, the booster would need to be notified of any conditions which change the boosted balances atomically.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBooster.sol#L11

File: rewards/interfaces/IFlywheelRewards.sol

13:  *          It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.


16:  *             - determining the ongoing reward amounts to entire strategies (core handles the logic for dividing among users)


19:  *          The reward stream can follow arbitrary logic as long as the reward amount passed to flywheel core has been sent to this contract.


27:  *          SECURITY NOTE: The rewards strategy should be smooth and continuous, to prevent gaming the reward distribution by frontrunning.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L13

File: rewards/interfaces/IFlywheelGaugeRewards.sol

22:  *  The contract assumes an arbitrary stream of rewards `S` of the rewardToken. It chunks the rewards into cycles of length `l`.


24:  *  The allocation function for each cycle A(g, S) proportions the stream to each gauge such that SUM(A(g, S)) over all gauges <= S.


27:  *  Rewards are accumulated every time a new rewards cycle begins, and all prior rewards are cached in the previous cycle.


95:     /// @notice emitted when a single gauge is queued. May be emitted before the cycle starts if the queue is done via pagination.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelGaugeRewards.sol#L22

File: rewards/interfaces/IFlywheelCore.sol

13:  *          It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.


16:  * the rewards index which determines how many rewards are owed per token per strategy. User indexes track how far behind the strategy they are to lazily calculate all catch-up rewards.


20:  *          Core does not manage any tokens directly. The rewards module maintains token balances, and approves core to pull transfer them to users when they claim.


22:  *          SECURITY NOTE: For maximum accuracy and to avoid exploits, rewards accrual should be notified atomically through the accrue hook.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L13

File: rewards/base/BaseFlywheelRewards.sol

16:  *  @dev approves the flywheel core for the reward token to allow balances to be managed by the module but claimed from core.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L16

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

14:  *          It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.


21:  *          SECURITY NOTE: similar to how Core needs to be notified any time the strategy user composition changes, the booster would need to be notified of any conditions which change the boosted balances atomically.

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L14

File: hermes/interfaces/IBaseV2Minter.sol

25:     /// @notice ERC4626 vault that receives emissions via rebases, which later will be distributed throughout the depositors.

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L25

File: erc-20/ERC20Gauges.sol

77:             return (nowPlusOneCycle / gaugeCycleLength) * gaugeCycleLength; // cannot divide by zero and always <= nowPlusOneCycle so no overflow

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L77

File: erc-20/ERC20MultiVotes.sol

217:          *         If delegatee does not have any free votes and doesn't change their vote delegator won't be able to undelegate.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L217

File: erc-20/interfaces/IERC20Gauges.sol

8:  *  @notice This contract is meant to be used to support gauge style votes with weights associated with resource allocation.


16:  *          The contract's Ownable <https://github.com/Vectorized/solady/blob/main/src/auth/Ownable.sol> manages the gauge set and cap.


72:      * @notice returns the end of the current cycle. This is the next unix timestamp which evenly divides `gaugeCycleLength`


83:      * @notice returns the stored weight of a given gauge. This is the snapshotted weight as-of the end of the last cycle.


156:      *  @return the proportion of `quantity` allocated to `gauge`. Returns 0 if a gauge is not live, even if it has weight.


206:      * @dev if this number is ever lowered, or a contract has an override, then existing addresses MAY have more gauges allocated to. Use `numUserGauges` to check this.


232:      * @dev if this is set to a lower number than the current max, users MAY have more gauges active than the max. Use `numUserGauges` to check this.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Gauges.sol#L8

File: erc-20/interfaces/IERC20MultiVotes.sol

135:      * @notice Delegate all votes `newDelegatee`. First undelegates from an existing delegate. If `newDelegatee` is zero, only undelegates.


138:      * NOTE This is meant for backward compatibility with the `ERC20Votes` and `ERC20VotesComp` interfaces from OpenZeppelin.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20MultiVotes.sol#L135

File: erc-20/interfaces/IERC20Boost.sol

8:  *          Holders can have their boost attached to gauges and cannot transfer their bHermes until they remove their boost.


9:  *          Only gauges can attach and detach boost from a user. The current user's boost and total supply are stored when attaching.


26:  *          After having the boost attached, getUserBoost() will return the maximum boost a user had allocated to all gauges.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L8

File: uni-v3-staker/libraries/IncentiveTime.sol

13:     uint256 private constant INCENTIVES_DURATION = 1 weeks; // Incentives are 1 week long and start at THURSDAY 12:00:00 UTC (00:00:00 UTC + 12 hours (INCENTIVE_OFFSET))


20:         return uint96(((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) * INCENTIVES_DURATION + INCENTIVES_OFFSET);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L13

File: uni-v3-staker/libraries/RewardMath.sol

14:     /// @param liquidity The amount of liquidity, assumed to be constant over the period over which the snapshots are measured


17:     /// @param secondsPerLiquidityInsideInitialX128 The seconds per liquidity of the liquidity tick range as of the beginning of the period


18:     /// @param secondsPerLiquidityInsideX128 The seconds per liquidity of the liquidity tick range as of the current block timestamp


19:     /// @return boostedSecondsInsideX128 The total liquidity seconds inside the position's range for the duration of the stake, adjusted to account for boost

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L14

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

153:     /// @notice Returns amounts of reward tokens owed to a given address according to the last time all stakes were updated

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L153

File: governance/GovernorBravoDelegateMaia.sol

29:     /// @notice The number of votes in support of a proposal required in order for a quorum to be reached and for a vote to succeed


120:             targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,


443:      * @notice Admin function for setting the whitelist expiration as a timestamp for an account. Whitelist status allows accounts to propose without meeting threshold


458:      * @notice Admin function for setting the whitelistGuardian. WhitelistGuardian can cancel proposals from whitelisted addresses


484:      * @dev Admin function to begin change of admin. The newPendingAdmin must call `_acceptAdmin` to finalize the transfer.

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L29

File: talos/TalosStrategyStaked.sol

82:         _boostAggregator.setOwnRewardsDepot(address(FlywheelInstantRewards(_flywheel.flywheelRewards()).rewardsDepot()));

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L82

File: talos/TalosStrategyVanilla.sol

2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/PopsicleV3Optimizer.sol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L2

File: talos/TalosOptimizer.sol

2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/OptimizerStrategy.sol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L2

File: talos/libraries/PoolVariables.sol

128:         bool zeroGreaterOne = amountsDirection(cache.amount0Desired, cache.amount1Desired, cache.amount0, cache.amount1);


190:         // From: amount0Desired.sub(amount0).mul(amount1Desired) > amount1Desired.sub(amount1).mul(amount0Desired) ?  true : false


245:         // Calculate the amount of imbalanced token that should be swapped. Calculations strive to achieve one to one ratio


248:             : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L128

File: talos/libraries/PoolActions.sol

45:         //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L45

File: talos/interfaces/ITalosOptimizer.sol

2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/OptimizerStrategy.sol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosOptimizer.sol#L2

File: talos/interfaces/ITalosBaseStrategy.sol

2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/PopsicleV3Optimizer.sol)


83:     /// @notice A Uniswap pool facilitates swapping and automated market-making between any two assets that strictly conform

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L2

File: talos/base/TalosBaseStrategy.sol

2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/PopsicleV3Optimizer.sol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L2

File: talos/factories/TalosStrategyVanillaFactory.sol

39:         return DeployVanilla.createTalosV3Vanilla(pool, optimizer, nonfungiblePositionManager, strategyManager, owner());

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L39

File: ulysses-omnichain/RootBridgeAgent.sol

47:      * @dev Local hToken must be recognized and address must match underlying if exists otherwise only local hToken is checked.


57:                 || (_dParams.amount > 0 && !IPort(_localPortAddress).isLocalToken(_dParams.hToken, _fromChain)) //Check local exists.


58:                 || (_dParams.deposit > 0 && !IPort(_localPortAddress).isUnderlyingToken(_dParams.token, _fromChain)) //Check underlying exists.


153:     /// @notice Chain -> Branch Bridge Agent Address. For N chains, each Root Bridge Agent Address has M =< N Branch Bridge Agent Address.


173:     /// @notice If true, bridge agent has already served a request with this nonce from  a given chain. Chain -> Nonce -> Bool


181:     uint256 internal constant MIN_EXECUTION_OVERHEAD = 155_000; // 100_000 for anycall + 30_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Execution


433:      * @notice Updates the token balance state by moving assets from root omnichain environment to branch chain, when a user wants to bridge out tokens from the root bridge agent chain.


546:      * @notice Function to retry a user's Settlement balance with a new amount of gas to bridge out of Root Bridge Agent's Omnichain Environment.


619:      * @notice Function to reopen a user's Settlement balance as pending and thus retryable by users. Called upon anyFallback of triggered by Branch Bridge Agent.


683:         //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit


727:         //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit


751:                 address(wrappedNativeToken).safeTransfer(getBranchBridgeAgent[localChainId], userFeeInfo.gasToBridgeOut);


792:      * @notice Pays for the remote call execution gas. Demands that the user has enough gas to replenish gas for the anycall config contract or forces reversion.


854:     /// @notice Internal function that return 'from' address and 'fromChain' Id by performing an external call to AnycallExecutor Context.


1286:     /// @notice Verifies the caller is the Anycall Executor or Local Branch Bridge Agent. Internal function used in modifier to reduce contract bytesize.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L47

File: ulysses-omnichain/ArbitrumBranchPort.sol

24:     /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.


66:         address underlyingAddress = IRootPort(rootPortAddress).getUnderlyingTokenFromLocal(_globalAddress, localChainId);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L24

File: ulysses-omnichain/CoreBranchRouter.sol

86:      * @notice Function to deploy/add a token already active in the global environment in the Root Chain. Must be called from another chain.


115:      * @notice Function to deploy/add a token already active in the global environment in the Root Chain. Must be called from another chain.


198:      * @notice Function to deploy/add a token already active in the global enviornment in the Root Chain. Must be called from another chain.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L86

File: ulysses-omnichain/BaseBranchRouter.sol

88:         IBridgeAgent(localBridgeAgentAddress).retrySettlement{value: msg.value}(_settlementNonce, _gasToBoostSettlement);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L88

File: ulysses-omnichain/BranchBridgeAgent.sol

97:     /// @notice Address for Bridge Agent who processes requests submitted for the Root Router Address where cross-chain requests are executed in the Root Chain.


103:     /// @notice Address for Local Anyexec Address where cross-chain requests from the Root Chain Router are received locally.


109:     /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.


128:     /// @notice If true, bridge agent has already served a request with this nonce from  a given chain. Chain -> Nonce -> Bool


137:     uint256 internal constant MIN_FALLBACK_RESERVE = 185_000; // 100_000 for anycall + 85_000 fallback execution overhead


138:     uint256 internal constant MIN_EXECUTION_OVERHEAD = 160_000; // 100_000 for anycall + 35_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Executions


616:                         PARAMS_TKN_START + PARAMS_DEPOSIT_OFFSET * uint16(numOfAssets) + (PARAMS_ENTRY_SIZE * uint16(i)):


751:      * @notice Internal function to move assets from branch chain to root omnichain environment. Naive assets are deposited and hTokens are bridgedOut.


766:      * @notice Internal function to move assets from branch chain to root omnichain environment. Naive assets are deposited and hTokens are bridgedOut.


793:      * @dev Internal function to move assets from branch chain to root omnichain environment. Naive assets are deposited and hTokens are bridgedOut.


1107:      * @notice Internal function that returns 'from' address and 'fromChain' Id by performing an external call to AnycallExecutor Context.


1385:     /// @notice Verifies the caller is the Anycall Executor. Internal function used in modifier to reduce contract bytesize.


1398:     /// @notice Internal function that verifies caller is Branch Bridge Agent's Router. Reuse to reduce contract bytesize.


1409:     /// @notice Verifies enough gas is deposited to pay for an eventual fallback call. Reuse to reduce contract bytesize.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L97

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

208:             IRouter(_router).anyExecuteSigned(_data[25], _data[26:_data.length - PARAMS_GAS_IN], _account, _fromChainId);


403:                         PARAMS_TKN_START + PARAMS_DEPOSIT_OFFSET * uint16(numOfAssets) + (PARAMS_ENTRY_SIZE * uint16(i)):

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L208

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

110:             (success, result) = IRouter(_router).anyExecuteSettlement(_data[129:_data.length - PARAMS_GAS_OUT], sParams);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L110

File: ulysses-omnichain/MulticallRootRouter.sol

50:     /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.


53:     /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.


87:      *   @notice Function to perform a set of actions on the omnichian environment without using the user's Virtual Acccount.


507:     /// @notice Verifies the caller is the Bridge Agent Executor. Internal function used in modifier to reduce contract bytesize.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L50

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

154:      * @notice Internal function to pay for execution gas. Overwritten Gas is processed by Root Bridge Agent contract - `depositedGas` is used to pay for execution and `gasToBridgeOut`is cleared to recipient.


172:      * @notice Internal function to pay for fallback gas. Overwritten no cross-chain messaging fallback between Arbitrum Branch Bridge Agent and Root Bridge Agent.


179:      * @notice Internal function to deposit gas to the AnycallProxy. Cross-chain messaging + Gas is managed by the Root Bridge Agent


183:     /// @notice Verifies the caller is the Anycall Executor. Internal function used in modifier to reduce contract bytesize.


188:     /// @notice Verifies enough gas is deposited to pay for an eventual fallback call. Reuse to reduce contract bytesize.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L154

File: ulysses-omnichain/VirtualAccount.sol

68:     /// @notice Modifier that verifies msg sender is the approved to use the virtual account. Either the owner or an approved router.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L68

File: ulysses-omnichain/CoreRootRouter.sol

42:     /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.


45:     /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L42

File: ulysses-omnichain/BranchPort.sol

70:     /// @notice Mapping returns true if Port Startegy is allowed to manage a given Strategy Token. Strategy => Token => bool.


79:     /// @notice Mapping returns the amount of Strategy Token debt a given Port Startegy has.  Strategy => Token => uint256.


82:     /// @notice Mapping returns the last time a given Port Strategy managed a given Strategy Token. Strategy => Token => uint256.


85:     /// @notice Mapping returns the time limit a given Port Strategy must wait before managing a Strategy Token. Strategy => Token => uint256.


144:      * @notice Internal function to return the minimum amount of reserves of a given Strategy Token the Port should hold.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L70

File: ulysses-omnichain/RootPort.sol

232:     /// @notice Internal function that returns True if Local Token and is also already added in another branch chain, false otherwise.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L232

File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol

100:  *              Router interaction the userDepositedGas < executionGasSpent. This is done by calling the `_forceRevert()`


101:  *              internal function clearing all executionBudget from the AnycallConfig contract forcing the error `no enough budget`.


102:  *         - 3: The `RootBridgeAgentExecutor` is in charge of requesting token deposits for each remote interaction as well


103:  *              as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change


104:  *              both the token deposit clearances as well as the external interactions will be reverted. Yet executionGas


120:  *          0x07         | Call to `retrySettlement()´. (retries sending a settlement + calldata for branch execution with new gas)


121:  *          0x08         | Call to `clearDeposit()´. (clears a deposit that has not been executed yet triggering `anyFallback`)


133:  *           ___________________________________________________________________________________________________________________________


134:  *          |            Flag               |        Deposit Info        |             Token Info             |   DATA   |  Gas Info   |


135:  *          |           1 byte              |         4-25 bytes         |     3 + (105 or 128) * n bytes     |   ---	 |  32 bytes   |


136:  *          |                               |                            |          hT - t - A - D - C        |          |             |


137:  *          |_______________________________|____________________________|____________________________________|__________|_____________|


138:  *          | callOutSystem = 0x0   	    |                 4b(nonce)  |            -------------           |   ---	 |  dep + bOut |


139:  *          | callOut = 0x1                 |                 4b(nonce)  |            -------------           |   ---	 |  dep + bOut |


140:  *          | callOutSingle = 0x2           |                 4b(nonce)  |      20b + 20b + 32b + 32b + 3b    |   ---	 |  16b + 16b  |


141:  *          | callOutMulti = 0x3            |         1b(n) + 4b(nonce)  |   	32b + 32b + 32b + 32b + 3b    |   ---	 |  16b + 16b  |


142:  *          | callOutSigned = 0x4           |    20b(recip) + 4b(nonce)  |   	      -------------           |   ---    |  16b + 16b  |


143:  *          | callOutSignedSingle = 0x5     |           20b + 4b(nonce)  |      20b + 20b + 32b + 32b + 3b 	  |   ---	 |  16b + 16b  |


144:  *          | callOutSignedMultiple = 0x6   |   20b + 1b(n) + 4b(nonce)  |      32b + 32b + 32b + 32b + 3b 	  |   ---	 |  16b + 16b  |


145:  *          |_______________________________|____________________________|____________________________________|__________|_____________|


150:  *                  RootBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted) -> RootBridgeAgent (replenishedGas)


153:  *                  RootBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted) -> RootBridgeAgent (replenishedGas)


156:  *                  RootBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted)


196:      * @notice External function to verify a given chain has been allowed by the Root Bridge Agent's Manager for new Branch Bridge Agent creation.


217:      *   @param _owner address allowed for redeeming assets after a failed settlement fallback. This address' Virtual Account is also allowed.


238:      *   @param _owner address allowed for redeeming assets after a failed settlement fallback. This address' Virtual Account is also allowed.


263:      * @notice Function to move assets from branch chain to root omnichain environment. Called in response to Bridge Agent Executor.


271:      * @notice Function to move assets from branch chain to root omnichain environment. Called in response to Bridge Agent Executor.


349:      * @notice Function to force revert when a remote action does not have enough gas or is being retried after having been previously executed.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootBridgeAgent.sol#L100

File: ulysses-omnichain/interfaces/IRootRouter.sol

44:      *   @notice Function responsible of executing a crosschain request which contains cross-chain deposit information attached.


59:      *   @notice Function responsible of executing a crosschain request which contains cross-chain deposit information for multiple assets attached.


86:      * @notice Function responsible of executing a crosschain request which contains cross-chain deposit information and msg.sender attached.


102:      * @notice Function responsible of executing a crosschain request which contains cross-chain deposit information for multiple assets and msg.sender attached.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootRouter.sol#L44

File: ulysses-omnichain/interfaces/IVirtualAccount.sol

14:  * @notice A Virtual Account allows users to manage assets and perform interactions remotely while allowing dApps to keep encapsulated user balance for accounting purposes.


15:  * @dev    This contract is based off Maker's `Multicall2` contract, executes a set of `Call` objects if any of the perfomed call is invalid the whole batch should revert.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IVirtualAccount.sol#L14

File: ulysses-omnichain/interfaces/IApp.sol

8:      * @notice anyExecute is the function that will be called on the destination chain to execute interaction (required).


16:      * @notice anyFallback is the function that will be called on the originating chain if the cross chain interaction fails (optional, advised).

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IApp.sol#L8

File: ulysses-omnichain/interfaces/IBranchPort.sol

151:      * @notice Reverts the toggle on the given bridge agent factory. If it's active, it will de-activate it and vice-versa.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchPort.sol#L151

File: ulysses-omnichain/interfaces/IBranchRouter.sol

112:      * @dev Function responsible of executing a crosschain request which contains cross-chain deposit information attached.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchRouter.sol#L112

File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol

102:  *         - 2: The `BranchBridgeAgent` will trigger a revert all state changes if by the end of the remote initiated call


103:  *              Router interaction the userDepositedGas < executionGasSpent. This is done by calling the `_forceRevert()`


104:  *              internal function clearing all executionBudget from the AnycallConfig contract forcing the error `no enough budget`.


105:  *         - 3: The `BranchBridgeAgentExecutor` is in charge of requesting token deposits for each remote interaction as well


106:  *              as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change


107:  *              both the token deposit clearances as well as the external interactions will be reverted. Yet executionGas


128:  *           ________________________________________________________________________________________________________________________________


129:  *          |            Flag               |           Deposit Info           |             Token Info             |   DATA   |  Gas Info   |


130:  *          |           1 byte              |            4-25 bytes            |        (105 or 128) * n bytes      |   ---	   |  16 bytes   |


131:  *          |                               |                                  |            hT - t - A - D          |          |             |


132:  *          |_______________________________|__________________________________|____________________________________|__________|_____________|


133:  *          | callOut = 0x0                 |  20b(recipient) + 4b(nonce)      |            -------------           |   ---	   |     dep     |


134:  *          | callOutSingle = 0x1           |  20b(recipient) + 4b(nonce)      |         20b + 20b + 32b + 32b      |   ---	   |     16b     |


135:  *          | callOutMulti = 0x2            |  1b(n) + 20b(recipient) + 4b     |   	     32b + 32b + 32b + 32b      |   ---	   |     16b     |


136:  *          |_______________________________|__________________________________|____________________________________|__________|_____________|


140:  *          BranchBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted) -> BranchBridgeAgent (replenishedGas)


197:      * @notice Function to perform a call to the Root Omnichain Router without token deposit with msg.sender information.


218:      * @notice Function to perform a call to the Root Omnichain Router while depositing two or more assets with msg.sender.


232:      * @notice Function to perform a call to the Root Omnichain Environment retrying a failed deposit that hasn't been executed yet.


257:      * @notice External function to request tokens back to branch chain after a failed omnichain environment interaction.


368:      * @notice Function to force revert when a remote action does not have enough gas or is being retried after having been previously executed.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchBridgeAgent.sol#L102

File: ulysses-omnichain/interfaces/IRootPort.sol

13: /// @title Struct that contains the information of the Gas Pool - used for swapping in and out of a given Branch Chain's Gas Token.


107:     /// @notice View Function returns True if Local Token and is also already added in another branch chain, false otherwise.


221:      * @notice Toggles the approval of a router for a virtual account. Allows for a router to spend a user's virtual account.


278:      * @param _newUnderlyingBranchWrappedNativeTokenAddress address of the underlying wrapped native token of the new branch

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootPort.sol#L13

File: ulysses-amm/UlyssesPool.sol

480:                                 iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)


867:                 add(add(iszero(iszero(mod(mul(height, feeTier), maxWidth))), div(mul(height, feeTier), maxWidth)), offset)


1126:                 add(iszero(iszero(mod(mul(assets, _protocolFee), DIVISIONER))), div(mul(assets, _protocolFee), DIVISIONER))

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L480

[N-4] Inconsistent spacing in comments

Using // x, * x is more preferable than //x, *x. It is easier to read and also easier to search for.

There are 1283 instances of this issue:
File: talos/TalosManager.sol

67:         //Calculate base ticks.


79:         //Calculate base ticks.

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L17

File: talos/TalosStrategyVanilla.sol

47:     uint24 private constant protocolFee = 2 * 1e5; //20%


135:         //Get Liquidity for Optimizer's balances

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L47

File: talos/libraries/PoolVariables.sol

52:         //Get current price from the pool


73:         //Get current price from the pool


120:         //Calc base ticks


122:         //Calc amounts of token0 and token1 that can be stored in base range


125:         //Liquidity that can be stored in base range


127:         //Get imbalanced token


129:         //Calc new tick(upper or lower) for imbalanced token


231:         //Calc base ticks

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L52

File: talos/libraries/PoolActions.sol

25:     //Any data passed through by the caller via the IUniswapV3PoolActions#swap call


45:         //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit


101:         //Get exact ticks depending on Optimizer's balances

File: ulysses-omnichain/RootBridgeAgent.sol

56:             (_dParams.amount < _dParams.deposit) //Deposit can't be greater than amount.


57:                 || (_dParams.amount > 0 && !IPort(_localPortAddress).isLocalToken(_dParams.hToken, _fromChain)) //Check local exists.


58:                 || (_dParams.deposit > 0 && !IPort(_localPortAddress).isUnderlyingToken(_dParams.token, _fromChain)) //Check underlying exists.


227:         accumulatedFees = 1; //Avoid paying 20k gas in first `payExecutionGas` making MIN_EXECUTION_OVERHEAD constant.


245:         //Update User Gas available.


250:         //Clear Settlement with updated gas.


256:         //Get deposit owner.


259:         //Update Deposit


276:         //Encode Data for call.


280:         //Perform Call to clear hToken balance on destination branch chain.


294:         //Get destination Local Address from Global Address.


297:         //Get destination Underlying Address from Local Address.


300:         //Check if valid assets


305:         //Prepare data for call


318:         //Update State to reflect bridgeOut


323:         //Create Settlement


326:         //Perform Call to clear hToken balance on destination branch chain and perform call.


343:             //Populate Addresses for Settlement


358:         //Prepare data for call with settlement of multiple assets


372:         //Create Settlement Balance


375:         //Perform Call to destination Branch Chain.


388:         //Check Deposit info from Cross Chain Parameters.


393:         //Get global address


396:         //Check if valid asset


399:         //Move hTokens from Branch to Root + Mint Sufficient hTokens to match new port deposit

452:             //Move output hTokens from Root to Branch


458:             //Verify there is enough balance to clear native tokens if needed


493:         //Cast to Dynamic


503:         //Call createSettlement


551:         //Get Settlement


554:         //Check if Settlement hasn't been redeemed.


557:         //abi encodePacked


560:         //overwrite last 16bytes of callData


570:         //Update Gas To Bridge Out


573:         //Set Settlement Calldata to send to Branch Chain


576:         //Update Settlement Staus


579:         //Retry call with additional gas


582:         //Retry Success


595:         //Clear Global hTokens To Recipient on Root Chain cancelling Settlement to Branch


597:             //Check if asset


599:                 //Move hTokens from Branch to Root + Mint Sufficient hTokens to match new port deposit


624:         //Update Deposit


642:     //Local mapping of valid gas pools


660:         //Get fromChain's Gas Pool Info


664:         //Check if valid addresses


667:         //Move Gas hTokens from Branch to Root / Mint Sufficient hTokens to match new port deposit


670:         //Save Gas Pool for future use


673:         //Get sqrtPriceX96


679:         //Get limit


683:         //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit


704:         //Get fromChain's Gas Pool Info


708:         //Check if valid addresses


711:         //Save Gas Pool for future use


716:             //Get sqrtPriceX96


722:             //Get limit


727:         //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit


749:             //Transfer gasToBridgeOut Local Branch Bridge Agent if remote initiated call.

781:             //Sends message to AnycallProxy


786:             //Execute locally


801:         //reset initial remote execution gas and remote execution fee information


807:         //Get Available Gas


810:         //Get Root Environment Execution Cost


813:         //Check if sufficient balance


819:         //Replenish Gas


822:         //Account for excess gas


832:         //Save gasleft


835:         //Get Branch Environment Execution Cost


838:         //Check if sufficient balance


844:         //Update user deposit reverts if not enough gas


849:         //Unwrap Gas


866:         //Get Initial Gas Checkpoint


874:             //Save initial gas


877:             //Get fromChainId from AnyExecutor Context


880:             //Save fromChainId


883:             //Swap in all deposited Gas


888:             //Save Gas to Swap out to destination chain


891:             //Local Chain initiated call


894:             //Save depositedGas


897:             //Save Gas to Swap out to destination chain


903:             //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


907:         //Store User Fee Info


910:         //Read Bridge Agent Action Flag attached from cross-chain message header.


913:         //DEPOSIT FLAG: 0 (System request / response)


915:             //Get nonce


918:             //Check if tx has already been executed


921:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


925:             //Try to execute remote request


931:                 //Interaction failure trigger fallback


935:             //Update tx state as executed


938:             //DEPOSIT FLAG: 1 (Call without Deposit)


940:             //Get Deposit Nonce


943:             //Check if tx has already been executed


946:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


950:             //Try to execute remote request


956:                 //No new asset deposit no need to trigger fallback


960:             //Update tx state as executed


963:             //DEPOSIT FLAG: 2 (Call with Deposit)


965:             //Get Deposit Nonce


968:             //Check if tx has already been executed


971:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


975:             //Try to execute remote request


984:             //Update tx state as executed


987:             //DEPOSIT FLAG: 3 (Call with multiple asset Deposit)


989:             //Get deposit nonce


992:             //Check if tx has already been executed


995:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


999:             //Try to execute remote request


1008:             //Update tx state as executed


1011:             //DEPOSIT FLAG: 4 (Call without Deposit + msg.sender)


1013:             //Get deposit nonce associated with request being processed


1016:             //Check if tx has already been executed


1019:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1023:             //Get User Virtual Account


1028:             //Toggle Router Virtual Account use for tx execution


1031:             //Try to execute remote request


1037:                 //No new asset deposit no need to trigger fallback


1041:             //Toggle Router Virtual Account use for tx execution


1044:             //Update tx state as executed


1047:             //DEPOSIT FLAG: 5 (Call with Deposit + msg.sender)


1049:             //Get deposit nonce associated with request being processed


1052:             //Check if tx has already been executed


1055:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1059:             //Get User Virtual Account


1064:             //Toggle Router Virtual Account use for tx execution


1067:             //Try to execute remote request


1076:             //Toggle Router Virtual Account use for tx execution


1079:             //Update tx state as executed


1082:             //DEPOSIT FLAG: 6 (Call with multiple asset Deposit + msg.sender)


1084:             //Get nonce


1087:             //Check if tx has already been executed


1090:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1094:             //Get User Virtual Account


1099:             //Toggle Router Virtual Account use for tx execution


1102:             //Try to execute remote request


1111:             //Toggle Router Virtual Account use for tx execution


1114:             //Update tx state as executed


1119:             //Get nonce


1122:             //Check if tx has already been executed


1125:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1129:             //Try to execute remote request


1137:             //Update tx state as executed


1142:             //Get nonce


1145:             //Check if tx has already been executed


1147:                 //Toggle Nonce as executed


1150:                 //Retry failed fallback


1154:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1158:             //Unrecognized Function Selector


1160:             //Zero out gas after use if remote call


1170:         //Zero out gas after use if remote call


1183:         //Get Initial Gas Checkpoint


1186:         //Get fromChain


1190:         //Save Flag


1193:         //Deposit nonce


1220:         //Deposit Gas

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L56

File: ulysses-omnichain/ArbitrumBranchPort.sol


44:     ///@inheritdoc IArbitrumBranchPort


57:     ///@inheritdoc IArbitrumBranchPort

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L40

File: ulysses-omnichain/CoreBranchRouter.sol

47:         //Encode Call Data


50:         //Pack FuncId


53:         //Send Cross-Chain request (System Response/Request)


64:         //Get Token Info


68:         //Create Token


71:         //Encode Data


74:         //Pack FuncId


77:         //Send Cross-Chain request (System Response/Request)


101:         //Create Token


104:         //Encode Data


107:         //Pack FuncId


110:         //Send Cross-Chain request


132:         //Check if msg.sender is a valid BridgeAgentFactory


137:         //Create Token


142:         //Check BridgeAgent Address


147:         //Encode Data


150:         //Pack FuncId


153:         //Send Cross-Chain request


213:             //Add new Port Strategy if new.


216:             //Or Update daily limit.


219:             //Or Toggle Port Strategy.

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L31

File: ulysses-omnichain/BranchBridgeAgent.sol

184:         //Wrap the gas allocated for omnichain execution.


187:         //Perform Call without deposit


198:         //Wrap the gas allocated for omnichain execution.


201:         //Perform Call with deposit


211:         //Wrap the gas allocated for omnichain execution.


214:         //Perform Call with multiple deposits


225:         //Encode Data for cross-chain call.


230:         //Wrap the gas allocated for omnichain execution.


233:         //Perform Signed Call without deposit


244:         //Encode Data for cross-chain call.


259:         //Wrap the gas allocated for omnichain execution.


262:         //Create Deposit and Send Cross-Chain request


280:         //Normalize Deposits


287:         //Encode Data for cross-chain call.


303:         //Wrap the gas allocated for omnichain execution.


306:         //Create Deposit and Send Cross-Chain request


326:         //Check if deposit belongs to message sender


329:         //Encode Data for cross-chain call.


366:             //Nonce


401:         //Wrap the gas allocated for omnichain execution.


404:         //Deposit Gas to Port


407:         //Ensure success Status


410:         //Update Deposited Gas


413:         //Perform Call


424:         //Encode Data for cross-chain call.


428:         //Update State and Perform Call


434:         //Encode Data for cross-chain call.


437:         //Update State and Perform Call


442:         //Deposit Gas for call.


445:         //Perform Call


451:         //Update Deposit


469:         //Get remote call execution deposited gas.


473:         //Wrap the gas allocated for omnichain execution.


476:         //Check Fallback Gas


479:         //Encode Data for cross-chain call.


483:         //Perform Call


494:         //Get remote call execution deposited gas.


498:         //Wrap the gas allocated for omnichain execution.


501:         //Check Fallback Gas


504:         //Perform Call


516:         //Get remote call execution deposited gas.


520:         //Wrap the gas allocated for omnichain execution.


523:         //Check Fallback Gas


526:         //Perform Call


538:         //Get remote call execution deposited gas.


542:         //Wrap the gas allocated for omnichain execution.


545:         //Check Fallback Gas


548:         //Perform Call

570:         //Parse Params


579:         //Transfer token to recipient


581:             //Parse Params


622:             //Clear Tokens to destination


655:         //Encode Data for cross-chain call.


659:         //Perform Call


680:         //Encode Data for cross-chain call.


694:         //Create Deposit and Send Cross-Chain request


716:         //Normalize Deposits


723:         //Encode Data for cross-chain call.


738:         //Create Deposit and Send Cross-Chain request


758:         //Deposit Gas for call.


761:         //Perform Call


785:         //Deposit and Store Info


788:         //Perform Call


812:         //Validate Input


818:         //Deposit and Store Info


821:         //Perform Call


832:         //Deposit Gas to Port


865:         //Deposit / Lock Tokens into Port


868:         //Deposit Gas to Port


911:         //Deposit / Lock Tokens into Port


914:         //Deposit Gas to Port


947:         //Get Deposit


950:         //Transfer token to depositor / user


959:         //Delete Failed Deposit Token Info

994:         //Update and return Deposit



1007:         //Sends message to AnycallProxy


1019:         //Gas remaining


1022:         //Unwrap Gas


1025:         //Delete Remote Initiated Action State


1028:         ///Save gas left


1031:         //Get Branch Environment Execution Cost


1034:         //Check if sufficient balance


1040:         //Replenish Gas


1043:         //Transfer gas remaining to recipient


1046:         //Save Gas


1049:         //Check if sufficient balance


1062:         //Save gas


1065:         //Get Branch Environment Execution Cost


1068:         //Check if sufficient balance


1074:         //Update user deposit reverts if not enough gas => user must boost deposit with gas


1077:         //Withdraw Gas


1080:         //Unwrap Gas


1083:         //Replenish Gas


1092:         //Deposit Gas


1100:         //Cast to uint256


1102:         //Move Gas hTokens from Branch to Root / Mint Sufficient hTokens to match new port deposit


1113:     /*///////////////////////////////////////////////////////////////


1115:     //////////////////////////////////////////////////////////////*/


1124:         //Get Initial Gas Checkpoint


1127:         //Save Length


1130:         //Save deposited gas


1133:         //Store deposited gas for router interactions


1136:         //Action Recipient


1139:         //Get Action Flag


1142:         //DEPOSIT FLAG: 0 (No settlement)


1144:             //Get Settlement Nonce


1147:             //Check if tx has already been executed


1150:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1161:             //Update tx state as executed


1164:             //DEPOSIT FLAG: 1 (Single Asset Settlement)


1166:             //Get Settlement Nonce


1169:             //Check if tx has already been executed


1172:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1176:             //Try to execute remote request


1185:             //Update tx state as executed


1188:             //DEPOSIT FLAG: 2 (Multiple Settlement)


1190:             //Get deposit nonce


1193:             //Check if tx has already been executed


1196:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure


1200:             //Try to execute remote request


1209:             //Update tx state as executed


1212:             //Unrecognized Function Selector


1215:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.


1222:         //Deduct gas costs from deposit and replenish this bridge agent's execution budget.


1233:         //Get Initial Gas Checkpoint


1236:         //Save Flag


1239:         //Save memory for Deposit Nonce


1244:             //Check nonce calldata slice.


1247:             //Make tokens available to depositor.


1252:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.


1261:             //Make tokens available to depositor.


1266:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.


1273:             //Save nonce


1276:             //Make tokens available to depositor.


1281:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.


1288:             //Save nonce


1293:             //Make tokens available to depositor.


1298:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.


1303:             //Unrecognized Function Selector

[N-5] Large numeric literals should use underscores for readability

There are 20 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

24:     uint256 internal constant week = 86400 * 7;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L24

File: governance/GovernorBravoDelegateMaia.sol

18:     uint256 public constant MIN_VOTING_PERIOD = 80640; // About 2 weeks


21:     uint256 public constant MAX_VOTING_PERIOD = 161280; // About 4 weeks


24:     uint256 public constant MIN_VOTING_DELAY = 40320; // About 1 weeks


27:     uint256 public constant MAX_VOTING_DELAY = 80640; // About 2 weeks

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L18

File: talos/boost-aggregator/BoostAggregator.sol

56:     uint256 private constant DIVISIONER = 10000;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L56

File: ulysses-amm/UlyssesPool.sol

360:                 mstore(0x00, 0x87138d5c)


591:                     mstore(0x00, 0x35278d12)


647:                         mstore(0x00, 0x35278d12)


663:                 mstore(0x00, 0x35278d12)


1102:                 mstore(0x00, 0x3c930918)


1156:                 mstore(0x00, 0x3c930918)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L360

File: maia/libraries/DateTimeLib.sol

12: /// timestamp | 0..0x1e18549868c76ff | Unix timestamp.                  |


13: /// epochDay  | 0..0x16d3e098039     | Days since 1970-01-01.           |


40:         uint256 epochDay = timestamp / 86400;


44:             epochDay := add(epochDay, 719468)


45:             let doe := mod(epochDay, 146097)


46:             let yoe := div(sub(sub(add(doe, div(doe, 36524)), div(doe, 1460)), eq(doe, 146096)), 365)


57:             uint256 day = timestamp / 86400;


58:             startOfDay = day * 86400;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L12

[N-6] TODO in the code

TODOs may signal that a feature is missing or not ready for audit, consider resolving the issue and removing the TODO comment.

There are 2 instances of this issue:
File: uni-v3-staker/libraries/NFTPositionInfo.sol

9: // TODO: The INIT_CODE_HASH needs to be updated to the values that are live on the chain of it's deployment.

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/NFTPositionInfo.sol#L9

File: erc-4626/ERC4626DepositOnly.sol

74:     /// TODO: @inheritdoc IERC4626DepositOnly

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L74

[N-7] Using named parameters in mapping is best practice

There are 183 instances of this issue:
File: erc-20/ERC20Boost.sol

27:     mapping(address => mapping(address => GaugeState)) public override getUserGaugeBoost;


30:     mapping(address => uint256) public override getUserBoost;


30:     mapping(address => uint256) public override getUserBoost;


32:     mapping(address => EnumerableSet.AddressSet) internal _userGauges;


32:     mapping(address => EnumerableSet.AddressSet) internal _userGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L27

File: erc-20/ERC20Gauges.sol

44:     mapping(address => mapping(address => uint112)) public override getUserGaugeWeight;


48:     mapping(address => uint112) public override getUserWeight;


48:     mapping(address => uint112) public override getUserWeight;


52:     mapping(address => Weight) internal _getGaugeWeight;


52:     mapping(address => Weight) internal _getGaugeWeight;


57:     mapping(address => EnumerableSet.AddressSet) internal _userGauges;


57:     mapping(address => EnumerableSet.AddressSet) internal _userGauges;


394:     mapping(address => bool) public override canContractExceedMaxGauges;


394:     mapping(address => bool) public override canContractExceedMaxGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L44

File: erc-20/ERC20MultiVotes.sol

28:     mapping(address => Checkpoint[]) private _checkpoints;


28:     mapping(address => Checkpoint[]) private _checkpoints;


92:     mapping(address => bool) public override canContractExceedMaxDelegates;


92:     mapping(address => bool) public override canContractExceedMaxDelegates;


116:     mapping(address => mapping(address => uint256)) private _delegatesVotesCount;


119:     mapping(address => uint256) public userDelegatedVotes;


119:     mapping(address => uint256) public userDelegatedVotes;


122:     mapping(address => EnumerableSet.AddressSet) private _delegates;


122:     mapping(address => EnumerableSet.AddressSet) private _delegates;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L28

File: erc-4626/ERC4626MultiToken.sol

28:     mapping(address => uint256) public assetId;


28:     mapping(address => uint256) public assetId;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L28

File: gauges/BaseV2Gauge.sol

34:     mapping(FlywheelCore => bool) public override isActive;


34:     mapping(FlywheelCore => bool) public override isActive;


37:     mapping(FlywheelCore => bool) public override added;


37:     mapping(FlywheelCore => bool) public override added;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L34

File: gauges/factories/BaseV2GaugeFactory.sol

35:     mapping(BaseV2Gauge => uint256) public override gaugeIds;


35:     mapping(BaseV2Gauge => uint256) public override gaugeIds;


38:     mapping(BaseV2Gauge => bool) public override activeGauges;


38:     mapping(BaseV2Gauge => bool) public override activeGauges;


41:     mapping(address => BaseV2Gauge) public override strategyGauges;


41:     mapping(address => BaseV2Gauge) public override strategyGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L35

File: gauges/factories/BaseV2GaugeManager.sol

31:     mapping(BaseV2GaugeFactory => uint256) public gaugeFactoryIds;


31:     mapping(BaseV2GaugeFactory => uint256) public gaugeFactoryIds;


34:     mapping(BaseV2GaugeFactory => bool) public activeGaugeFactories;


34:     mapping(BaseV2GaugeFactory => bool) public activeGaugeFactories;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L31

File: gauges/factories/BribesFactory.sol

31:     mapping(FlywheelCore => uint256) public bribeFlywheelIds;


31:     mapping(FlywheelCore => uint256) public bribeFlywheelIds;


34:     mapping(FlywheelCore => bool) public activeBribeFlywheels;


34:     mapping(FlywheelCore => bool) public activeBribeFlywheels;


37:     mapping(address => FlywheelCore) public flywheelTokens;


37:     mapping(address => FlywheelCore) public flywheelTokens;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L31

File: governance/GovernorBravoInterfaces.sol

99:     mapping(uint256 => Proposal) public proposals;


99:     mapping(uint256 => Proposal) public proposals;


102:     mapping(address => uint256) public latestProposalIds;


102:     mapping(address => uint256) public latestProposalIds;


162:     mapping(address => uint256) public whitelistAccountExpirations;


162:     mapping(address => uint256) public whitelistAccountExpirations;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L99

File: hermes/UtilityManager.sol

31:     mapping(address => uint256) public userClaimedWeight;


31:     mapping(address => uint256) public userClaimedWeight;


33:     mapping(address => uint256) public userClaimedBoost;


33:     mapping(address => uint256) public userClaimedBoost;


35:     mapping(address => uint256) public userClaimedGovernance;


35:     mapping(address => uint256) public userClaimedGovernance;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L31

File: maia/factories/PartnerManagerFactory.sol

26:     mapping(PartnerManager => uint256) public override partnerIds;


26:     mapping(PartnerManager => uint256) public override partnerIds;


29:     mapping(IBaseVault => uint256) public override vaultIds;


29:     mapping(IBaseVault => uint256) public override vaultIds;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L26

File: maia/PartnerUtilityManager.sol

25:     mapping(address => uint256) public userClaimedPartnerGovernance;


25:     mapping(address => uint256) public userClaimedPartnerGovernance;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L25

File: out-of-scope/governance/GovernorBravoInterfaces.sol

99:     mapping(uint256 => Proposal) public proposals;


99:     mapping(uint256 => Proposal) public proposals;


102:     mapping(address => uint256) public latestProposalIds;


102:     mapping(address => uint256) public latestProposalIds;


162:     mapping(address => uint256) public whitelistAccountExpirations;


162:     mapping(address => uint256) public whitelistAccountExpirations;

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoInterfaces.sol#L99

File: rewards/base/FlywheelCore.sol

29:     mapping(ERC20 => uint256) public override strategyIds;


29:     mapping(ERC20 => uint256) public override strategyIds;


61:     mapping(address => uint256) public override rewardsAccrued;


61:     mapping(address => uint256) public override rewardsAccrued;


150:     mapping(ERC20 => uint256) public strategyIndex;


150:     mapping(ERC20 => uint256) public strategyIndex;


153:     mapping(ERC20 => mapping(address => uint256)) public userIndex;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L29

File: rewards/depots/MultiRewardsDepot.sol

16:     mapping(address => address) private _assets;


16:     mapping(address => address) private _assets;


19:     mapping(address => bool) private _isRewardsContract;


19:     mapping(address => bool) private _isRewardsContract;


22:     mapping(address => bool) private _isAsset;


22:     mapping(address => bool) private _isAsset;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L16

File: rewards/rewards/FlywheelBribeRewards.sol

19:     mapping(ERC20 => RewardsDepot) public override rewardsDepots;


19:     mapping(ERC20 => RewardsDepot) public override rewardsDepots;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L19

File: rewards/rewards/FlywheelGaugeRewards.sol

41:     mapping(ERC20 => QueuedRewards) public override gaugeQueuedRewards;


41:     mapping(ERC20 => QueuedRewards) public override gaugeQueuedRewards;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L41

File: talos/boost-aggregator/BoostAggregator.sol

38:     mapping(address => address) public userToRewardsDepot;


38:     mapping(address => address) public userToRewardsDepot;


41:     mapping(uint256 => address) public tokenIdToUser;


41:     mapping(uint256 => address) public tokenIdToUser;


44:     mapping(uint256 => uint256) public tokenIdRewards;


44:     mapping(uint256 => uint256) public tokenIdRewards;


47:     mapping(address => bool) public whitelistedAddresses;


47:     mapping(address => bool) public whitelistedAddresses;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L38

File: talos/factories/BoostAggregatorFactory.sol

27:     mapping(BoostAggregator => uint256) public boostAggregatorIds;


27:     mapping(BoostAggregator => uint256) public boostAggregatorIds;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L27

File: talos/factories/OptimizerFactory.sol

16:     mapping(TalosOptimizer => uint256) public optimizerIds;


16:     mapping(TalosOptimizer => uint256) public optimizerIds;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L16

File: talos/factories/TalosBaseStrategyFactory.sol

31:     mapping(TalosBaseStrategy => uint256) public strategyIds;


31:     mapping(TalosBaseStrategy => uint256) public strategyIds;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L31

File: ulysses-amm/factories/UlyssesFactory.sol

54:     mapping(uint256 => UlyssesPool) public pools;


54:     mapping(uint256 => UlyssesPool) public pools;


57:     mapping(uint256 => UlyssesToken) public tokens;


57:     mapping(uint256 => UlyssesToken) public tokens;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L54

File: ulysses-amm/UlyssesPool.sol

33:     mapping(uint256 => uint256) public destinations;


33:     mapping(uint256 => uint256) public destinations;


36:     mapping(address => uint256) public destinationIds;


36:     mapping(address => uint256) public destinationIds;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L33

File: ulysses-amm/UlyssesRouter.sol

14:     mapping(uint256 => UlyssesPool) private pools;


14:     mapping(uint256 => UlyssesPool) private pools;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L14

File: ulysses-omnichain/BranchBridgeAgent.sol

121:     mapping(uint32 => Deposit) public getDeposit;


121:     mapping(uint32 => Deposit) public getDeposit;


128:     mapping(uint32 => bool) public executionHistory;


128:     mapping(uint32 => bool) public executionHistory;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L121

File: ulysses-omnichain/BranchPort.sol

26:     mapping(address => bool) public isBridgeAgent;


26:     mapping(address => bool) public isBridgeAgent;


39:     mapping(address => bool) public isBridgeAgentFactory;


39:     mapping(address => bool) public isBridgeAgentFactory;


53:     mapping(address => bool) public isStrategyToken;


53:     mapping(address => bool) public isStrategyToken;


62:     mapping(address => uint256) public getStrategyTokenDebt;


62:     mapping(address => uint256) public getStrategyTokenDebt;


65:     mapping(address => uint256) public getMinimumTokenReserveRatio;


65:     mapping(address => uint256) public getMinimumTokenReserveRatio;


70:     mapping(address => mapping(address => bool)) public isPortStrategy;


79:     mapping(address => mapping(address => uint256)) public getPortStrategyTokenDebt;


82:     mapping(address => mapping(address => uint256)) public lastManaged;


85:     mapping(address => mapping(address => uint256)) public strategyDailyLimitAmount;


88:     mapping(address => mapping(address => uint256)) public strategyDailyLimitRemaining;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L26

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

37:     mapping(address => address) public getBridgeAgentManager;


37:     mapping(address => address) public getBridgeAgentManager;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L37

File: ulysses-omnichain/RootBridgeAgent.sol

153:     mapping(uint256 => address) public getBranchBridgeAgent;


153:     mapping(uint256 => address) public getBranchBridgeAgent;


156:     mapping(uint256 => bool) public isBranchBridgeAgentAllowed;


156:     mapping(uint256 => bool) public isBranchBridgeAgentAllowed;


166:     mapping(uint32 => Settlement) public getSettlement;


166:     mapping(uint32 => Settlement) public getSettlement;


173:     mapping(uint256 => mapping(uint32 => bool)) public executionHistory;


642:     mapping(address => bool) private approvedGasPool;


642:     mapping(address => bool) private approvedGasPool;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L153

File: ulysses-omnichain/RootPort.sol

46:     mapping(address => VirtualAccount) public getUserAccount;


46:     mapping(address => VirtualAccount) public getUserAccount;


50:     mapping(VirtualAccount => mapping(address => bool)) public isRouterApproved;


57:     mapping(uint256 => bool) public isChainId;


57:     mapping(uint256 => bool) public isChainId;


60:     mapping(address => bool) public isBridgeAgent;


60:     mapping(address => bool) public isBridgeAgent;


69:     mapping(address => address) public getBridgeAgentManager;


69:     mapping(address => address) public getBridgeAgentManager;


76:     mapping(address => bool) public isBridgeAgentFactory;


76:     mapping(address => bool) public isBridgeAgentFactory;


89:     mapping(address => bool) public isGlobalAddress;


89:     mapping(address => bool) public isGlobalAddress;


92:     mapping(address => mapping(uint256 => address)) public getGlobalTokenFromLocal;


95:     mapping(address => mapping(uint256 => address)) public getLocalTokenFromGlobal;


98:     mapping(address => mapping(uint256 => address)) public getLocalTokenFromUnder;


101:     mapping(address => mapping(uint256 => address)) public getUnderlyingTokenFromLocal;


108:     mapping(uint256 => address) public getWrappedNativeToken;


108:     mapping(uint256 => address) public getWrappedNativeToken;


111:     mapping(uint256 => GasPoolInfo) public getGasPoolInfo;


111:     mapping(uint256 => GasPoolInfo) public getGasPoolInfo;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L46

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

27:     mapping(uint256 => uint256) public getTokenBalance;


27:     mapping(uint256 => uint256) public getTokenBalance;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L27

File: uni-v3-staker/UniswapV3Staker.sol

33:     mapping(address => IUniswapV3Pool) public gaugePool;


33:     mapping(address => IUniswapV3Pool) public gaugePool;


36:     mapping(IUniswapV3Pool => UniswapV3Gauge) public gauges;


36:     mapping(IUniswapV3Pool => UniswapV3Gauge) public gauges;


39:     mapping(IUniswapV3Pool => address) public bribeDepots;


39:     mapping(IUniswapV3Pool => address) public bribeDepots;


42:     mapping(IUniswapV3Pool => uint24) public poolsMinimumWidth;


42:     mapping(IUniswapV3Pool => uint24) public poolsMinimumWidth;


45:     mapping(bytes32 => Incentive) public override incentives;


45:     mapping(bytes32 => Incentive) public override incentives;


48:     mapping(uint256 => Deposit) public override deposits;


48:     mapping(uint256 => Deposit) public override deposits;


51:     mapping(address => mapping(IUniswapV3Pool => uint256)) private _userAttachements;


54:     mapping(uint256 => mapping(bytes32 => Stake)) private _stakes;


57:     mapping(uint256 => IncentiveKey) private stakedIncentiveKey;


57:     mapping(uint256 => IncentiveKey) private stakedIncentiveKey;


80:     mapping(address => uint256) public override rewards;


80:     mapping(address => uint256) public override rewards;


83:     mapping(uint256 => uint256) public tokenIdRewards;


83:     mapping(uint256 => uint256) public tokenIdRewards;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L33

[N-8] Function ordering does not follow the Solidity style guide

Source: https://docs.soliditylang.org/en/v0.8.17/style-guide.html#order-of-layout

There are 124 instances of this issue:
File: erc-20/ERC20Boost.sol

86:  // @audit Function order is incorrect, external view function can not go after public view function (line 81)
87:     function userGauges(address user) external view returns (address[] memory) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L86-L87

File: erc-20/ERC20Gauges.sol

39:  // @audit Function order is incorrect, state variable declaration can not go after constructor (line 28)
40:     uint32 public immutable override gaugeCycleLength;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L39-L40

File: erc-20/ERC20MultiVotes.sol

80:  // @audit Function order is incorrect, internal pure function can not go after private view function (line 64)
81:     function average(uint256 a, uint256 b) internal pure returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L80-L81

File: erc-20/interfaces/IERC20Boost.sol

140:  // @audit Function order is incorrect, external  function can not go after external view function (line 130)
141:     function attach(address user) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L140-L141

File: erc-20/interfaces/IERC20Gauges.sol

170:  // @audit Function order is incorrect, external  function can not go after external view function (line 158)
171:     function incrementGauge(address gauge, uint112 weight) external returns (uint112 newUserWeight);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Gauges.sol#L170-L171

File: erc-20/interfaces/IERC20MultiVotes.sol

81:  // @audit Function order is incorrect, external  function can not go after external view function (line 76)
82:     function setMaxDelegates(uint256 newMax) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20MultiVotes.sol#L81-L82

File: erc-4626/ERC4626MultiToken.sol

39:  // @audit Function order is incorrect, constructor can not go after external view function (line 35)
40:     constructor(address[] memory _assets, uint256[] memory _weights, string memory _name, string memory _symbol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L39-L40

File: erc-4626/interfaces/IERC4626.sol

93:  // @audit Function order is incorrect, event definition can not go after external view function (line 87)
94:     event Deposit(address indexed caller, address indexed owner, uint256 assets, uint256 shares);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626.sol#L93-L94

File: erc-4626/interfaces/IERC4626DepositOnly.sol

16:  // @audit Function order is incorrect, external  function can not go after external view function (line 9)
17:     function deposit(uint256 assets, address receiver) external returns (uint256 shares);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626DepositOnly.sol#L16-L17

File: erc-4626/interfaces/IERC4626MultiToken.sol

50:  // @audit Function order is incorrect, external  function can not go after external view function (line 43)
51:     function deposit(uint256[] calldata assetsAmounts, address receiver) external returns (uint256 shares);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626MultiToken.sol#L50-L51

File: erc-4626/interfaces/IUlyssesERC4626.sol

80:  // @audit Function order is incorrect, custom error definition can not go after external view function (line 73)
81:     error InvalidAssetDecimals();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IUlyssesERC4626.sol#L80-L81

File: gauges/BaseV2Gauge.sol

83:  // @audit Function order is incorrect, external  function can not go after external view function (line 74)
84:     function newEpoch() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L83-L84

File: gauges/factories/BaseV2GaugeFactory.sol

73:  // @audit Function order is incorrect, external  function can not go after external view function (line 64)
74:     function newEpoch() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L73-L74

File: gauges/factories/BaseV2GaugeManager.sol

60:  // @audit Function order is incorrect, external  function can not go after external view function (line 51)
61:     function newEpoch() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L60-L61

File: gauges/factories/BribesFactory.sol

72:  // @audit Function order is incorrect, external  function can not go after external view function (line 63)
73:     function addGaugetoFlywheel(address gauge, address bribeToken) external onlyGaugeFactory {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L72-L73

File: gauges/factories/UniswapV3GaugeFactory.sol

98:  // @audit Function order is incorrect, external  function can not go after internal  function (line 89)
99:     function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L98-L99

File: gauges/interfaces/IBaseV2Gauge.sol

82:  // @audit Function order is incorrect, external  function can not go after external view function (line 74)
83:     function newEpoch() external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2Gauge.sol#L82-L83

File: gauges/interfaces/IBaseV2GaugeFactory.sol

79:  // @audit Function order is incorrect, external  function can not go after external view function (line 72)
80:     function newEpoch() external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeFactory.sol#L79-L80

File: gauges/interfaces/IBaseV2GaugeManager.sol

49:  // @audit Function order is incorrect, external  function can not go after external view function (line 42)
50:     function newEpoch() external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeManager.sol#L49-L50

File: gauges/interfaces/IBribesFactory.sol

49:  // @audit Function order is incorrect, external  function can not go after external view function (line 37)
50:     function addGaugetoFlywheel(address gauge, address bribeToken) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBribesFactory.sol#L49-L50

File: gauges/interfaces/IUniswapV3Gauge.sol

68:  // @audit Function order is incorrect, event definition can not go after external view function (line 61)
69:     event NewMinimumWidth(uint24 minimumWidth);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IUniswapV3Gauge.sol#L68-L69

File: gauges/interfaces/IUniswapV3GaugeFactory.sol

60:  // @audit Function order is incorrect, external  function can not go after external view function (line 53)
61:     function setMinimumWidth(address gauge, uint24 minimumWidth) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IUniswapV3GaugeFactory.sol#L60-L61

File: gauges/UniswapV3Gauge.sol

62:  // @audit Function order is incorrect, external  function can not go after internal  function (line 53)
63:     function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62-L63

File: governance/GovernorBravoDelegateMaia.sol

104:  // @audit Function order is incorrect, public  function can not go after public view function (line 91)
105:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L104-L105

File: governance/GovernorBravoDelegator.sol

71:  // @audit Function order is incorrect, fallback function can not go after internal  function (line 59)
72:     fallback() external payable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L71-L72

File: governance/GovernorBravoInterfaces.sol

105:  // @audit Function order is incorrect, struct definition can not go after state variable declaration (line 103)
106:     struct Proposal {


169:  // @audit Function order is incorrect, interface can not go after contract definition (line 161)
170: interface TimelockInterface {


172:  // @audit Function order is incorrect, external  function can not go after external view function (line 171)
173:     function acceptAdmin() external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L105-L106

File: hermes/bHermes.sol

69:  // @audit Function order is incorrect, modifier definition can not go after constructor (line 55)
70:     modifier checkWeight(uint256 amount) override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L69-L70

File: hermes/interfaces/IBaseV2Minter.sol

52:  // @audit Function order is incorrect, external  function can not go after external view function (line 45)
53:     function initialize(FlywheelGaugeRewards _flywheelGaugeRewards) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L52-L53

File: hermes/interfaces/IbHermesUnderlying.sol

54:  // @audit Function order is incorrect, external  function can not go after external view function (line 47)
55:     function mint(address to, uint256 amount) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IbHermesUnderlying.sol#L54-L55

File: hermes/interfaces/IUtilityManager.sol

42:  // @audit Function order is incorrect, external  function can not go after external view function (line 35)
43:     function forfeitMultiple(uint256 amount) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IUtilityManager.sol#L42-L43

File: hermes/minters/BaseV2Minter.sol

123:  // @audit Function order is incorrect, public  function can not go after public view function (line 118)
124:     function updatePeriod() public returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L123-L124

File: hermes/tokens/bHermesBoost.sol

32:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 28)
33:     modifier onlybHermes() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L32-L33

File: hermes/tokens/bHermesGauges.sol

39:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 35)
40:     modifier onlybHermes() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L39-L40

File: hermes/tokens/bHermesVotes.sol

39:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 35)
40:     modifier onlybHermes() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L39-L40

File: hermes/UtilityManager.sol

141:  // @audit Function order is incorrect, modifier definition can not go after public  function (line 128)
142:     modifier checkWeight(uint256 amount) virtual;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L141-L142

File: maia/factories/PartnerManagerFactory.sol

58:  // @audit Function order is incorrect, external  function can not go after external view function (line 49)
59:     function addPartner(PartnerManager newPartnerManager) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L58-L59

File: maia/interfaces/IERC4626PartnerManager.sol

36:  // @audit Function order is incorrect, external  function can not go after external view function (line 28)
37:     function updateUnderlyingBalance() external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IERC4626PartnerManager.sol#L36-L37

File: maia/interfaces/IPartnerManagerFactory.sol

44:  // @audit Function order is incorrect, external  function can not go after external view function (line 37)
45:     function addPartner(PartnerManager newPartnerManager) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IPartnerManagerFactory.sol#L44-L45

File: maia/interfaces/IPartnerUtilityManager.sol

31:  // @audit Function order is incorrect, external  function can not go after external view function (line 24)
32:     function forfeitMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance, uint256 partnerGovernance)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IPartnerUtilityManager.sol#L31-L32

File: maia/PartnerUtilityManager.sol

168:  // @audit Function order is incorrect, modifier definition can not go after public  function (line 158)
169:     modifier checkPartnerGovernance(uint256 amount) virtual;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L168-L169

File: maia/tokens/ERC4626PartnerManager.sol

188:  // @audit Function order is incorrect, external  function can not go after public view function (line 179)
189:     function migratePartnerVault(address newPartnerVault) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L188-L189

File: maia/vMaia.sol

67:  // @audit Function order is incorrect, modifier definition can not go after constructor (line 48)
68:     modifier checkWeight(uint256 amount) virtual override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L67-L68

File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol

106:  // @audit Function order is incorrect, public  function can not go after public view function (line 93)
107:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity1.sol#L106-L107

File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol

106:  // @audit Function order is incorrect, public  function can not go after public view function (line 93)
107:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity2.sol#L106-L107

File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol

106:  // @audit Function order is incorrect, public  function can not go after public view function (line 93)
107:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity3.sol#L106-L107

File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol

106:  // @audit Function order is incorrect, public  function can not go after public view function (line 93)
107:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity4.sol#L106-L107

File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol

106:  // @audit Function order is incorrect, public  function can not go after public view function (line 93)
107:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity5.sol#L106-L107

File: out-of-scope/governance/GovernorBravoDelegator.sol

70:  // @audit Function order is incorrect, fallback function can not go after internal  function (line 58)
71:     fallback() external payable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegator.sol#L70-L71

File: out-of-scope/governance/GovernorBravoInterfaces.sol

105:  // @audit Function order is incorrect, struct definition can not go after state variable declaration (line 103)
106:     struct Proposal {


169:  // @audit Function order is incorrect, interface can not go after contract definition (line 161)
170: interface TimelockInterface {


172:  // @audit Function order is incorrect, external  function can not go after external view function (line 171)
173:     function acceptAdmin() external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoInterfaces.sol#L105-L106

File: rewards/base/BaseFlywheelRewards.sol

43:  // @audit Function order is incorrect, modifier definition can not go after constructor (line 31)
44:     modifier onlyFlywheel() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L43-L44

File: rewards/base/FlywheelCore.sol

62:  // @audit Function order is incorrect, state variable declaration can not go after external view function (line 53)
63:     mapping(address => uint256) public override rewardsAccrued;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L62-L63

File: rewards/depots/MultiRewardsDepot.sol

72:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 57)
73:     modifier onlyFlywheelRewards() override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L72-L73

File: rewards/depots/RewardsDepot.sol

24:  // @audit Function order is incorrect, modifier definition can not go after internal  function (line 19)
25:     modifier onlyFlywheelRewards() virtual;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L24-L25

File: rewards/depots/SingleRewardsDepot.sol

40:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 32)
41:     modifier onlyFlywheelRewards() override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L40-L41

File: rewards/interfaces/IFlywheelAcummulatedRewards.sol

35:  // @audit Function order is incorrect, external  function can not go after external view function (line 24)
36:     function getAccruedRewards(ERC20 strategy) external returns (uint256 amount);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelAcummulatedRewards.sol#L35-L36

File: rewards/interfaces/IFlywheelBribeRewards.sol

28:  // @audit Function order is incorrect, external  function can not go after external view function (line 22)
29:     function setRewardsDepot(RewardsDepot rewardsDepot) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBribeRewards.sol#L28-L29

File: rewards/interfaces/IFlywheelCore.sol

57:  // @audit Function order is incorrect, external  function can not go after external view function (line 46)
58:     function accrue(address user) external returns (uint256);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L57-L58

File: rewards/interfaces/IFlywheelGaugeRewards.sol

72:  // @audit Function order is incorrect, external  function can not go after external view function (line 59)
73:     function queueRewardsForCycle() external returns (uint256 totalQueuedForCycle);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelGaugeRewards.sol#L72-L73

File: rewards/interfaces/IFlywheelRewards.sol

45:  // @audit Function order is incorrect, custom error definition can not go after external view function (line 38)
46:     error FlywheelError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L45-L46

File: rewards/interfaces/IMultiRewardsDepot.sol

85:  // @audit Function order is incorrect, event definition can not go after external  function (line 74)
86:     event AssetAdded(address indexed rewardsContract, address indexed asset);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IMultiRewardsDepot.sol#L85-L86

File: rewards/interfaces/IRewardsDepot.sol

58:  // @audit Function order is incorrect, custom error definition can not go after external  function (line 51)
59:     error FlywheelRewardsError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IRewardsDepot.sol#L58-L59

File: rewards/rewards/FlywheelBribeRewards.sol

37:  // @audit Function order is incorrect, external  function can not go after internal  function (line 32)
38:     function setRewardsDepot(RewardsDepot rewardsDepot) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L37-L38

File: rewards/rewards/FlywheelGaugeRewards.sol

200:  // @audit Function order is incorrect, external  function can not go after internal  function (line 169)
201:     function getAccruedRewards() external returns (uint256 accruedRewards) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L200-L201

File: talos/base/TalosBaseStrategy.sol

298:  // @audit Function order is incorrect, external  function can not go after public  function (line 238)
299:     function rerange() external virtual override nonReentrant checkDeviation onlyStrategyManager {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L298-L299

File: talos/boost-aggregator/BoostAggregator.sol

190:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 180)
191:     modifier onlyWhitelisted(address from) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L190-L191

File: talos/factories/BoostAggregatorFactory.sol

51:  // @audit Function order is incorrect, external  function can not go after external view function (line 42)
52:     function createBoostAggregator(address owner) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L51-L52

File: talos/factories/OptimizerFactory.sol

26:  // @audit Function order is incorrect, constructor can not go after external view function (line 19)
27:     constructor() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L26-L27

File: talos/factories/TalosBaseStrategyFactory.sol

55:  // @audit Function order is incorrect, external  function can not go after external view function (line 46)
56:     function createTalosBaseStrategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L55-L56

File: talos/interfaces/IBoostAggregator.sol

64:  // @audit Function order is incorrect, external  function can not go after external view function (line 54)
65:     function setOwnRewardsDepot(address rewardsDepot) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IBoostAggregator.sol#L64-L65

File: talos/interfaces/IBoostAggregatorFactory.sol

53:  // @audit Function order is incorrect, external  function can not go after external view function (line 43)
54:     function createBoostAggregator(address owner) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IBoostAggregatorFactory.sol#L53-L54

File: talos/interfaces/IOptimizerFactory.sol

38:  // @audit Function order is incorrect, external  function can not go after external view function (line 23)
39:     function createTalosOptimizer(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IOptimizerFactory.sol#L38-L39

File: talos/interfaces/ITalosBaseStrategy.sol

106:  // @audit Function order is incorrect, external  function can not go after external view function (line 98)
107:     function init(uint256 amount0Desired, uint256 amount1Desired, address receiver)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L106-L107

File: talos/interfaces/ITalosBaseStrategyFactory.sol

58:  // @audit Function order is incorrect, external  function can not go after external view function (line 45)
59:     function createTalosBaseStrategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategyFactory.sol#L58-L59

File: talos/interfaces/ITalosOptimizer.sol

36:  // @audit Function order is incorrect, external  function can not go after external view function (line 26)
37:     function setMaxTotalSupply(uint256 _maxTotalSupply) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosOptimizer.sol#L36-L37

File: talos/interfaces/ITalosStrategyStakedFactory.sol

38:  // @audit Function order is incorrect, custom error definition can not go after external view function (line 31)
39:     error InvalidNFTManager();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosStrategyStakedFactory.sol#L38-L39

File: talos/libraries/PoolActions.sol

26:  // @audit Function order is incorrect, struct definition can not go after event definition (line 23)
27:     struct SwapCallbackData {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L26-L27

File: talos/libraries/PoolVariables.sol

31:  // @audit Function order is incorrect, struct definition can not go after event definition (line 28)
32:     struct Info {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L31-L32

File: talos/TalosManager.sol

91:  // @audit Function order is incorrect, external view function can not go after private view function (line 78)
92:     function checkUpkeep(bytes calldata) external view override returns (bool upkeepNeeded, bytes memory performData) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L91-L92

File: talos/TalosStrategyVanilla.sol

165:  // @audit Function order is incorrect, event definition can not go after internal  function (line 129)
166:     event CollectFees(uint256 feesFromPool0, uint256 feesFromPool1, uint256 usersFees0, uint256 usersFees1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L165-L166

File: ulysses-amm/factories/UlyssesFactory.sol

49:  // @audit Function order is incorrect, state variable declaration can not go after custom error definition (line 46)
50:     uint256 public poolId = 1;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L49-L50

File: ulysses-amm/interfaces/IUlyssesPool.sol

138:  // @audit Function order is incorrect, external  function can not go after external view function (line 128)
139:     function claimProtocolFees() external returns (uint256 claimed);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesPool.sol#L138-L139

File: ulysses-amm/interfaces/IUlyssesRouter.sol

77:  // @audit Function order is incorrect, external  function can not go after external view function (line 68)
78:     function addLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesRouter.sol#L77-L78

File: ulysses-amm/interfaces/IUlyssesToken.sol

69:  // @audit Function order is incorrect, custom error definition can not go after external  function (line 62)
70:     error AssetAlreadyAdded();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesToken.sol#L69-L70

File: ulysses-amm/UlyssesPool.sol

112:  // @audit Function order is incorrect, external view function can not go after public view function (line 107)
113:     function getBandwidth(uint256 destinationId) external view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L112-L113

File: ulysses-amm/UlyssesRouter.sol

49:  // @audit Function order is incorrect, external  function can not go after private  function (line 31)
50:     function addLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L49-L50

File: ulysses-amm/UlyssesToken.sol

44:  // @audit Function order is incorrect, external  function can not go after public view function (line 39)
45:     function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L44-L45

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

142:  // @audit Function order is incorrect, internal  function can not go after internal pure function (line 134)
143:     function _performCall(bytes memory _callData) internal override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L142-L143

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

112:  // @audit Function order is incorrect, external  function can not go after internal  function (line 75)
113:     function anyExecuteNoSettlement(bytes calldata _data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L112-L113

File: ulysses-omnichain/BaseBranchRouter.sol

58:  // @audit Function order is incorrect, external payable function can not go after external view function (line 49)
59:     function callOut(bytes calldata params, uint128 remoteExecutionGas) external payable lock {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L58-L59

File: ulysses-omnichain/BranchBridgeAgent.sol

183:  // @audit Function order is incorrect, external payable function can not go after external view function (line 174)
184:     function callOut(bytes calldata _params, uint128 _remoteExecutionGas) external payable lock requiresFallbackGas {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L183-L184

File: ulysses-omnichain/BranchPort.sol

158:  // @audit Function order is incorrect, external  function can not go after internal view function (line 149)
159:     function manage(address _token, uint256 _amount) external requiresPortStrategy(_token) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L158-L159

File: ulysses-omnichain/CoreBranchRouter.sol

229:  // @audit Function order is incorrect, external  function can not go after internal  function (line 206)
230:     function anyExecuteNoSettlement(bytes calldata _data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L229-L230

File: ulysses-omnichain/CoreRootRouter.sol

227:  // @audit Function order is incorrect, external payable function can not go after internal  function (line 208)
228:     function toggleBranchBridgeAgentFactory(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L227-L228

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

75:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 60)
76:     modifier requiresCoreRouter() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L75-L76

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

74:  // @audit Function order is incorrect, modifier definition can not go after external  function (line 54)
75:     modifier requiresCoreRouter() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L74-L75

File: ulysses-omnichain/interfaces/IAnycallConfig.sol

11:  // @audit Function order is incorrect, external payable function can not go after external view function (line 9)
12:     function deposit(address _account) external payable;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IAnycallConfig.sol#L11-L12

File: ulysses-omnichain/interfaces/IAnycallExecutor.sol

9:  // @audit Function order is incorrect, external  function can not go after external view function (line 7)
10:     function execute(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IAnycallExecutor.sol#L9-L10

File: ulysses-omnichain/interfaces/IAnycallProxy.sol

11:  // @audit Function order is incorrect, external payable function can not go after external view function (line 9)
12:     function anyCall(address _to, bytes calldata _data, uint256 _toChainID, uint256 _flags, bytes calldata _extdata)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IAnycallProxy.sol#L11-L12

File: ulysses-omnichain/interfaces/IArbitrumBranchPort.sol

45:  // @audit Function order is incorrect, custom error definition can not go after external  function (line 38)
46:     error UnknownToken();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IArbitrumBranchPort.sol#L45-L46

File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol

168:  // @audit Function order is incorrect, external payable function can not go after external view function (line 155)
169:     function callOut(bytes calldata params, uint128 remoteExecutionGas) external payable;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchBridgeAgent.sol#L168-L169

File: ulysses-omnichain/interfaces/IBranchPort.sol

56:  // @audit Function order is incorrect, external  function can not go after external view function (line 45)
57:     function manage(address _token, uint256 _amount) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchPort.sol#L56-L57

File: ulysses-omnichain/interfaces/IBranchRouter.sol

42:  // @audit Function order is incorrect, external payable function can not go after external view function (line 29)
43:     function callOut(bytes calldata params, uint128 rootExecutionGas) external payable;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchRouter.sol#L42-L43

File: ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol

28:  // @audit Function order is incorrect, custom error definition can not go after external  function (line 22)
29:     error UnrecognizedCoreRouter();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol#L28-L29

File: ulysses-omnichain/interfaces/IERC20hTokenRoot.sol

47:  // @audit Function order is incorrect, external  function can not go after external view function (line 34)
48:     function mint(address to, uint256 amount, uint256 chainId) external returns (bool);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenRoot.sol#L47-L48

File: ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol

28:  // @audit Function order is incorrect, custom error definition can not go after external  function (line 22)
29:     error UnrecognizedCoreRouter();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol#L28-L29

File: ulysses-omnichain/interfaces/IPortStrategy.sol

29:  // @audit Function order is incorrect, custom error definition can not go after external  function (line 23)
30:     error UnrecognizedPort();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IPortStrategy.sol#L29-L30

File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol

213:  // @audit Function order is incorrect, external payable function can not go after external view function (line 200)
214:     function callOut(address _recipient, bytes memory _calldata, uint24 _toChain) external payable;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootBridgeAgent.sol#L213-L214

File: ulysses-omnichain/interfaces/IRootPort.sol

14:  // @audit Function order is incorrect, type definition can not go after interface (line 8)
15: struct GasPoolInfo {


48:  // @audit Function order is incorrect, external  function can not go after external view function (line 45)
49:     function isRouterApproved(VirtualAccount _userAccount, address _router) external returns (bool);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootPort.sol#L14-L15

File: ulysses-omnichain/interfaces/IRootRouter.sol

121:  // @audit Function order is incorrect, custom error definition can not go after external payable function (line 109)
122:     error UnrecognizedBridgeAgentExecutor();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootRouter.sol#L121-L122

File: ulysses-omnichain/interfaces/IVirtualAccount.sol

35:  // @audit Function order is incorrect, external  function can not go after external view function (line 28)
36:     function withdrawERC20(address _token, uint256 _amount) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IVirtualAccount.sol#L35-L36

File: ulysses-omnichain/interfaces/IWETH9.sol

11:  // @audit Function order is incorrect, external  function can not go after external view function (line 9)
12:     function transfer(address dst, uint256 wad) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IWETH9.sol#L11-L12

File: ulysses-omnichain/MulticallRootRouter.sol

166:  // @audit Function order is incorrect, external payable function can not go after internal  function (line 137)
167:     function anyExecuteResponse(bytes1, bytes calldata, uint24)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L166-L167

File: ulysses-omnichain/RootBridgeAgent.sol

244:  // @audit Function order is incorrect, external payable function can not go after external view function (line 235)
245:     function retrySettlement(uint32 _settlementNonce, uint128 _remoteExecutionGas) external payable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L244-L245

File: ulysses-omnichain/RootPort.sol

126:  // @audit Function order is incorrect, state variable declaration can not go after constructor (line 114)
127:     bool internal _setup;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L126-L127

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

57:  // @audit Function order is incorrect, modifier definition can not go after constructor (line 38)
58:     modifier requiresPort() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L57-L58

File: ulysses-omnichain/VirtualAccount.sol

69:  // @audit Function order is incorrect, modifier definition can not go after external pure function (line 60)
70:     modifier requiresApprovedCaller() {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L69-L70

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

171:  // @audit Function order is incorrect, external  function can not go after external view function (line 162)
172:     function createIncentiveFromGauge(uint256 reward) external;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L171-L172

File: uni-v3-staker/libraries/IncentiveTime.sol

13:  // @audit Function order is incorrect, state variable declaration can not go after custom error definition (line 11)
14:     uint256 private constant INCENTIVES_DURATION = 1 weeks; // Incentives are 1 week long and start at THURSDAY 12:00:00 UTC (00:00:00 UTC + 12 hours (INCENTIVE_OFFSET))

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L13-L14

File: uni-v3-staker/UniswapV3Staker.sol

76:  // @audit Function order is incorrect, external view function can not go after public view function (line 61)
77:     function userAttachements(address user, IUniswapV3Pool pool) external view override returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L76-L77

[N-9] Private and internal variables must start with an underscore

There are 231 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

79:     function average(uint256 a, uint256 b) internal pure returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L79

File: erc-4626/ERC4626.sol

170:     function beforeWithdraw(uint256 assets, uint256 shares) internal virtual {}


172:     function afterDeposit(uint256 assets, uint256 shares) internal virtual {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L170

File: erc-4626/ERC4626DepositOnly.sol

110:     function afterDeposit(uint256 assets, uint256 shares) internal virtual {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L110

File: erc-4626/ERC4626MultiToken.sol

65:     function receiveAssets(uint256[] memory assetsAmounts) private {


76:     function sendAssets(uint256[] memory assetsAmounts, address receiver) private {


291:     function beforeWithdraw(uint256[] memory assetsAmounts, uint256 shares) internal virtual {}


293:     function afterDeposit(uint256[] memory assetsAmounts, uint256 shares) internal virtual {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L65

File: erc-4626/UlyssesERC4626.sol

128:     function beforeDeposit(uint256 assets) internal virtual returns (uint256 shares);


131:     function beforeMint(uint256 shares) internal virtual returns (uint256 assets);


134:     function afterRedeem(uint256 shares) internal virtual returns (uint256 assets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L128

File: gauges/BaseV2Gauge.sol

49:     FlywheelCore[] private bribeFlywheels;


52:     uint256 internal constant WEEK = 1 weeks;


97:     function distribute(uint256 amount) internal virtual;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L49

File: gauges/factories/BaseV2GaugeFactory.sol

124:     function afterCreateGauge(address strategy, bytes memory data) internal virtual;


126:     function newGauge(address strategy, bytes memory data) internal virtual returns (BaseV2Gauge gauge);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L124

File: gauges/factories/BribesFactory.sol

25:     FlywheelBoosterGaugeWeight private immutable flywheelGaugeWeightBooster;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L25

File: gauges/factories/UniswapV3GaugeFactory.sol

75:     function newGauge(address strategy, bytes memory data) internal override returns (BaseV2Gauge) {


88:     function afterCreateGauge(address strategy, bytes memory) internal override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L75

File: gauges/UniswapV3Gauge.sol

52:     function distribute(uint256 amount) internal override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L52

File: governance/GovernorBravoDelegateMaia.sol

189:     function queueOrRevertInternal(


360:     function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {


396:     function _setVotingDelay(uint256 newVotingDelay) external {


412:     function _setVotingPeriod(uint256 newVotingPeriod) external {


429:     function _setProposalThreshold(uint256 newProposalThreshold) external {


446:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


460:     function _setWhitelistGuardian(address account) external {


473:     function _initiate(address governorAlpha) external {


486:     function _setPendingAdmin(address newPendingAdmin) external {


504:     function _acceptAdmin() external {


524:     function add256(uint256 a, uint256 b) internal pure returns (uint256) {


530:     function sub256(uint256 a, uint256 b) internal pure returns (uint256) {


535:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L189

File: governance/GovernorBravoDelegator.sol

40:     function _setImplementation(address implementation_) public {


58:     function delegateTo(address callee, bytes memory data) internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L40

File: hermes/minters/BaseV2Minter.sol

23:     uint256 internal constant week = 86400 * 7;


25:     uint256 internal constant base = 1000;


27:     uint256 internal constant max_tail_emission = 100;


28:     uint256 internal constant max_dao_share = 300;


50:     address internal initializer;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L23

File: maia/vMaia.sol

33:     uint256 private currentMonth;


34:     uint256 private unstakePeriodEnd;


101:     function beforeWithdraw(uint256, uint256) internal override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L33

File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol

191:     function queueOrRevertInternal(


362:     function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {


526:     function add256(uint256 a, uint256 b) internal pure returns (uint256) {


532:     function sub256(uint256 a, uint256 b) internal pure returns (uint256) {


537:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity1.sol#L191

File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol

191:     function queueOrRevertInternal(


362:     function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {


526:     function add256(uint256 a, uint256 b) internal pure returns (uint256) {


532:     function sub256(uint256 a, uint256 b) internal pure returns (uint256) {


537:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity2.sol#L191

File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol

191:     function queueOrRevertInternal(


362:     function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {


526:     function add256(uint256 a, uint256 b) internal pure returns (uint256) {


532:     function sub256(uint256 a, uint256 b) internal pure returns (uint256) {


537:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity3.sol#L191

File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol

191:     function queueOrRevertInternal(


362:     function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {


526:     function add256(uint256 a, uint256 b) internal pure returns (uint256) {


532:     function sub256(uint256 a, uint256 b) internal pure returns (uint256) {


537:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity4.sol#L191

File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol

191:     function queueOrRevertInternal(


362:     function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {


526:     function add256(uint256 a, uint256 b) internal pure returns (uint256) {


532:     function sub256(uint256 a, uint256 b) internal pure returns (uint256) {


537:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity5.sol#L191

File: out-of-scope/governance/GovernorBravoDelegator.sol

39:     function _setImplementation(address implementation_) public {


57:     function delegateTo(address callee, bytes memory data) internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegator.sol#L39

File: rewards/base/FlywheelCore.sol

147:     uint256 private constant ONE = 1e18;


156:     function accrueStrategy(ERC20 strategy, uint256 state) private returns (uint256 rewardsIndex) {


180:     function accrueUser(ERC20 strategy, address user, uint256 index) private returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L147

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

41:     bHermesGauges private immutable bhermes;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L41

File: rewards/depots/RewardsDepot.sol

18:     function transferRewards(address _asset, address _rewardsContract) internal returns (uint256 balance) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L18

File: rewards/depots/SingleRewardsDepot.sol

12:     address private immutable asset;


15:     address private immutable rewardsContract;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L12

File: rewards/rewards/FlywheelAcummulatedRewards.sol

59:     function getNextCycleRewards(ERC20 strategy) internal virtual returns (uint256);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L59

File: rewards/rewards/FlywheelBribeRewards.sol

31:     function getNextCycleRewards(ERC20 strategy) internal override returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L31

File: rewards/rewards/FlywheelGaugeRewards.sol

44:     uint32 internal nextCycle;


47:     uint112 internal nextCycleQueuedRewards;


50:     uint32 internal paginationOffset;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L44

File: talos/base/TalosBaseStrategy.sol

76:     uint24 internal constant MULTIPLIER = 1e6;


372:     function beforeDeposit(uint256 _tokenId, address _receiver) internal virtual;


374:     function afterDeposit(uint256 _tokenId) internal virtual;


376:     function beforeRedeem(uint256 _tokenId, address _owner) internal virtual;


378:     function afterRedeem(uint256 _tokenId) internal virtual;


380:     function beforeRerange(uint256 _tokenId) internal virtual;


382:     function afterRerange(uint256 _tokenId) internal virtual;


384:     function doRerange() internal virtual returns (uint256 amount0, uint256 amount1);


386:     function doRebalance() internal virtual returns (uint256 amount0, uint256 amount1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L76

File: talos/boost-aggregator/BoostAggregator.sol

55:     uint256 private constant DIVISIONER = 10000;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L55

File: talos/factories/TalosBaseStrategyFactory.sol

71:     function createTalosV3Strategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L71

File: talos/factories/TalosStrategyStakedFactory.sol

61:     function createTalosV3Strategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L61

File: talos/factories/TalosStrategyVanillaFactory.sol

32:     function createTalosV3Strategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L32

File: talos/libraries/PoolActions.sol

89:     function getThisPositionTicks(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L89

File: talos/libraries/PoolVariables.sol

22:     uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)


167:     function baseTicks(int24 currentTick, int24 baseThreshold, int24 tickSpacing)


206:     function getTwap(IUniswapV3Pool pool, uint32 twapDuration) private view returns (int24) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L22

File: talos/strategies/TalosStrategySimple.sol

29:     function doRerange() internal override returns (uint256 amount0, uint256 amount1) {


35:     function doRebalance() internal override returns (uint256 amount0, uint256 amount1) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/strategies/TalosStrategySimple.sol#L29

File: talos/TalosManager.sol

65:     function getRebalance(ITalosBaseStrategy position) private view returns (bool) {


77:     function getRerange(ITalosBaseStrategy position) private view returns (bool) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L65

File: talos/TalosStrategyStaked.sol

51:     bool private stakeFlag = false;


100:     function beforeRedeem(uint256 _tokenId, address _owner) internal override {


107:     function afterRedeem(uint256 _tokenId) internal override {


113:     function beforeDeposit(uint256 _tokenId, address _receiver) internal override {


120:     function afterDeposit(uint256 _tokenId) internal override {


126:     function beforeRerange(uint256 _tokenId) internal override {


133:     function afterRerange(uint256 _tokenId) internal override {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L51

File: talos/TalosStrategyVanilla.sol

46:     uint24 private constant protocolFee = 2 * 1e5; //20%


47:     uint24 private constant GLOBAL_DIVISIONER = 1e6;


71:     function beforeRedeem(uint256 _tokenId, address) internal override {


78:     function afterRedeem(uint256 _tokenId) internal override {}


82:     function beforeDeposit(uint256 _tokenId, address) internal override {


89:     function afterDeposit(uint256 _tokenId) internal override {}


93:     function beforeRerange(uint256 _tokenId) internal override {


99:     function afterRerange(uint256 _tokenId) internal override {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L46

File: ulysses-amm/UlyssesPool.sol

42:     uint256 private constant MIN_SWAP_AMOUNT = 1e4;


45:     uint256 private constant MAX_TOTAL_WEIGHT = 256;


48:     uint256 private constant MAX_DESTINATIONS = 15;


51:     uint256 private constant MAX_PROTOCOL_FEE = 1e16;


54:     uint256 private constant MAX_LAMBDA1 = 1e17;


57:     uint256 private constant MIN_SIGMA2 = 1e16;


64:     uint256 private constant DIVISIONER = 1 ether;


344:     function getBandwidthUpdateAmounts(


538:     function updateBandwidth(


841:     function calcFee(


892:     function ulyssesSwap(uint256 assets) private returns (uint256 output) {


941:     function ulyssesAddLP(uint256 amount, bool depositFees) private returns (uint256 output) {


1025:     function ulyssesRemoveLP(uint256 shares) private returns (uint256 assets) {


1199:     function beforeDeposit(uint256 assets) internal override returns (uint256 shares) {


1208:     function beforeMint(uint256 shares) internal override returns (uint256 assets) {


1217:     function afterRedeem(uint256 shares) internal override returns (uint256 assets) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L42

File: ulysses-amm/UlyssesRouter.sol

14:     mapping(uint256 => UlyssesPool) private pools;


30:     function getUlyssesLP(uint256 id) private returns (UlyssesPool ulysses) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L14

File: ulysses-amm/UlyssesToken.sol

109:     function updateAssetBalances() internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L109

File: ulysses-omnichain/BranchBridgeAgent.sol

67:     uint8 internal constant PARAMS_START = 1;


69:     uint8 internal constant PARAMS_START_SIGNED = 21;


71:     uint8 internal constant PARAMS_ENTRY_SIZE = 32;


73:     uint8 internal constant PARAMS_GAS_OUT = 16;


77:     uint8 internal constant PARAMS_TKN_START = 5;


79:     uint8 internal constant PARAMS_AMT_OFFSET = 64;


81:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;


136:     uint256 internal constant MIN_FALLBACK_RESERVE = 185_000; // 100_000 for anycall + 85_000 fallback execution overhead


137:     uint256 internal constant MIN_EXECUTION_OVERHEAD = 160_000; // 100_000 for anycall + 35_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Executions


138:     uint256 internal constant TRANSFER_OVERHEAD = 24_000;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L67

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

31:     uint8 internal constant PARAMS_START = 1;


33:     uint8 internal constant PARAMS_START_SIGNED = 21;


35:     uint8 internal constant PARAMS_END_SIGNED_OFFSET = 26;


37:     uint8 internal constant PARAMS_ENTRY_SIZE = 32;


39:     uint8 internal constant PARAMS_ADDRESS_SIZE = 20;


41:     uint8 internal constant PARAMS_TKN_SET_SIZE = 128;


43:     uint8 internal constant PARAMS_GAS_OUT = 16;


47:     uint8 internal constant PARAMS_TKN_START = 5;


49:     uint8 internal constant PARAMS_AMT_OFFSET = 64;


51:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L31

File: ulysses-omnichain/BranchPort.sol

90:     uint256 internal constant DIVISIONER = 1e4;


91:     uint256 internal constant MIN_RESERVE_RATIO = 3e3;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L90

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

15:     address immutable localPortAddress;


18:     address localCoreRouterAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L15

File: ulysses-omnichain/RootBridgeAgent.sol

99:     uint8 internal constant PARAMS_START = 1;


101:     uint8 internal constant PARAMS_START_SIGNED = 21;


103:     uint8 internal constant PARAMS_ADDRESS_SIZE = 20;


105:     uint8 internal constant PARAMS_GAS_IN = 32;


107:     uint8 internal constant PARAMS_GAS_OUT = 16;


111:     uint8 internal constant PARAMS_TKN_START = 5;


113:     uint8 internal constant PARAMS_AMT_OFFSET = 64;


115:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;


179:     uint256 internal constant MIN_FALLBACK_RESERVE = 155_000; // 100_000 for anycall + 55_000 for fallback


180:     uint256 internal constant MIN_EXECUTION_OVERHEAD = 155_000; // 100_000 for anycall + 30_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Execution


639:     uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)


642:     mapping(address => bool) private approvedGasPool;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L99

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

32:     uint8 internal constant PARAMS_START = 1;


34:     uint8 internal constant PARAMS_START_SIGNED = 21;


36:     uint8 internal constant PARAMS_END_OFFSET = 9;


38:     uint8 internal constant PARAMS_END_SIGNED_OFFSET = 29;


40:     uint8 internal constant PARAMS_ENTRY_SIZE = 32;


42:     uint8 internal constant PARAMS_ADDRESS_SIZE = 20;


44:     uint8 internal constant PARAMS_TKN_SET_SIZE = 104;


46:     uint8 internal constant PARAMS_TKN_SET_SIZE_MULTIPLE = 128;


48:     uint8 internal constant PARAMS_GAS_IN = 32;


50:     uint8 internal constant PARAMS_GAS_OUT = 16;


54:     uint8 internal constant PARAMS_TKN_START = 5;


56:     uint8 internal constant PARAMS_AMT_OFFSET = 64;


58:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L32

File: ulysses-omnichain/RootPort.sol

292:     function mint(address _to, address _hToken, uint256 _amount, uint24 _fromChain) internal {


348:     function addVirtualAccount(address _user) internal returns (VirtualAccount newAccount) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L292

File: uni-v3-staker/libraries/IncentiveTime.sol

12:     uint256 private constant INCENTIVES_DURATION = 1 weeks; // Incentives are 1 week long and start at THURSDAY 12:00:00 UTC (00:00:00 UTC + 12 hours (INCENTIVE_OFFSET))


14:     uint256 private constant INCENTIVES_OFFSET = 12 hours;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L12

File: uni-v3-staker/UniswapV3Staker.sol

57:     mapping(uint256 => IncentiveKey) private stakedIncentiveKey;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L57

[N-10] Function parameter name must be in mixedCase

There are 5 instances of this issue:
File: erc-20/interfaces/IERC20Boost.sol

224:     event DecrementUserGaugeBoost(address indexed user, address indexed gauge, uint256 UpdatedBoost);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L224

File: hermes/interfaces/IBaseV2Minter.sol

61:     function setTailEmission(uint256 _tail_emission) external;


73:     function setDaoShare(uint256 _dao_share) external;


108:     event Mint(address indexed sender, uint256 weekly, uint256 circulatingSupply, uint256 growth, uint256 dao_share);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L61

File: hermes/minters/BaseV2Minter.sol

97:     function setTailEmission(uint256 _tail_emission) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L97

[N-11] Variable name must be in mixedCase

There are 6 instances of this issue:
File: erc-20/interfaces/IERC20Boost.sol

224:     event DecrementUserGaugeBoost(address indexed user, address indexed gauge, uint256 UpdatedBoost);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L224

File: hermes/interfaces/IBaseV2Minter.sol

61:     function setTailEmission(uint256 _tail_emission) external;


73:     function setDaoShare(uint256 _dao_share) external;


108:     event Mint(address indexed sender, uint256 weekly, uint256 circulatingSupply, uint256 growth, uint256 dao_share);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L61

File: hermes/minters/BaseV2Minter.sol

97:     function setTailEmission(uint256 _tail_emission) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L97

File: talos/TalosStrategyVanilla.sol

116:         uint24 _GLOBAL_DIVISIONER = GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L116

[N-12] It is standard for all external and public functions to be overridden from an interface

Check that all public or external functions are override. This is iseful to make sure that the whole API is extracted in an interface.

There are 367 instances of this issue:
File: gauges/factories/BaseV2GaugeManager.sol

50:     function getGaugeFactories() external view returns (BaseV2GaugeFactory[] memory) {


59:     function newEpoch() external {


73:     function newEpoch(uint256 start, uint256 end) external {


93:     function addGauge(address gauge) external onlyActiveGaugeFactory {


99:     function removeGauge(address gauge) external onlyActiveGaugeFactory {


109:     function addGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {


120:     function removeGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {


136:     function changebHermesGaugeOwner(address newOwner) external onlyAdmin {


144:     function changeAdmin(address newAdmin) external onlyAdmin {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L50

File: gauges/factories/BribesFactory.sol

62:     function getBribeFlywheels() external view returns (FlywheelCore[] memory) {


71:     function addGaugetoFlywheel(address gauge, address bribeToken) external onlyGaugeFactory {


78:     function createBribeFlywheel(address bribeToken) public {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L62

File: gauges/factories/UniswapV3GaugeFactory.sol

97:     function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L97

File: gauges/UniswapV3Gauge.sol

61:     function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L61

File: governance/GovernorBravoDelegateMaia.sol

55:     function initialize(


86:     function getProposalThresholdAmount() public view returns (uint256) {


90:     function getQuorumVotesAmount() public view returns (uint256) {


103:     function propose(


173:     function queue(uint256 proposalId) external {


207:     function execute(uint256 proposalId) external payable {


226:     function cancel(uint256 proposalId) external {


267:     function getActions(uint256 proposalId)


287:     function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {


296:     function state(uint256 proposalId) public view returns (ProposalState) {


325:     function castVote(uint256 proposalId, uint8 support) external {


335:     function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {


343:     function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {


388:     function isWhitelisted(address account) public view returns (bool) {


396:     function _setVotingDelay(uint256 newVotingDelay) external {


412:     function _setVotingPeriod(uint256 newVotingPeriod) external {


429:     function _setProposalThreshold(uint256 newProposalThreshold) external {


446:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


460:     function _setWhitelistGuardian(address account) external {


473:     function _initiate(address governorAlpha) external {


486:     function _setPendingAdmin(address newPendingAdmin) external {


504:     function _acceptAdmin() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L55

File: governance/GovernorBravoDelegator.sol

7:     constructor(


40:     function _setImplementation(address implementation_) public {


70:     fallback() external payable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L7

File: hermes/bHermes.sol

95:     function claimOutstanding() public virtual {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L95

File: hermes/minters/BaseV2Minter.sol

68:     fallback() external {


77:     function initialize(FlywheelGaugeRewards _flywheelGaugeRewards) external {


85:     function setDao(address _dao) external onlyOwner {


91:     function setDaoShare(uint256 _daoShare) external onlyOwner {


97:     function setTailEmission(uint256 _tail_emission) external onlyOwner {


107:     function circulatingSupply() public view returns (uint256) {


112:     function weeklyEmission() public view returns (uint256) {


117:     function calculateGrowth(uint256 _minted) public view returns (uint256) {


122:     function updatePeriod() public returns (uint256) {


161:     function getRewards() external returns (uint256 totalQueuedForCycle) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L68

File: hermes/tokens/bHermesBoost.sol

27:     function mint(address to, uint256 amount) external onlybHermes {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L27

File: hermes/tokens/bHermesGauges.sol

34:     function mint(address to, uint256 amount) external onlybHermes {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L34

File: hermes/tokens/bHermesVotes.sol

25:     function mint(address to, uint256 amount) external onlybHermes {


34:     function burn(address from, uint256 amount) external onlybHermes {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L25

File: hermes/tokens/HERMES.sol

61:     function mint(address account, uint256 amount) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L61

File: maia/factories/PartnerManagerFactory.sol

43:     function getPartners() external view returns (PartnerManager[] memory) {


48:     function getVaults() external view returns (IBaseVault[] memory) {


57:     function addPartner(PartnerManager newPartnerManager) external onlyOwner {


66:     function addVault(IBaseVault newVault) external onlyOwner {


79:     function removePartner(PartnerManager partnerManager) external onlyOwner {


88:     function removeVault(IBaseVault vault) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L43

File: maia/tokens/Maia.sol

54:     function mint(address account, uint256 amount) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L54

File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol

57:     function initialize(


88:     function getProposalThresholdAmount() public view returns (uint256) {


92:     function getQuorumVotesAmount() public view returns (uint256) {


105:     function propose(


175:     function queue(uint256 proposalId) external {


209:     function execute(uint256 proposalId) external payable {


228:     function cancel(uint256 proposalId) external {


269:     function getActions(uint256 proposalId)


289:     function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {


298:     function state(uint256 proposalId) public view returns (ProposalState) {


327:     function castVote(uint256 proposalId, uint8 support) external {


337:     function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {


345:     function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {


390:     function isWhitelisted(address account) public view returns (bool) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity1.sol#L57

File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol

57:     function initialize(


88:     function getProposalThresholdAmount() public view returns (uint256) {


92:     function getQuorumVotesAmount() public view returns (uint256) {


105:     function propose(


175:     function queue(uint256 proposalId) external {


209:     function execute(uint256 proposalId) external payable {


228:     function cancel(uint256 proposalId) external {


269:     function getActions(uint256 proposalId)


289:     function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {


298:     function state(uint256 proposalId) public view returns (ProposalState) {


327:     function castVote(uint256 proposalId, uint8 support) external {


337:     function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {


345:     function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {


390:     function isWhitelisted(address account) public view returns (bool) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity2.sol#L57

File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol

57:     function initialize(


88:     function getProposalThresholdAmount() public view returns (uint256) {


92:     function getQuorumVotesAmount() public view returns (uint256) {


105:     function propose(


175:     function queue(uint256 proposalId) external {


209:     function execute(uint256 proposalId) external payable {


228:     function cancel(uint256 proposalId) external {


269:     function getActions(uint256 proposalId)


289:     function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {


298:     function state(uint256 proposalId) public view returns (ProposalState) {


327:     function castVote(uint256 proposalId, uint8 support) external {


337:     function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {


345:     function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {


390:     function isWhitelisted(address account) public view returns (bool) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity3.sol#L57

File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol

57:     function initialize(


88:     function getProposalThresholdAmount() public view returns (uint256) {


92:     function getQuorumVotesAmount() public view returns (uint256) {


105:     function propose(


175:     function queue(uint256 proposalId) external {


209:     function execute(uint256 proposalId) external payable {


228:     function cancel(uint256 proposalId) external {


269:     function getActions(uint256 proposalId)


289:     function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {


298:     function state(uint256 proposalId) public view returns (ProposalState) {


327:     function castVote(uint256 proposalId, uint8 support) external {


337:     function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {


345:     function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {


390:     function isWhitelisted(address account) public view returns (bool) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity4.sol#L57

File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol

57:     function initialize(


88:     function getProposalThresholdAmount() public view returns (uint256) {


92:     function getQuorumVotesAmount() public view returns (uint256) {


105:     function propose(


175:     function queue(uint256 proposalId) external {


209:     function execute(uint256 proposalId) external payable {


228:     function cancel(uint256 proposalId) external {


269:     function getActions(uint256 proposalId)


289:     function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {


298:     function state(uint256 proposalId) public view returns (ProposalState) {


327:     function castVote(uint256 proposalId, uint8 support) external {


337:     function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {


345:     function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {


390:     function isWhitelisted(address account) public view returns (bool) {


398:     function _setVotingDelay(uint256 newVotingDelay) external {


414:     function _setVotingPeriod(uint256 newVotingPeriod) external {


431:     function _setProposalThreshold(uint256 newProposalThreshold) external {


448:     function _setWhitelistAccountExpiration(address account, uint256 expiration) external {


462:     function _setWhitelistGuardian(address account) external {


475:     function _initiate(address governorAlpha) external {


488:     function _setPendingAdmin(address newPendingAdmin) external {


506:     function _acceptAdmin() external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity5.sol#L57

File: out-of-scope/governance/GovernorBravoDelegator.sol

6:     constructor(


39:     function _setImplementation(address implementation_) public {


69:     fallback() external payable {

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegator.sol#L6

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

53:     function boostedTotalSupply(ERC20 strategy) external view returns (uint256) {


59:     function boostedBalanceOf(ERC20 strategy, address user) external view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L53

File: rewards/depots/MultiRewardsDepot.sol

46:     function addAsset(address rewardsContract, address asset) external onlyOwner {


56:     function removeAsset(address rewardsContract) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L46

File: rewards/rewards/FlywheelBribeRewards.sol

36:     function setRewardsDepot(RewardsDepot rewardsDepot) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L36

File: rewards/rewards/FlywheelGaugeRewards.sol

71:     function queueRewardsForCycle() external returns (uint256 totalQueuedForCycle) {


106:     function queueRewardsForCyclePaginated(uint256 numRewards) external {


199:     function getAccruedRewards() external returns (uint256 accruedRewards) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L71

File: talos/boost-aggregator/BoostAggregator.sol

99:     function setOwnRewardsDepot(address rewardsDepot) external {


108:     function unstakeAndWithdraw(uint256 tokenId) external {


142:     function addWhitelistedAddress(address user) external onlyOwner {


147:     function removeWhitelistedAddress(address user) external onlyOwner {


152:     function setProtocolFee(uint256 _protocolFee) external onlyOwner {


158:     function withdrawProtocolFees(address to) external onlyOwner {


164:     function withdrawAllGaugeBoost(address to) external onlyOwner {


171:     function withdrawGaugeBoost(address to, uint256 amount) external onlyOwner {


179:     function decrementGaugesBoostIndexed(uint256 boost, uint256 offset, uint256 num) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L99

File: talos/factories/BoostAggregatorFactory.sol

41:     function getBoostAggregators() external view returns (BoostAggregator[] memory) {


50:     function createBoostAggregator(address owner) external {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L41

File: talos/factories/OptimizerFactory.sol

18:     function getOptimizers() external view returns (TalosOptimizer[] memory) {


35:     function createTalosOptimizer(

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L18

File: talos/TalosOptimizer.sol

61:     function setMaxTotalSupply(uint256 _maxTotalSupply) external onlyOwner {


67:     function setTwapDuration(uint32 _twapDuration) external onlyOwner {


73:     function setMaxTwapDeviation(int24 _maxTwapDeviation) external onlyOwner {


79:     function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {


84:     function setPriceImpact(uint24 _priceImpactPercentage) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L61

File: ulysses-amm/factories/UlyssesFactory.sol

73:     function createPool(ERC20 asset, address owner) external returns (uint256) {


90:     function createPools(ERC20[] calldata assets, uint8[][] calldata weights, address owner)


136:     function createToken(uint256[] calldata poolIds, uint256[] calldata weights, address owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L73

File: ulysses-amm/UlyssesPool.sol

111:     function getBandwidth(uint256 destinationId) external view returns (uint256) {


120:     function getBandwidthStateList() external view returns (BandwidthState[] memory) {


125:     function getProtocolFees() public view returns (uint256) {


149:     function claimProtocolFees() external nonReentrant returns (uint256 claimed) {


158:     function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {


222:     function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {


307:     function setFees(Fees calldata _fees) external nonReentrant onlyOwner {


322:     function setProtocolFee(uint256 _protocolFee) external nonReentrant {


1092:     function swapIn(uint256 assets, uint256 poolId) external nonReentrant returns (uint256 output) {


1146:     function swapFromPool(uint256 assets, address user) external nonReentrant returns (uint256 output) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L111

File: ulysses-amm/UlyssesRouter.sol

48:     function addLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256) {


58:     function removeLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256) {


72:     function swap(uint256 amount, uint256 minOutput, Route[] calldata routes) external returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L48

File: ulysses-amm/UlyssesToken.sol

43:     function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {


59:     function removeAsset(address asset) external nonReentrant onlyOwner {


87:     function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L43

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

101:     function depositToPort(address underlyingAddress, uint256 amount) external payable lock {


113:     function withdrawFromPort(address localAddress, uint256 amount) external payable lock {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L101

File: ulysses-omnichain/ArbitrumBranchPort.sol

44:     function depositToPort(address _depositor, address _recipient, address _underlyingAddress, uint256 _deposit)


57:     function withdrawFromPort(address _depositor, address _recipient, address _globalAddress, uint256 _deposit)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L44

File: ulysses-omnichain/BaseBranchRouter.sol

36:     function initialize(address _localBridgeAgentAddress) external onlyOwner {


48:     function getDepositEntry(uint32 _depositNonce) external view returns (Deposit memory) {


57:     function callOut(bytes calldata params, uint128 remoteExecutionGas) external payable lock {


64:     function callOutAndBridge(bytes calldata params, DepositInput memory dParams, uint128 remoteExecutionGas)


75:     function callOutAndBridgeMultiple(


86:     function retrySettlement(uint32 _settlementNonce, uint128 _gasToBoostSettlement) external payable lock {


91:     function redeemDeposit(uint32 _depositNonce) external lock {


100:     function anyExecuteNoSettlement(bytes calldata)


111:     function anyExecuteSettlement(bytes calldata, SettlementParams memory)


122:     function anyExecuteSettlementMultiple(bytes calldata, SettlementMultipleParams memory)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L36

File: ulysses-omnichain/BranchBridgeAgent.sol

173:     function getDepositEntry(uint32 _depositNonce) external view returns (Deposit memory) {


182:     function callOut(bytes calldata _params, uint128 _remoteExecutionGas) external payable lock requiresFallbackGas {


191:     function callOutAndBridge(bytes calldata _params, DepositInput memory _dParams, uint128 _remoteExecutionGas)


205:     function callOutAndBridgeMultiple(


218:     function callOutSigned(bytes calldata _params, uint128 _remoteExecutionGas)


237:     function callOutSignedAndBridge(bytes calldata _params, DepositInput memory _dParams, uint128 _remoteExecutionGas)


274:     function callOutSignedAndBridgeMultiple(


318:     function retryDeposit(


417:     function retrySettlement(uint32 _settlementNonce, uint128 _gasToBoostSettlement)


432:     function retrieveDeposit(uint32 _depositNonce) external payable lock requiresFallbackGas {


449:     function redeemDeposit(uint32 _depositNonce) external lock {


462:     function performSystemCallOut(


487:     function performCallOut(


508:     function performCallOutAndBridge(


530:     function performCallOutAndBridgeMultiple(


556:     function clearToken(address _recipient, address _hToken, address _token, uint256 _amount, uint256 _deposit)


564:     function clearTokens(bytes calldata _sParams, address _recipient)


1117:     function anyExecute(bytes calldata data)


1226:     function anyFallback(bytes calldata data)


1309:     function depositGasAnycallConfig() external payable {


1314:     function forceRevert() external requiresAgentExecutor {


1418:     fallback() external payable {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L173

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

69:     function executeNoSettlement(address _router, bytes calldata _data)


87:     function executeWithSettlement(address _recipient, address _router, bytes calldata _data)


124:     function executeWithSettlementMultiple(address _recipient, address _router, bytes calldata _data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L69

File: ulysses-omnichain/BranchPort.sol

98:     function initialize(address _coreBranchRouter, address _bridgeAgentFactory) external virtual onlyOwner {


157:     function manage(address _token, uint256 _amount) external requiresPortStrategy(_token) {


171:     function replenishReserves(address _strategy, address _token, uint256 _amount) external lock {


205:     function withdraw(address _recipient, address _underlyingAddress, uint256 _deposit)


216:     function bridgeIn(address _recipient, address _localAddress, uint256 _amount)


225:     function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)


240:     function bridgeOut(


259:     function bridgeOutMultiple(


289:     function addBridgeAgent(address _bridgeAgent) external requiresBridgeAgentFactory {


300:     function setCoreRouter(address _newCoreRouter) external requiresCoreRouter {


307:     function addBridgeAgentFactory(address _newBridgeAgentFactory) external requiresCoreRouter {


316:     function toggleBridgeAgentFactory(address _newBridgeAgentFactory) external requiresCoreRouter {


323:     function toggleBridgeAgent(address _bridgeAgent) external requiresCoreRouter {


330:     function addStrategyToken(address _token, uint256 _minimumReservesRatio) external requiresCoreRouter {


341:     function toggleStrategyToken(address _token) external requiresCoreRouter {


348:     function addPortStrategy(address _portStrategy, address _token, uint256 _dailyManagementLimit)


362:     function togglePortStrategy(address _portStrategy, address _token) external requiresCoreRouter {


369:     function updatePortStrategy(address _portStrategy, address _token, uint256 _dailyManagementLimit)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L98

File: ulysses-omnichain/CoreBranchRouter.sol

40:     function addGlobalToken(


62:     function addLocalToken(address _underlyingAddress) external payable virtual {


283:     fallback() external payable {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L40

File: ulysses-omnichain/CoreRootRouter.sol

62:     function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {


80:     function addBranchToBridgeAgent(


226:     function toggleBranchBridgeAgentFactory(


252:     function removeBranchBridgeAgent(address _branchBridgeAgent, address _gasReceiver, uint24 _toChain)


274:     function manageStrategyToken(


299:     function managePortStrategy(


389:     function anyExecuteDepositMultiple(bytes1, bytes calldata, DepositMultipleParams memory, uint24)


421:     function anyExecuteSignedDepositMultiple(bytes1, bytes memory, DepositMultipleParams memory, address, uint24)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L62

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

82:     function initialize(address _coreRootBridgeAgent) external virtual onlyOwner {


112:     function createBridgeAgent(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L82

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

34:     function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {


59:     function createToken(string memory _name, string memory _symbol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L34

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

39:     function initialize(address _coreRouter) external onlyOwner {


53:     function createToken(string memory _name, string memory _symbol)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L39

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

74:     function createBridgeAgent(address _newRootRouterAddress) external returns (address newBridgeAgent) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L74

File: ulysses-omnichain/MulticallRootRouter.sol

73:     function initialize(address _bridgeAgentAddress) external onlyOwner {


249:     function anyExecuteDepositMultiple(bytes1, bytes calldata, DepositMultipleParams calldata, uint24)


420:     function anyExecuteSignedDepositMultiple(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L73

File: ulysses-omnichain/RootBridgeAgent.sol

234:     function getSettlementEntry(uint32 _settlementNonce) external view returns (Settlement memory) {


243:     function retrySettlement(uint32 _settlementNonce, uint128 _remoteExecutionGas) external payable {


254:     function redeemSettlement(uint32 _depositNonce) external lock {


274:     function callOut(address _recipient, bytes memory _data, uint24 _toChain) external payable lock requiresRouter {


284:     function callOutAndBridge(


330:     function callOutAndBridgeMultiple(


383:     function bridgeIn(address _recipient, DepositParams memory _dParams, uint24 _fromChain)


403:     function bridgeInMultiple(address _recipient, DepositMultipleParams memory _dParams, uint24 _fromChain)


645:     function uniswapV3SwapCallback(int256 amount0, int256 amount1, bytes calldata _data) external {


859:     function anyExecute(bytes calldata data)


1176:     function anyFallback(bytes calldata data)


1218:     function depositGasAnycallConfig() external payable {


1224:     function forceRevert() external requiresLocalBranchBridgeAgent {


1247:     function approveBranchBridgeAgent(uint256 _branchChainId) external requiresManager {


1253:     function syncBranchBridgeAgent(address _newBranchBridgeAgent, uint24 _branchChainId) external requiresPort {


1258:     function sweep() external {


1333:     fallback() external payable {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L234

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

77:     function executeSystemRequest(address _router, bytes calldata _data, uint24 _fromChainId)


97:     function executeNoDeposit(address _router, bytes calldata _data, uint24 _fromChainId)


116:     function executeWithDeposit(address _router, bytes calldata _data, uint24 _fromChainId)


153:     function executeWithDepositMultiple(address _router, bytes calldata _data, uint24 _fromChainId)


200:     function executeSignedNoDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)


220:     function executeSignedWithDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)


258:     function executeSignedWithDepositMultiple(


307:     function executeRetrySettlement(uint32 _settlementNonce)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L77

File: ulysses-omnichain/RootPort.sol

127:     function initialize(address _bridgeAgentFactory, address _coreRootRouter) external onlyOwner {


139:     function initializeCore(


157:     function forefeitOwnership(address _owner) external onlyOwner {


173:     function getLocalToken(address _localAddress, uint24 _fromChain, uint24 _toChain) external view returns (address) {


193:     function getUnderlyingTokenFromGlobal(address _globalAddress, uint24 _fromChain) external view returns (address) {


208:     function isGlobalToken(address _globalAddress, uint24 _fromChain) external view returns (bool) {


222:     function isLocalToken(address _localAddress, uint24 _fromChain) external view returns (bool) {


227:     function isLocalToken(address _localAddress, uint24 _fromChain, uint24 _toChain) external view returns (bool) {


237:     function isUnderlyingToken(address _underlyingToken, uint24 _fromChain) external view returns (bool) {


246:     function setAddresses(address _globalAddress, address _localAddress, address _underlyingAddress, uint24 _fromChain)


260:     function setLocalAddress(address _globalAddress, address _localAddress, uint24 _fromChain)


275:     function bridgeToRoot(address _recipient, address _hToken, uint256 _amount, uint256 _deposit, uint24 _fromChainId)


298:     function burn(address _from, address _hToken, uint256 _amount, uint24 _fromChain) external requiresBridgeAgent {


304:     function bridgeToRootFromLocalBranch(address _from, address _hToken, uint256 _amount)


313:     function bridgeToLocalBranchFromRoot(address _to, address _hToken, uint256 _amount)


323:     function mintToLocalBranch(address _to, address _hToken, uint256 _amount) external requiresLocalBranchPort {


328:     function burnFromLocalBranch(address _from, address _hToken, uint256 _amount) external requiresLocalBranchPort {


339:     function fetchVirtualAccount(address _user) external requiresBridgeAgent returns (VirtualAccount account) {


356:     function toggleVirtualAccountApproved(VirtualAccount _userAccount, address _router) external requiresBridgeAgent {


365:     function addBridgeAgent(address _manager, address _bridgeAgent) external requiresBridgeAgentFactory {


377:     function syncBranchBridgeAgentWithRoot(


398:     function toggleBridgeAgent(address _bridgeAgent) external onlyOwner {


405:     function addBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {


412:     function toggleBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {


419:     function addNewChain(


483:     function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {


490:     function addEcosystemToken(address _ecoTokenGlobalAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L127

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

71:     function mint(address to, uint256 amount, uint256 chainId) external requiresPort returns (bool) {


83:     function burn(address from, uint256 value, uint256 chainId) external requiresPort {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L71

File: ulysses-omnichain/VirtualAccount.sol

30:     function withdrawERC20(address _token, uint256 _amount) external requiresApprovedCaller {


35:     function withdrawERC721(address _token, uint256 _tokenId) external requiresApprovedCaller {


40:     function call(Call[] calldata calls)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L30

File: uni-v3-staker/UniswapV3Staker.sol

136:     function createIncentiveFromGauge(uint256 reward) external {


156:     function createIncentive(IncentiveKey memory key, uint256 reward) external {


186:     function endIncentive(IncentiveKey memory key) external returns (uint256 refund) {


242:     function withdrawToken(uint256 tokenId, address to, bytes memory data) external {


261:     function claimReward(address to, uint256 amountRequested) external returns (uint256 reward) {


276:     function claimAllRewards(address to) external returns (uint256 reward) {


339:     function restakeToken(uint256 tokenId) external {


354:     function unstakeToken(uint256 tokenId) external {


360:     function unstakeToken(IncentiveKey memory key, uint256 tokenId) external {


525:     function updateGauges(IUniswapV3Pool uniswapV3Pool) external {


542:     function updateBribeDepot(IUniswapV3Pool uniswapV3Pool) public {


552:     function updatePoolMinimumWidth(IUniswapV3Pool uniswapV3Pool) public {

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L136

[N-13] Constant name must be in capitalized SNAKE_CASE

There are 23 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

8:     string public constant name = "vMaia Governor Bravo";


29:     uint256 public constant quorumVotes = 0.35 ether; // 35% of GovToken


32:     uint256 public constant proposalMaxOperations = 10; // 10 actions

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L8

File: hermes/minters/BaseV2Minter.sol

23:     uint256 internal constant week = 86400 * 7;


25:     uint256 internal constant base = 1000;


27:     uint256 internal constant max_tail_emission = 100;


28:     uint256 internal constant max_dao_share = 300;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L23

File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol

7:     string public constant name = "bHermes Governor Bravo Severity 1";


28:     uint256 public constant quorumVotes = 0.04 ether; // 4% of GovToken


31:     uint256 public constant proposalMaxOperations = 10; // 10 actions

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity1.sol#L7

File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol

7:     string public constant name = "bHermes Governor Bravo Severity 2";


28:     uint256 public constant quorumVotes = 0.125 ether; // 12.5% of GovToken


31:     uint256 public constant proposalMaxOperations = 10; // 10 actions

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity2.sol#L7

File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol

7:     string public constant name = "bHermes Governor Bravo Severity 3";


28:     uint256 public constant quorumVotes = 0.25 ether; // 25,000,000 = about 25% of GovToken


31:     uint256 public constant proposalMaxOperations = 10; // 10 actions

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity3.sol#L7

File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol

7:     string public constant name = "bHermes Governor Bravo Severity 4";


28:     uint256 public constant quorumVotes = 0.35 ether; // 35% of GovToken


31:     uint256 public constant proposalMaxOperations = 10; // 10 actions

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity4.sol#L7

File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol

7:     string public constant name = "bHermes Governor Bravo Severity 5";


28:     uint256 public constant quorumVotes = 0.5 ether; // 50% of GovToken


31:     uint256 public constant proposalMaxOperations = 10; // 10 actions

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity5.sol#L7

File: talos/TalosStrategyVanilla.sol

46:     uint24 private constant protocolFee = 2 * 1e5; //20%

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L46

[N-14] Function must not be longer than 50 lines

There are 28 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

103:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L103

File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol

105:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity1.sol#L105

File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol

105:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity2.sol#L105

File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol

105:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity3.sol#L105

File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol

105:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity4.sol#L105

File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol

105:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity5.sol#L105

File: talos/base/TalosBaseStrategy.sol

101:     function init(uint256 amount0Desired, uint256 amount1Desired, address receiver)


181:     function deposit(uint256 amount0Desired, uint256 amount1Desired, address receiver)


237:     function redeem(uint256 shares, uint256 amount0Min, uint256 amount1Min, address receiver, address _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L101

File: ulysses-amm/UlyssesPool.sol

158:     function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {


222:     function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {


344:     function getBandwidthUpdateAmounts(


538:     function updateBandwidth(


679:     function _calculateRebalancingFee(uint256 bandwidth, uint256 targetBandwidth, bool roundDown)


941:     function ulyssesAddLP(uint256 amount, bool depositFees) private returns (uint256 output) {


1025:     function ulyssesRemoveLP(uint256 shares) private returns (uint256 assets) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L158

File: ulysses-omnichain/BranchBridgeAgent.sol

318:     function retryDeposit(


564:     function clearTokens(bytes calldata _sParams, address _recipient)


1117:     function anyExecute(bytes calldata data)


1226:     function anyFallback(bytes calldata data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L318

File: ulysses-omnichain/CoreBranchRouter.sol

228:     function anyExecuteNoSettlement(bytes calldata _data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L228

File: ulysses-omnichain/MulticallRootRouter.sol

267:     function anyExecuteSigned(bytes1 funcId, bytes calldata encodedData, address userAccount, uint24)


344:     function anyExecuteSignedDepositSingle(


420:     function anyExecuteSignedDepositMultiple(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L267

File: ulysses-omnichain/RootBridgeAgent.sol

859:     function anyExecute(bytes calldata data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L859

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

349:     function _bridgeInMultiple(address _recipient, bytes calldata _dParams, uint24 _fromChain)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L349

File: ulysses-omnichain/RootPort.sol

419:     function addNewChain(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L419

File: uni-v3-staker/UniswapV3Staker.sol

364:     function _unstakeToken(IncentiveKey memory key, uint256 tokenId, bool isNotRestake) private {

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L364

[N-15] Function name must be in mixedCase

There are 2 instances of this issue:
File: governance/GovernorBravoInterfaces.sol

170:     function GRACE_PERIOD() external view returns (uint256);

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L170

File: out-of-scope/governance/GovernorBravoInterfaces.sol

170:     function GRACE_PERIOD() external view returns (uint256);

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoInterfaces.sol#L170

[N-16] Contract name must be in CamelCase

There are 5 instances of this issue:
File: hermes/bHermes.sol

51: contract bHermes is UtilityManager, ERC4626DepositOnly {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L51

File: hermes/tokens/bHermesBoost.sol

17: contract bHermesBoost is ERC20Boost, IbHermesUnderlying {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L17

File: hermes/tokens/bHermesGauges.sol

21: contract bHermesGauges is ERC20Gauges, IbHermesUnderlying {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L21

File: hermes/tokens/bHermesVotes.sol

15: contract bHermesVotes is ERC20MultiVotes, IbHermesUnderlying {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L15

File: maia/vMaia.sol

25: contract vMaia is ERC4626PartnerManager {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L25

[N-17] Use scientific notation (e.g. 1e18) rather than exponentiation (e.g. 10**18)

While the compiler knows to optimize away the exponentiation, it's still better coding practice to use idioms that do not require compiler optimization, if they exist.

There are 2 instances of this issue:
File: ulysses-omnichain/BranchBridgeAgent.sol

1341:         return _decimals == 18 ? _amount : _amount * (10 ** _decimals) / 1 ether;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1341

File: ulysses-omnichain/BranchPort.sol

389:         return _decimals == 18 ? _amount : _amount * 1 ether / (10 ** _decimals);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L389

[N-18] constants should be defined rather than using magic numbers

Magic numbers are numbers that appear without explanation in the code. They should be replaced with named constants.

There are 102 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

82:         return (a & b) + (a ^ b) / 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L82

File: erc-4626/ERC4626MultiToken.sol

40:         ERC20(_name, _symbol, 18)

51:             require(ERC20(_assets[i]).decimals() == 18);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L40

File: erc-4626/UlyssesERC4626.sol

24:     constructor(address _asset, string memory _name, string memory _symbol) ERC20(_name, _symbol, 18) {

27:         if (ERC20(_asset).decimals() != 18) revert InvalidAssetDecimals();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L24

File: gauges/factories/UniswapV3GaugeFactory.sol

65:             52 weeks,

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L65

File: governance/GovernorBravoDelegateMaia.sol

363:         require(support <= 2, "GovernorBravo::castVoteInternal: invalid vote type");

373:         } else if (support == 2) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L363

File: hermes/tokens/HERMES.sol

48:     constructor(address _owner) ERC20("Hermes", "HERMES", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L48

File: hermes/tokens/bHermesBoost.sol

22:     constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L22

File: hermes/tokens/bHermesGauges.sol

28:         ERC20("bHermes Gauges", "bHERMES-G", 18)

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L28

File: hermes/tokens/bHermesVotes.sol

20:     constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L20

File: maia/libraries/DateTimeLib.sol

40:         uint256 epochDay = timestamp / 86400;

44:             epochDay := add(epochDay, 719468)

45:             let doe := mod(epochDay, 146097)

46:             let yoe := div(sub(sub(add(doe, div(doe, 36524)), div(doe, 1460)), eq(doe, 146096)), 365)

47:             let doy := sub(doe, sub(add(mul(365, yoe), shr(2, yoe)), div(yoe, 100)))

48:             let mp := div(add(mul(5, doy), 2), 153)

49:             month := sub(add(mp, 3), mul(gt(mp, 9), 12))

57:             uint256 day = timestamp / 86400;

58:             startOfDay = day * 86400;

59:             result = ((day + 3) % 7) + 1 == 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L40

File: maia/tokens/Maia.sol

41:     constructor(address _owner) ERC20("Maia", "MAIA", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L41

File: talos/TalosOptimizer.sol

42:         if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();

43:         if (_twapDuration < 100) revert TwapDurationTooLow();

44:         if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {

69:         if (_twapDuration < 100) revert TwapDurationTooLow();

75:         if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();

86:         if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L42

File: talos/base/TalosBaseStrategy.sol

85:     ) ERC20("TALOS LP", "TLP", 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L85

File: talos/libraries/PoolVariables.sol

209:         uint32[] memory secondsAgo = new uint32[](2);

247:             ? int256((cache.amount0Desired - cache.amount0) / 2)

248:             : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2

251:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L209

File: ulysses-amm/UlyssesPool.sol

70:     Fees public fees = Fees({lambda1: 20e14, lambda2: 4980e14, sigma1: 6000e14, sigma2: 500e14});

312:         if (_fees.lambda1 + _fees.lambda2 != DIVISIONER / 2) revert InvalidFee();

396:                 let slot := sload(add(bandwidthStateListStart, mul(i, 2)))

400:                 let weight := shr(248, slot)

490:                     let weight := shr(248, sload(add(bandwidthStateListStart, mul(i, 2))))

559:             weight := shr(248, slot)

669:             sstore(destinationState.slot, or(bandwidth, shl(248, weight)))

702:             let sigma2 := shr(192, feeSlot)

704:             let sigma1 := and(shr(128, feeSlot), 0xffffffffffffffff)

706:             lambda2 := and(shr(64, feeSlot), 0xffffffffffffffff)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L70

File: ulysses-amm/UlyssesToken.sol

46:         require(ERC20(asset).decimals() == 18);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L46

File: ulysses-omnichain/BaseBranchRouter.sol

148:         _unlocked = 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L148

File: ulysses-omnichain/BranchBridgeAgent.sol

587:                                 PARAMS_TKN_START + (PARAMS_ENTRY_SIZE * i) + 12:

598:                             PARAMS_TKN_START + PARAMS_ENTRY_SIZE * uint16(i + numOfAssets) + 12:

1145:             uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1167:             uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1191:             uint32 nonce = uint32(bytes4(data[22:26]));

1341:         return _decimals == 18 ? _amount : _amount * (10 ** _decimals) / 1 ether;

1368:         _unlocked = 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L587

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

76:         (success, result) = IRouter(_router).anyExecuteNoSettlement(_data[25:_data.length - PARAMS_GAS_OUT]);

95:             settlementNonce: uint32(bytes4(_data[PARAMS_START_SIGNED:25])),

97:             hToken: address(uint160(bytes20(_data[25:45]))),

98:             token: address(uint160(bytes20(_data[45:65]))),

99:             amount: uint256(bytes32(_data[65:97])),

100:             deposit: uint256(bytes32(_data[97:129]))

108:         if (_data.length - PARAMS_GAS_OUT > 129) {

110:             (success, result) = IRouter(_router).anyExecuteSettlement(_data[129:_data.length - PARAMS_GAS_OUT], sParams);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L76

File: ulysses-omnichain/BranchPort.sol

389:         return _decimals == 18 ? _amount : _amount * 1 ether / (10 ** _decimals);

425:         _unlocked = 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L389

File: ulysses-omnichain/CoreRootRouter.sol

440:         _unlocked = 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L440

File: ulysses-omnichain/MulticallRootRouter.sol

496:         _unlocked = 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L496

File: ulysses-omnichain/RootBridgeAgent.sol

677:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

720:             uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

990:             uint32 nonce = uint32(bytes4(data[2:6]));

1014:             uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1050:             uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1085:             uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1130:             try RootBridgeAgentExecutor(bridgeAgentExecutorAddress).executeRetrySettlement(uint32(bytes4(data[5:9])))

1198:             _settlementNonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1203:             _settlementNonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));

1208:             _settlementNonce = uint32(bytes4(data[22:26]));

1275:         _unlocked = 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

85:             bytes1(_data[PARAMS_TKN_START]), _data[6:_data.length - PARAMS_GAS_IN], _fromChainId

105:             IRouter(_router).anyExecute(bytes1(_data[5]), _data[6:_data.length - PARAMS_GAS_IN], _fromChainId);

125:             hToken: address(uint160(bytes20(_data[PARAMS_TKN_START:25]))),

126:             token: address(uint160(bytes20(_data[25:45]))),

127:             amount: uint256(bytes32(_data[45:77])),

128:             deposit: uint256(bytes32(_data[77:109])),

129:             toChain: uint24(bytes3(_data[109:112]))

135:         if (_data.length - PARAMS_GAS_IN > 112) {

138:                 _data[112], _data[113:_data.length - PARAMS_GAS_IN], dParams, _fromChainId

208:             IRouter(_router).anyExecuteSigned(_data[25], _data[26:_data.length - PARAMS_GAS_IN], _account, _fromChainId);

228:             depositNonce: uint32(bytes4(_data[PARAMS_START_SIGNED:25])),

229:             hToken: address(uint160(bytes20(_data[25:45]))),

230:             token: address(uint160(bytes20(_data[45:65]))),

231:             amount: uint256(bytes32(_data[65:97])),

232:             deposit: uint256(bytes32(_data[97:129])),

233:             toChain: uint24(bytes3(_data[129:132]))

239:         if (_data.length - PARAMS_GAS_IN > 132) {

242:                 _data[132], _data[133:_data.length - PARAMS_GAS_IN], dParams, _account, _fromChainId

357:         uint24 toChain = uint24(bytes3(_dParams[_dParams.length - 3:_dParams.length]));

371:                                 PARAMS_TKN_START + (PARAMS_ENTRY_SIZE * i) + 12:

383:                             PARAMS_TKN_START + PARAMS_ENTRY_SIZE * uint16(i + numOfAssets) + 12:

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L85

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

13:         ERC20(string(string.concat("Hermes - ", _name)), string(string.concat("h-", _symbol)), 18)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L13

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

44:     ) ERC20(string(string.concat("Hermes ", _name)), string(string.concat("h-", _symbol)), 18) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L44

File: uni-v3-staker/libraries/RewardMath.sol

35:                 ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10

44:             boostedSecondsInsideX128 = (secondsInsideX128 * 4) / 10;

67:         uint256 totalSecondsUnclaimedX128 = ((endTime.max(currentTime) - startTime) << 128) - totalSecondsClaimedX128;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L35

[N-19] Reverts should use customer errors instead of strings

Source

Instead of using error strings, to reduce deployment and runtime cost, you should use Custom Errors. This would save both deployment and runtime cost.

There are 283 instances of this issue:
File: erc-20/ERC20Boost.sol

118:             revert InvalidGauge();

122:         if (!_userGauges[user].add(msg.sender)) revert GaugeAlreadyAttached();

267:         if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGauge();

279:         if (!_deprecatedGauges.add(gauge)) revert InvalidGauge();

342:         if (freeGaugeBoost(user) < amount) revert AttachedBoost();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L118

File: erc-20/ERC20Gauges.sol

29:         if (_incrementFreezeWindow >= _gaugeCycleLength) revert IncrementFreezeError();

203:         if (!_gauges.contains(gauge) || _deprecatedGauges.contains(gauge)) revert InvalidGaugeError();

205:             if (cycle - block.timestamp <= incrementFreezeWindow) revert IncrementFreezeError();

212:             revert MaxGaugeError();

236:         if (newUserWeight > getVotes(user)) revert OverWeightError();

251:         if (weights.length != size) revert SizeMismatchError();

293:         if (!_gauges.contains(gauge)) revert InvalidGaugeError();

328:         if (weights.length != size) revert SizeMismatchError();

411:         if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGaugeError();

435:         if (!_deprecatedGauges.add(gauge)) revert InvalidGaugeError();

464:         if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L29

File: erc-20/ERC20MultiVotes.sol

59:         if (blockNumber >= block.number) revert BlockError();

105:         if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts

165:         if (count > 1) revert DelegationError();

191:         if (delegatee == address(0) || free < amount || amount == 0) revert DelegationError();

196:             revert DelegationError();

220:         if (userUnusedVotes(delegatee) < amount) revert UndelegationVoteError();

351:         if ((userFreeVotes + totalFreed) < votes) revert UndelegationVoteError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L59

File: erc-4626/ERC4626MultiToken.sol

48:         if (length != _assets.length || length == 0) revert InvalidLength();

172:             if (assetsAmounts[i] == 0) revert ZeroAssets();

198:         if (length != assets.length) revert InvalidLength();

248:         if (length != assets.length) revert InvalidLength();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L48

File: erc-4626/UlyssesERC4626.sol

27:         if (ERC20(_asset).decimals() != 18) revert InvalidAssetDecimals();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L27

File: gauges/BaseV2Gauge.sol

130:         if (added[bribeFlywheel]) revert FlywheelAlreadyAdded();

146:         if (!isActive[bribeFlywheel]) revert FlywheelNotActive();

156:         if (msg.sender != strategy) revert StrategyError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L130

File: gauges/UniswapV3Gauge.sol

74:         if (msg.sender != uniswapV3Staker) revert StrategyError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L74

File: gauges/factories/BaseV2GaugeFactory.sol

110:         if (address(strategyGauges[strategy]) != address(0)) revert GaugeAlreadyExists();

131:         if (!activeGauges[gauge] || gauges[gaugeIds[gauge]] != gauge) revert InvalidGauge();

145:         if (!activeGauges[gauge]) revert InvalidGauge();

152:         if (!activeGauges[gauge]) revert InvalidGauge();

162:             revert NotOwnerOrBribesFactoryOwner();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L110

File: gauges/factories/BaseV2GaugeManager.sol

111:         if (activeGaugeFactories[gaugeFactory]) revert GaugeFactoryAlreadyExists();

123:             revert NotActiveGaugeFactory();

156:         if (!activeGaugeFactories[BaseV2GaugeFactory(msg.sender)]) revert NotActiveGaugeFactory();

161:         if (msg.sender != admin) revert NotAdmin();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L111

File: gauges/factories/BribesFactory.sol

80:         if (address(flywheelTokens[bribeToken]) != address(0)) revert BribeFlywheelAlreadyExists();

107:             revert Unauthorized();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L80

File: gauges/factories/UniswapV3GaugeFactory.sol

99:         if (!activeGauges[BaseV2Gauge(gauge)]) revert InvalidGauge();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L99

File: governance/GovernorBravoDelegator.sol

62:             if eq(success, 0) { revert(add(returnData, 0x20), returndatasize()) }

80:             case 0 { revert(free_mem_ptr, returndatasize()) }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L62

File: hermes/bHermes.sol

71:             revert InsufficientShares();

79:             revert InsufficientShares();

87:             revert InsufficientShares();

146:         ) revert InsufficientUnderlying();

164:         ) revert InsufficientUnderlying();

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L71

File: hermes/minters/BaseV2Minter.sol

79:         if (initializer != msg.sender) revert NotInitializer();

93:         if (_daoShare > max_dao_share) revert DaoShareTooHigh();

99:         if (_tail_emission > max_tail_emission) revert TailEmissionTooHigh();

163:         if (address(flywheelGaugeRewards) != msg.sender) revert NotFlywheelGaugeRewards();

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L79

File: hermes/tokens/bHermesBoost.sol

33:         if (msg.sender != bHermes) revert NotbHermes();

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L33

File: hermes/tokens/bHermesGauges.sol

40:         if (msg.sender != bHermes) revert NotbHermes();

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L40

File: hermes/tokens/bHermesVotes.sol

40:         if (msg.sender != bHermes) revert NotbHermes();

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L40

File: maia/factories/PartnerManagerFactory.sol

81:         if (partners[partnerIds[partnerManager]] != partnerManager) revert InvalidPartnerManager();

90:         if (vaults[vaultIds[vault]] != vault) revert InvalidVault();

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L81

File: maia/tokens/ERC4626PartnerManager.sol

189:         if (factory.vaultIds(IBaseVault(newPartnerVault)) == 0) revert UnrecognizedVault();

217:         if (newRate < bHermesRate) revert InvalidRate();

220:             revert InsufficientBacking();

241:         if (amount > maxMint(to)) revert ExceedsMaxDeposit();

296:             revert InsufficientShares();

304:             revert InsufficientShares();

312:             revert InsufficientShares();

320:             revert InsufficientShares();

332:         ) revert InsufficientUnderlying();

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L189

File: maia/vMaia.sol

69:             revert InsufficientShares();

77:             revert InsufficientShares();

85:             revert InsufficientShares();

107:         if (_currentMonth == currentMonth) revert UnstakePeriodNotLive();

110:         if (!isTuesday) revert UnstakePeriodNotLive();

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L69

File: rewards/base/BaseFlywheelRewards.sol

44:         if (msg.sender != address(flywheel)) revert FlywheelError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L44

File: rewards/depots/MultiRewardsDepot.sol

48:         if (_isAsset[asset] || _isRewardsContract[rewardsContract]) revert ErrorAddingAsset();

58:         if (!_isRewardsContract[rewardsContract]) revert ErrorRemovingAsset();

73:         if (!_isRewardsContract[msg.sender]) revert FlywheelRewardsError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L48

File: rewards/depots/SingleRewardsDepot.sol

41:         if (msg.sender != address(rewardsContract)) revert FlywheelRewardsError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L41

File: rewards/rewards/FlywheelGaugeRewards.sol

83:         if (currentCycle <= lastCycle) revert CycleError();

118:         if (currentCycle <= lastCycle) revert CycleError();

174:         if (size == 0) revert EmptyGaugesError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L83

File: talos/TalosOptimizer.sol

42:         if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();

43:         if (_twapDuration < 100) revert TwapDurationTooLow();

45:             revert PriceImpactPercentageInvalid();

47:         if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();

63:         if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();

69:         if (_twapDuration < 100) revert TwapDurationTooLow();

75:         if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();

87:             revert PriceImpactPercentageInvalid();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L42

File: talos/base/TalosBaseStrategy.sol

108:         if (initialized) revert AlreadyInitialized();

151:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

158:         if (totalSupply > optimizer.maxTotalSupply()) revert ExceedingMaxTotalSupply();

212:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

219:         if (totalSupply > optimizer.maxTotalSupply()) revert ExceedingMaxTotalSupply();

252:         if (shares == 0) revert RedeemingZeroShares();

253:         if (receiver == address(0)) revert ReceiverIsZeroAddress();

273:             if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

334:         if (msg.sender != address(pool)) revert CallerIsNotPool();

335:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

399:             revert Token0AmountIsBiggerThanProtocolFees();

402:             revert Token1AmountIsBiggerThanProtocolFees();

431:         if (msg.sender != strategyManager) revert NotStrategyManager();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L108

File: talos/boost-aggregator/BoostAggregator.sol

111:         if (user != msg.sender) revert NotTokenIdOwner();

154:         if (_protocolFee > DIVISIONER) revert FeeTooHigh();

191:         if (!whitelistedAddresses[from]) revert Unauthorized();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L111

File: talos/factories/BoostAggregatorFactory.sol

52:         if (owner == address(0)) revert InvalidOwner();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L52

File: talos/factories/TalosBaseStrategyFactory.sol

62:             revert UnrecognizedOptimizer();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L62

File: talos/factories/TalosStrategyStakedFactory.sol

70:             revert InvalidNFTManager();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L70

File: talos/libraries/PoolVariables.sol

89:         if (tickLower >= tickUpper) revert LowerTickMustBeLessThanUpperTick();

90:         if (tickLower < TickMath.MIN_TICK) revert LowerTickMustBeGreaterThanMinTick();

91:         if (tickUpper > TickMath.MAX_TICK) revert UpperTickMustBeLessThanMaxTick();

203:         if (deviation > maxTwapDeviation) revert DeviationTooHigh();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L89

File: ulysses-amm/UlyssesPool.sol

160:         if (weight == 0) revert InvalidWeight();

165:         if (destinationIds[address(destination)] != 0 || destinationId == id) revert InvalidPool();

167:         if (destinationId == 0) revert NotUlyssesLP();

171:         if (index > MAX_DESTINATIONS) revert TooManyDestinations();

185:         if (newTotalWeights > MAX_TOTAL_WEIGHT) revert InvalidWeight();

224:         if (weight == 0) revert InvalidWeight();

228:         if (poolIndex == 0) revert NotUlyssesLP();

244:             revert InvalidWeight();

310:         if (_fees.lambda1 > MAX_LAMBDA1) revert InvalidFee();

312:         if (_fees.lambda1 + _fees.lambda2 != DIVISIONER / 2) revert InvalidFee();

315:         if (_fees.sigma1 > DIVISIONER) revert InvalidFee();

317:         if (_fees.sigma1 <= _fees.sigma2 || _fees.sigma2 < MIN_SIGMA2) revert InvalidFee();

324:         if (msg.sender != factory.owner()) revert Unauthorized();

327:         if (_protocolFee > MAX_PROTOCOL_FEE) revert InvalidFee();

362:                 revert(0x1c, 0x04)

370:                 revert(0x1c, 0x04)

407:                     revert(0x1c, 0x04)

471:                         revert(0x1c, 0x04)

497:                         revert(0x1c, 0x04)

566:                 revert(0x1c, 0x04)

593:                     revert(0x1c, 0x04)

603:                     revert(0x1c, 0x04)

617:                     revert(0x1c, 0x04)

649:                         revert(0x1c, 0x04)

665:                 revert(0x1c, 0x04)

715:                 revert(0x1c, 0x04)

726:                 revert(0x1c, 0x04)

861:                 revert(0x1c, 0x04)

874:                 revert(0x1c, 0x04)

1013:                 revert(0x1c, 0x04)

1080:                 revert(0x1c, 0x04)

1104:                 revert(0x1c, 0x04)

1121:                 revert(0x1c, 0x04)

1133:                 revert(0x1c, 0x04)

1158:                 revert(0x1c, 0x04)

1165:                 revert(0x1c, 0x04)

1181:                 revert(0x1c, 0x04)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L160

File: ulysses-amm/UlyssesRouter.sol

36:             if (address(ulysses) == address(0)) revert UnrecognizedUlyssesLP();

54:         if (amount < minOutput) revert OutputTooLow();

64:         if (amount < minOutput) revert OutputTooLow();

86:         if (amount < minOutput) revert OutputTooLow();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L36

File: ulysses-amm/UlyssesToken.sol

45:         if (assetId[asset] != 0) revert AssetAlreadyAdded();

66:         if (newAssetsLength == 0) revert CannotRemoveLastAsset();

89:         if (_weights.length != assets.length) revert InvalidWeightsLength();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L45

File: ulysses-amm/factories/UlyssesFactory.sol

66:         revert("Cannot renounce ownership");

84:         if (address(asset) == address(0)) revert InvalidAsset();

97:         if (length != weights.length) revert ParameterLengthError();

108:             if (length != weights[i].length) revert ParameterLengthError();

148:             if (destination == address(0)) revert InvalidPoolId();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L66

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

135:         revert GasErrorOrRepeatedTx();

185:         if (msg.sender != rootBridgeAgentAddress) revert AnycallUnauthorizedCaller();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L135

File: ulysses-omnichain/ArbitrumBranchPort.sol

50:         if (globalToken == address(0)) revert UnknownUnderlyingToken();

63:             revert UnknownToken();

68:         if (underlyingAddress == address(0)) revert UnknownUnderlyingToken();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L50

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

84:             revert UnrecognizedBridgeAgentFactory();

94:             revert UnrecognizedBridgeAgent();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L84

File: ulysses-omnichain/BaseBranchRouter.sol

139:         if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedBridgeAgentExecutor();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L139

File: ulysses-omnichain/BranchBridgeAgent.sol

327:         if (getDeposit[_depositNonce].owner != msg.sender) revert NotDepositOwner();

453:             revert DepositRedeemUnavailable();

816:         ) revert InvalidInput();

1375:         if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedBridgeAgentExecutor();

1387:         if (msg.sender != localAnyCallExecutorAddress) revert AnycallUnauthorizedCaller();

1389:         if (from != rootBridgeAgentAddress) revert AnycallUnauthorizedCaller();

1400:         if (msg.sender != localRouterAddress) revert UnrecognizedCallerNotRouter();

1411:         if (msg.value <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGas();

1416:         if (_depositedGas <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGas();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L327

File: ulysses-omnichain/BranchPort.sol

114:         revert("Cannot renounce ownership");

159:         if (_amount > _excessReserves(_token)) revert InsufficientReserves();

173:         if (!isStrategyToken[_token]) revert UnrecognizedStrategyToken();

174:         if (!isPortStrategy[_strategy][_token]) revert UnrecognizedPortStrategy();

332:         if (_minimumReservesRatio >= DIVISIONER) revert InvalidMinimumReservesRatio();

353:         if (!isStrategyToken[_token]) revert UnrecognizedStrategyToken();

398:         if (msg.sender != coreBranchRouterAddress) revert UnrecognizedCore();

404:         if (!isBridgeAgent[msg.sender]) revert UnrecognizedBridgeAgent();

410:         if (!isBridgeAgentFactory[msg.sender]) revert UnrecognizedBridgeAgentFactory();

416:         if (!isPortStrategy[msg.sender][_token]) revert UnrecognizedPortStrategy();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L114

File: ulysses-omnichain/CoreBranchRouter.sol

134:             revert UnrecognizedBridgeAgentFactory();

144:             revert UnrecognizedBridgeAgent();

178:         if (!IPort(localPortAddress).isBridgeAgent(_branchBridgeAgent)) revert UnrecognizedBridgeAgent();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L134

File: ulysses-omnichain/CoreRootRouter.sol

91:             revert UnauthorizedCallerNotManager();

95:         if (!IPort(rootPortAddress).isChainId(_toChain)) revert InvalidChainId();

98:         if (IBridgeAgent(_rootBridgeAgent).getBranchBridgeAgent(_toChain) != address(0)) revert InvalidChainId();

101:         if (!IBridgeAgent(_rootBridgeAgent).isBranchBridgeAgentAllowed(_toChain)) revert UnauthorizedChainId();

146:         if (_toChain == rootChainId) revert InvalidChainId();

149:             revert UnrecognizedGlobalToken();

154:             revert TokenAlreadyAdded();

190:         ) revert TokenAlreadyAdded();

210:         if (IPort(rootPortAddress).isLocalToken(_localAddress, _toChain)) revert TokenAlreadyAdded();

234:             revert UnrecognizedBridgeAgentFactory();

386:         revert();

396:         revert();

407:         revert();

418:         revert();

428:         revert();

453:         if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedBridgeAgentExecutor();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L91

File: ulysses-omnichain/MulticallRootRouter.sol

172:         revert();

245:         revert();

255:         revert();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L172

File: ulysses-omnichain/RootBridgeAgent.sol

261:             revert SettlementRedeemUnavailable();

265:             revert NotSettlementOwner();

302:             revert InvalidInputParams();

347:             if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();

390:             revert InvalidInputParams();

397:         if (globalAddress == address(0)) revert InvalidInputParams();

453:             if (_localAddress == address(0)) revert UnrecognizedLocalAddress();

459:             if (_underlyingAddress == address(0)) revert UnrecognizedUnderlyingAddress();

461:                 revert InsufficientBalanceForSettlement();

647:         if (!approvedGasPool[msg.sender]) revert CallerIsNotPool();

648:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

665:         if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();

709:         if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();

758:             if (userFeeInfo.gasToBridgeOut <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGasForFees();

761:             if (msg.value <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGasForFees();

778:         if (callee == address(0)) revert UnrecognizedBridgeAgent();

1234:         if (initialGas == 0) revert GasErrorOrRepeatedTx();

1249:         if (getBranchBridgeAgent[_branchChainId] != address(0)) revert AlreadyAddedBridgeAgent();

1260:         if (msg.sender != daoAddress) revert NotDao();

1290:         if (msg.sender != localAnyCallExecutorAddress) revert AnycallUnauthorizedCaller();

1292:         if (getBranchBridgeAgent[fromChainId] != from) revert AnycallUnauthorizedCaller();

1303:         if (msg.sender != localRouterAddress) revert UnrecognizedCallerNotRouter();

1308:         if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedExecutor();

1315:             revert UnrecognizedExecutor();

1322:         if (msg.sender != localPortAddress) revert UnrecognizedPort();

1329:             revert UnrecognizedBridgeAgentManager();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L261

File: ulysses-omnichain/RootPort.sol

166:         revert("Cannot renounce ownership");

280:         if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();

294:         if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();

300:         if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();

309:         if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();

318:         if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();

330:         if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();

367:         if (isBridgeAgent[_bridgeAgent]) revert AlreadyAddedBridgeAgent();

384:             revert AlreadyAddedBridgeAgent();

387:             revert BridgeAgentNotAllowed();

492:         if (isGlobalAddress[_ecoTokenGlobalAddress]) revert AlreadyAddedEcosystemToken();

496:         ) revert AlreadyAddedEcosystemToken();

511:         if (!isBridgeAgentFactory[msg.sender]) revert UnrecognizedBridgeAgentFactory();

517:         if (!isBridgeAgent[msg.sender]) revert UnrecognizedBridgeAgent();

523:         if (!(msg.sender == coreRootRouterAddress)) revert UnrecognizedCoreRootRouter();

529:         if (!(msg.sender == localBranchPortAddress)) revert UnrecognizedLocalBranchPort();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L166

File: ulysses-omnichain/VirtualAccount.sol

50:             if (!success) revert CallFailed();

71:             revert UnauthorizedCaller();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L50

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

76:         if (msg.sender != localCoreRouterAddress) revert UnrecognizedCoreRouter();

82:         if (msg.sender != localPortAddress) revert UnrecognizedPort();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L76

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

76:             revert UnrecognizedCoreRouter();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L76

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

58:         if (msg.sender != rootPortAddress) revert UnrecognizedPort();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L58

File: uni-v3-staker/UniswapV3Staker.sol

138:         if (reward <= 0) revert IncentiveRewardMustBePositive();

144:         if (address(pool) == address(0)) revert IncentiveCallerMustBeRegisteredGauge();

158:         if (reward <= 0) revert IncentiveRewardMustBePositive();

162:         if (startTime != key.startTime) revert IncentiveStartTimeNotAtEndOfAnEpoch();

164:         if (startTime <= block.timestamp) revert IncentiveStartTimeMustBeNowOrInTheFuture();

166:             revert IncentiveStartTimeTooFarIntoFuture();

170:             revert IncentiveCannotBeCreatedForPoolWithNoGauge();

189:             revert EndIncentiveBeforeEndTime();

198:         if (refund == 0) revert EndIncentiveNoRefundAvailable();

199:         if (incentive.numberOfStakes > 0) revert EndIncentiveWhileStakesArePresent();

224:         if (msg.sender != address(_nonfungiblePositionManager)) revert TokenNotUniswapV3NFT();

244:         if (to == address(0)) revert InvalidRecipient();

248:         if (deposit.owner != msg.sender) revert NotCalledByOwner();

249:         if (deposit.stakedTimestamp != 0) revert TokenStakedError();

310:             if (liquidity == 0) revert TokenNotStaked();

374:         if ((isNotRestake || block.timestamp < endTime) && owner != msg.sender) revert NotCalledByOwner();

411:             if (liquidity == 0) revert TokenNotStaked();

467:         if (deposits[tokenId].stakedTimestamp != 0) revert TokenStakedError();

483:         if (incentives[incentiveId].totalRewardUnclaimed == 0) revert NonExistentIncentiveError();

485:         if (uint24(tickUpper - tickLower) < poolsMinimumWidth[pool]) revert RangeTooSmallError();

486:         if (liquidity == 0) revert NoLiquidityError();

492:         if (tokenOwner == address(0)) revert TokenNotDeposited();

529:         if (uniswapV3Gauge == address(0)) revert InvalidGauge();

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L138

File: uni-v3-staker/libraries/IncentiveTime.sol

40:         if (stakedTimestamp < start) revert InvalidStartTime();

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L40

[N-20] Event missing indexed field

There are 16 instances of this issue:
File: erc-4626/interfaces/IERC4626MultiToken.sol

178:     event AssetAdded(address asset, uint256 weight);

184:     event AssetRemoved(address asset);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626MultiToken.sol#L178

File: gauges/interfaces/IBaseV2GaugeManager.sol

111:     event AddedGaugeFactory(address gaugeFactory);

114:     event RemovedGaugeFactory(address gaugeFactory);

117:     event ChangedbHermesGaugeOwner(address newOwner);

120:     event ChangedAdmin(address newAdmin);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeManager.sol#L111

File: governance/GovernorBravoInterfaces.sol

6:     event ProposalCreated(
7:         uint256 id,
8:         address proposer,
9:         address[] targets,
10:         uint256[] values,
11:         string[] signatures,
12:         bytes[] calldatas,
13:         uint256 startBlock,
14:         uint256 endBlock,
15:         string description
16:     );

42:     event NewImplementation(address oldImplementation, address newImplementation);

48:     event NewPendingAdmin(address oldPendingAdmin, address newPendingAdmin);

51:     event NewAdmin(address oldAdmin, address newAdmin);

54:     event WhitelistAccountExpirationSet(address account, uint256 expiration);

57:     event WhitelistGuardianSet(address oldGuardian, address newGuardian);

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L6-L16

File: ulysses-omnichain/interfaces/IRootPort.sol

315:     event BridgeAgentAdded(address indexed bridgeAgent, address manager);

322:     event VirtualAccountCreated(address indexed user, address account);

324:     event LocalTokenAdded(
325:         address indexed underlyingAddress, address localAddress, address globalAddress, uint24 chainId
326:     );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootPort.sol#L315

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

296:     event BribeDepotUpdated(IUniswapV3Pool indexed uniswapV3Pool, address bribeDepot);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L296

[N-21] Constants in comparisons should appear on the left side

Doing so will prevent typo bugs

There are 180 instances of this issue:
File: erc-20/ERC20Boost.sol

267:         if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGauge();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L267

File: erc-20/ERC20Gauges.sol

411:         if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGaugeError();

539:             if (userGaugeWeight != 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L411

File: erc-20/ERC20MultiVotes.sol

169:         if (count == 1) {

175:         if (newDelegatee != address(0)) {

191:         if (delegatee == address(0) || free < amount || amount == 0) revert DelegationError();

224:         if (newDelegates == 0) {

334:             if (votesToFree != 0) {

376:         require(signer != address(0));

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L169

File: erc-4626/ERC4626MultiToken.sol

48:         if (length != _assets.length || length == 0) revert InvalidLength();

51:             require(ERC20(_assets[i]).decimals() == 18);

172:             if (assetsAmounts[i] == 0) revert ZeroAssets();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L48

File: erc-4626/UlyssesERC4626.sol

27:         if (ERC20(_asset).decimals() != 18) revert InvalidAssetDecimals();

40:         require(shares != 0, "ZERO_SHARES");

50:         require(assets != 0, "ZERO_ASSETS");

75:         require(assets != 0, "ZERO_ASSETS");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L27

File: gauges/factories/BaseV2GaugeFactory.sol

110:         if (address(strategyGauges[strategy]) != address(0)) revert GaugeAlreadyExists();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L110

File: gauges/factories/BribesFactory.sol

73:         if (address(flywheelTokens[bribeToken]) == address(0)) createBribeFlywheel(bribeToken);

80:         if (address(flywheelTokens[bribeToken]) != address(0)) revert BribeFlywheelAlreadyExists();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L73

File: governance/GovernorBravoDelegateMaia.sol

63:         require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");

65:         require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");

66:         require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");

112:         require(initialProposalId != 0, "GovernorBravo::propose: Governor Bravo not active");

123:         require(targets.length != 0, "GovernorBravo::propose: must provide actions");

127:         if (latestProposalId != 0) {

146:         require(newProposal.id == 0, "GovernorBravo::propose: ProposalID collsion");

310:         } else if (proposal.eta == 0) {

350:         require(signatory != address(0), "GovernorBravo::castVoteBySig: invalid signature");

369:         if (support == 0) {

371:         } else if (support == 1) {

373:         } else if (support == 2) {

476:         require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");

508:             msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L63

File: governance/GovernorBravoDelegator.sol

44:             implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L44

File: hermes/UtilityManager.sol

70:         if (amount == 0) return;

79:         if (amount == 0) return;

88:         if (amount == 0) return;

111:         if (amount == 0) return;

120:         if (amount == 0) return;

129:         if (amount == 0) return;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L70

File: hermes/minters/BaseV2Minter.sol

126:         if (block.timestamp >= _period + week && initializer == address(0)) {

145:             if (dao != address(0)) underlying.safeTransfer(dao, share);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L126

File: maia/PartnerUtilityManager.sol

75:         if (partnerVault != address(0) && address(gaugeWeight).balanceOf(address(this)) > 0) {

85:         if (partnerVault != address(0) && address(gaugeBoost).balanceOf(address(this)) > 0) {

95:         if (partnerVault != address(0) && address(governance).balanceOf(address(this)) > 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L75

File: maia/tokens/ERC4626PartnerManager.sol

189:         if (factory.vaultIds(IBaseVault(newPartnerVault)) == 0) revert UnrecognizedVault();

192:         if (oldPartnerVault != address(0)) IBaseVault(oldPartnerVault).clearAll();

206:         if (newPartnerVault != address(0)) IBaseVault(newPartnerVault).applyAll();

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L189

File: rewards/base/FlywheelCore.sol

77:         if (index == 0) return 0;

87:         if (index == 0) return (0, 0);

97:         if (accrued != 0) {

116:         require(strategyIndex[strategy] == 0, "strategy");

170:             if (supplyTokens != 0) {

190:         if (supplierIndex == 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L77

File: rewards/rewards/FlywheelGaugeRewards.sol

128:         if (offset == 0) {

174:         if (size == 0) revert EmptyGaugesError();

210:         if (queuedRewards.priorCycleRewards == 0 && (queuedRewards.cycleRewards == 0 || incompleteCycle)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L128

File: talos/TalosOptimizer.sol

44:         if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {

47:         if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();

63:         if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();

86:         if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L44

File: talos/TalosStrategyStaked.sol

141:         if (liquidity == 0) return; // can't unstake when liquidity is zero

174:         if (liquidity == 0) return; // can't stake when liquidity is zero

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L141

File: talos/TalosStrategyVanilla.sol

105:         if (liquidity == 0) return; // no fees to collect when liquidity is zero

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L105

File: talos/base/TalosBaseStrategy.sol

151:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

212:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

252:         if (shares == 0) revert RedeemingZeroShares();

253:         if (receiver == address(0)) revert ReceiverIsZeroAddress();

273:             if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

335:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

351:         if (_liquidity == 0) return;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L151

File: talos/boost-aggregator/BoostAggregator.sol

125:             if (rewardsDepot != address(0)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L125

File: talos/factories/BoostAggregatorFactory.sol

52:         if (owner == address(0)) revert InvalidOwner();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L52

File: talos/factories/TalosBaseStrategyFactory.sol

61:         if (optimizerFactory.optimizerIds(TalosOptimizer(address(optimizer))) == 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L61

File: ulysses-amm/UlyssesPool.sol

88:         require(_owner != address(0));

91:         require(_id != 0);

160:         if (weight == 0) revert InvalidWeight();

165:         if (destinationIds[address(destination)] != 0 || destinationId == id) revert InvalidPool();

167:         if (destinationId == 0) revert NotUlyssesLP();

224:         if (weight == 0) revert InvalidWeight();

228:         if (poolIndex == 0) revert NotUlyssesLP();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L88

File: ulysses-amm/UlyssesRouter.sol

33:         if (address(ulysses) == address(0)) {

36:             if (address(ulysses) == address(0)) revert UnrecognizedUlyssesLP();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L33

File: ulysses-amm/UlyssesToken.sol

30:         require(_id != 0);

45:         if (assetId[asset] != 0) revert AssetAlreadyAdded();

46:         require(ERC20(asset).decimals() == 18);

66:         if (newAssetsLength == 0) revert CannotRemoveLastAsset();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L30

File: ulysses-amm/factories/UlyssesFactory.sol

61:         require(_owner != address(0), "Owner cannot be 0");

84:         if (address(asset) == address(0)) revert InvalidAsset();

148:             if (destination == address(0)) revert InvalidPoolId();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L61

File: ulysses-omnichain/ArbitrumBranchPort.sol

34:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

50:         if (globalToken == address(0)) revert UnknownUnderlyingToken();

68:         if (underlyingAddress == address(0)) revert UnknownUnderlyingToken();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L34

File: ulysses-omnichain/BaseBranchRouter.sol

38:         require(_localBridgeAgentAddress != address(0), "Bridge Agent address cannot be 0");

147:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L38

File: ulysses-omnichain/BranchBridgeAgent.sol

151:         require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");

152:         require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");

153:         require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");

154:         require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");

155:         require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");

332:         if (uint8(getDeposit[_depositNonce].hTokens.length) == 1) {

1367:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L151

File: ulysses-omnichain/BranchPort.sol

95:         require(_owner != address(0), "Owner is zero address");

100:         require(coreBranchRouterAddress == address(0), "Contract already initialized");

103:         require(_coreBranchRouter != address(0), "CoreBranchRouter is zero address");

104:         require(_bridgeAgentFactory != address(0), "BridgeAgentFactory is zero address");

302:         require(coreBranchRouterAddress != address(0), "CoreRouter address is zero");

303:         require(_newCoreRouter != address(0), "New CoreRouter address is zero");

424:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L95

File: ulysses-omnichain/CoreRootRouter.sol

98:         if (IBridgeAgent(_rootBridgeAgent).getBranchBridgeAgent(_toChain) != address(0)) revert InvalidChainId();

439:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L98

File: ulysses-omnichain/MulticallRootRouter.sol

65:         require(_localPortAddress != address(0), "Local Port Address cannot be 0");

66:         require(_multicallAddress != address(0), "Multicall Address cannot be 0");

75:         require(_bridgeAgentAddress != address(0), "Bridge Agent Address cannot be 0");

495:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L65

File: ulysses-omnichain/RootBridgeAgent.sol

210:         require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");

211:         require(_daoAddress != address(0), "DAO cannot be zero address");

212:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");

213:         require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");

214:         require(_localPortAddress != address(0), "Port Address cannot be zero address");

215:         require(_localRouterAddress != address(0), "Router Address cannot be zero address");

246:         if (initialGas == 0) {

260:         if (getSettlement[_depositNonce].status != SettlementStatus.Failed || depositOwner == address(0)) {

301:         if (localAddress == address(0) || (underlyingAddress == address(0) && _deposit > 0)) {

347:             if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();

397:         if (globalAddress == address(0)) revert InvalidInputParams();

453:             if (_localAddress == address(0)) revert UnrecognizedLocalAddress();

459:             if (_underlyingAddress == address(0)) revert UnrecognizedUnderlyingAddress();

555:         if (settlement.owner == address(0)) return false;

598:             if (settlement.hTokens[i] != address(0)) {

648:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

665:         if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();

709:         if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();

778:         if (callee == address(0)) revert UnrecognizedBridgeAgent();

1234:         if (initialGas == 0) revert GasErrorOrRepeatedTx();

1249:         if (getBranchBridgeAgent[_branchChainId] != address(0)) revert AlreadyAddedBridgeAgent();

1274:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L210

File: ulysses-omnichain/RootPort.sol

115:         require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");

130:         require(_bridgeAgentFactory != address(0), "Bridge Agent Factory cannot be 0 address.");

131:         require(_coreRootRouter != address(0), "Core Root Router cannot be 0 address.");

147:         require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0 address.");

148:         require(_coreLocalBranchBridgeAgent != address(0), "Core Local Branch Bridge Agent cannot be 0 address.");

149:         require(_localBranchPortAddress != address(0), "Local Branch Port Address cannot be 0 address.");

159:         require(_owner != address(0), "Owner cannot be 0 address.");

342:         if (address(account) == address(0)) account = addVirtualAccount(_user);

383:         if (IBridgeAgent(_rootBridgeAgent).getBranchBridgeAgent(_branchChainId) != address(0)) {

494:             getUnderlyingTokenFromLocal[_ecoTokenGlobalAddress][localChainId] != address(0)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L115

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

64:         require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");

65:         require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");

66:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be 0");

67:         require(_localAnyCallExecutorAddress != address(0), "Anyexec Address cannot be 0");

68:         require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");

69:         require(_localPortAddress != address(0), "Port Address cannot be 0");

70:         require(_owner != address(0), "Owner cannot be 0");

84:         require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L64

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

28:         require(_localPortAddress != address(0), "Port address cannot be 0");

36:         require(_coreRouter != address(0), "CoreRouter address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L28

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

34:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

41:         require(_coreRouter != address(0), "CoreRouter address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L34

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

55:         require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");

56:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

57:         require(_daoAddress != address(0), "DAO Address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L55

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

45:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

46:         require(_factoryAddress != address(0), "Factory Address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L45

File: uni-v3-staker/UniswapV3Staker.sol

144:         if (address(pool) == address(0)) revert IncentiveCallerMustBeRegisteredGauge();

169:         if (address(gauges[key.pool]) == address(0)) {

198:         if (refund == 0) revert EndIncentiveNoRefundAvailable();

244:         if (to == address(0)) revert InvalidRecipient();

249:         if (deposit.stakedTimestamp != 0) revert TokenStakedError();

264:         if (amountRequested != 0 && amountRequested < reward) {

310:             if (liquidity == 0) revert TokenNotStaked();

342:         if (incentiveId.startTime != 0) _unstakeToken(incentiveId, tokenId, true);

357:         if (incentiveId.startTime != 0) _unstakeToken(incentiveId, tokenId, true);

380:             if (bribeAddress != address(0)) {

411:             if (liquidity == 0) revert TokenNotStaked();

467:         if (deposits[tokenId].stakedTimestamp != 0) revert TokenStakedError();

483:         if (incentives[incentiveId].totalRewardUnclaimed == 0) revert NonExistentIncentiveError();

486:         if (liquidity == 0) revert NoLiquidityError();

492:         if (tokenOwner == address(0)) revert TokenNotDeposited();

529:         if (uniswapV3Gauge == address(0)) revert InvalidGauge();

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L144

[N-22] Use modifier instead of require/if for special msg.sender

If functions are only allowed to be called by the special actor, modifier should be used instead of checking with require statement, if actor is the msg.sender calling the function.

There are 11 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

56:     function initialize(
57:         address timelock_,
58:         address govToken_,
59:         uint256 votingPeriod_,
60:         uint256 votingDelay_,
61:         uint256 proposalThreshold_
62:     ) public virtual {
63:         require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");
64:         require(msg.sender == admin, "GovernorBravo::initialize: admin only");
65:         require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");
66:         require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");
67:         require(
68:             votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
69:             "GovernorBravo::initialize: invalid voting period"
70:         );
71:         require(
72:             votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
73:             "GovernorBravo::initialize: invalid voting delay"
74:         );
75:         require(
76:             proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
77:             "GovernorBravo::initialize: invalid proposal threshold"
78:         );
79:
80:         timelock = TimelockInterface(timelock_);
81:         govToken = GovTokenInterface(govToken_);
82:         votingPeriod = votingPeriod_;
83:         votingDelay = votingDelay_;
84:         proposalThreshold = proposalThreshold_;
85:     }

397:     function _setVotingDelay(uint256 newVotingDelay) external {
398:         require(msg.sender == admin, "GovernorBravo::_setVotingDelay: admin only");
399:         require(
400:             newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
401:             "GovernorBravo::_setVotingDelay: invalid voting delay"
402:         );
403:         uint256 oldVotingDelay = votingDelay;
404:         votingDelay = newVotingDelay;
405:
406:         emit VotingDelaySet(oldVotingDelay, votingDelay);
407:     }

413:     function _setVotingPeriod(uint256 newVotingPeriod) external {
414:         require(msg.sender == admin, "GovernorBravo::_setVotingPeriod: admin only");
415:         require(
416:             newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
417:             "GovernorBravo::_setVotingPeriod: invalid voting period"
418:         );
419:         uint256 oldVotingPeriod = votingPeriod;
420:         votingPeriod = newVotingPeriod;
421:
422:         emit VotingPeriodSet(oldVotingPeriod, votingPeriod);
423:     }

430:     function _setProposalThreshold(uint256 newProposalThreshold) external {
431:         require(msg.sender == admin, "GovernorBravo::_setProposalThreshold: admin only");
432:         require(
433:             newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
434:             "GovernorBravo::_setProposalThreshold: invalid proposal threshold"
435:         );
436:         uint256 oldProposalThreshold = proposalThreshold;
437:         proposalThreshold = newProposalThreshold;
438:
439:         emit ProposalThresholdSet(oldProposalThreshold, proposalThreshold);
440:     }

461:     function _setWhitelistGuardian(address account) external {
462:         require(msg.sender == admin, "GovernorBravo::_setWhitelistGuardian: admin only");
463:         address oldGuardian = whitelistGuardian;
464:         whitelistGuardian = account;
465:
466:         emit WhitelistGuardianSet(oldGuardian, whitelistGuardian);
467:     }

474:     function _initiate(address governorAlpha) external {
475:         require(msg.sender == admin, "GovernorBravo::_initiate: admin only");
476:         require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");
477:         proposalCount = GovernorAlpha(governorAlpha).proposalCount();
478:         initialProposalId = proposalCount;
479:         timelock.acceptAdmin();
480:     }

487:     function _setPendingAdmin(address newPendingAdmin) external {
488:         // Check caller = admin
489:         require(msg.sender == admin, "GovernorBravo:_setPendingAdmin: admin only");
490:
491:         // Save current value, if any, for inclusion in log
492:         address oldPendingAdmin = pendingAdmin;
493:
494:         // Store pendingAdmin with value newPendingAdmin
495:         pendingAdmin = newPendingAdmin;
496:
497:         // Emit NewPendingAdmin(oldPendingAdmin, newPendingAdmin)
498:         emit NewPendingAdmin(oldPendingAdmin, newPendingAdmin);
499:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L56-L85

File: governance/GovernorBravoDelegator.sol

41:     function _setImplementation(address implementation_) public {
42:         require(msg.sender == admin, "GovernorBravoDelegator::_setImplementation: admin only");
43:         require(
44:             implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
45:         );
46:
47:         address oldImplementation = implementation;
48:         implementation = implementation_;
49:
50:         emit NewImplementation(oldImplementation, implementation);
51:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L41-L51

File: ulysses-omnichain/MulticallRootRouter.sol

508:     function _requiresExecutor() internal view {
509:         require(msg.sender == bridgeAgentExecutorAddress, "Unauthorized Caller");
510:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L508-L510

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

79:     function createBridgeAgent(
80:         address _newBranchRouterAddress,
81:         address _rootBridgeAgentAddress,
82:         address _rootBridgeAgentFactoryAddress
83:     ) external virtual override returns (address newBridgeAgent) {
84:         require(
85:             msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
86:         );
87:         require(
88:             _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
89:             "Root Bridge Agent Factory Address does not match."
90:         );
91:
92:         newBridgeAgent = address(
93:             DeployArbitrumBranchBridgeAgent.deploy(
94:                 wrappedNativeToken,
95:                 rootChainId,
96:                 _rootBridgeAgentAddress,
97:                 localAnyCallAddress,
98:                 localAnyCallExecutorAddress,
99:                 _newBranchRouterAddress,
100:                 localPortAddress
101:             )
102:         );
103:
104:         IPort(localPortAddress).addBridgeAgent(newBridgeAgent);
105:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L79-L105

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

113:     function createBridgeAgent(
114:         address _newBranchRouterAddress,
115:         address _rootBridgeAgentAddress,
116:         address _rootBridgeAgentFactoryAddress
117:     ) external virtual returns (address newBridgeAgent) {
118:         require(
119:             msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
120:         );
121:         require(
122:             _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
123:             "Root Bridge Agent Factory Address does not match."
124:         );
125:
126:         newBridgeAgent = address(
127:             DeployBranchBridgeAgent.deploy(
128:                 wrappedNativeToken,
129:                 rootChainId,
130:                 localChainId,
131:                 _rootBridgeAgentAddress,
132:                 localAnyCallAddress,
133:                 localAnyCallExecutorAddress,
134:                 _newBranchRouterAddress,
135:                 localPortAddress
136:             )
137:         );
138:
139:         IPort(localPortAddress).addBridgeAgent(newBridgeAgent);
140:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L113-L140

[N-23] Use multiple require() and if statements instead of &&

Using multiple require() and if improves code readability and makes it easier to debug.

There are 44 instances of this issue:
File: erc-20/ERC20Gauges.sol

211:         if (added && _userGauges[user].length() > maxGauges && !canContractExceedMaxGauges[user]) {

464:         if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L211

File: erc-20/ERC20MultiVotes.sol

105:         if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts

194:         if (newDelegate && delegateCount(delegator) > maxDelegates && !canContractExceedMaxDelegates[delegator]) {

250:         if (pos > 0 && ckpts[pos - 1].fromBlock == block.number) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L105

File: gauges/factories/BaseV2GaugeFactory.sol

161:         if (msg.sender != bribesFactory.owner() && msg.sender != owner()) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L161

File: governance/GovernorBravoDelegateMaia.sol

68:             votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,

72:             votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,

76:             proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,

120:             targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,

234:         if (msg.sender != proposal.proposer && msg.sender != admin) {

238:                     (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount())

299:             proposalCount >= proposalId && proposalId > initialProposalId, "GovernorBravo::state: invalid proposal id"

400:             newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,

416:             newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,

433:             newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,

508:             msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L68

File: hermes/minters/BaseV2Minter.sol

126:         if (block.timestamp >= _period + week && initializer == address(0)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L126

File: maia/PartnerUtilityManager.sol

75:         if (partnerVault != address(0) && address(gaugeWeight).balanceOf(address(this)) > 0) {

85:         if (partnerVault != address(0) && address(gaugeBoost).balanceOf(address(this)) > 0) {

95:         if (partnerVault != address(0) && address(governance).balanceOf(address(this)) > 0) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L75

File: rewards/rewards/FlywheelGaugeRewards.sol

210:         if (queuedRewards.priorCycleRewards == 0 && (queuedRewards.cycleRewards == 0 || incompleteCycle)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L210

File: talos/base/TalosBaseStrategy.sol

151:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

212:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

273:             if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

335:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

408:         require(balance0 >= amount0 && balance1 >= amount1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L151

File: talos/libraries/PoolVariables.sol

98:         if (tick < 0 && tick % tickSpacing != 0) compressed--;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98

File: ulysses-amm/factories/UlyssesFactory.sol

111:                 if (j != i && weights[i][j] > 0) pools[poolIds[i]].addNewBandwidth(poolIds[j], weights[i][j]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L111

File: ulysses-omnichain/BranchBridgeAgent.sol

474:         if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();

499:         if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();

521:         if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();

543:         if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L474

File: ulysses-omnichain/RootBridgeAgent.sol

57:                 || (_dParams.amount > 0 && !IPort(_localPortAddress).isLocalToken(_dParams.hToken, _fromChain)) //Check local exists.

58:                 || (_dParams.deposit > 0 && !IPort(_localPortAddress).isUnderlyingToken(_dParams.token, _fromChain)) //Check underlying exists.

263:             msg.sender != depositOwner && msg.sender != address(IPort(localPortAddress).getUserAccount(depositOwner))

301:         if (localAddress == address(0) || (underlyingAddress == address(0) && _deposit > 0)) {

347:             if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();

648:         if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L57

File: ulysses-omnichain/VirtualAccount.sol

70:         if ((!IRootPort(localPortAddress).isRouterApproved(this, msg.sender)) && (msg.sender != userAddress)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L70

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

75:         if (msg.sender != coreRootRouterAddress && msg.sender != rootPortAddress) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L75

File: uni-v3-staker/UniswapV3Staker.sol

264:         if (amountRequested != 0 && amountRequested < reward) {

374:         if ((isNotRestake || block.timestamp < endTime) && owner != msg.sender) revert NotCalledByOwner();

402:             if (hermesGaugeBoost.isUserGauge(owner, address(gauge)) && _userAttachements[owner][key.pool] == tokenId) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L264

[N-24] else-block not required

One level of nesting can be removed by not having an else block when the if-block returns:

There are 5 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

314:         } else if (block.timestamp >= add256(proposal.eta, timelock.GRACE_PERIOD())) {
315:             return ProposalState.Expired;
316:         } else {
317:             return ProposalState.Queued;
318:         }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L314-L318

File: ulysses-amm/UlyssesPool.sol

138:         if (balance > assets) {
139:             return balance - assets;
140:         } else {
141:             return 0;
142:         }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L138-L142

File: ulysses-omnichain/BranchBridgeAgent.sol

1189:         } else if (flag == 0x02) {
1190:             //Get deposit nonce
1191:             uint32 nonce = uint32(bytes4(data[22:26]));
1192:
1193:             //Check if tx has already been executed
1194:             if (executionHistory[nonce]) {
1195:                 _forceRevert();
1196:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1197:                 return (true, "already executed tx");
1198:             }
1199:
1200:             //Try to execute remote request
1201:             try BranchBridgeAgentExecutor(bridgeAgentExecutorAddress).executeWithSettlementMultiple(
1202:                 recipient, localRouterAddress, data
1203:             ) returns (bool, bytes memory res) {
1204:                 (success, result) = (true, res);
1205:             } catch (bytes memory reason) {
1206:                 result = reason;
1207:             }
1208:
1209:             //Update tx state as executed
1210:             executionHistory[nonce] = true;
1211:
1212:             //Unrecognized Function Selector
1213:         } else {
1214:             emit LogCallin(flag, data, rootChainId);
1215:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1216:             _payExecutionGas(recipient, initialGas);
1217:             return (false, "unknown selector");
1218:         }

1287:         } else if (flag == 0x06) {
1288:             //Save nonce
1289:             _depositNonce = uint32(
1290:                 bytes4(data[PARAMS_START_SIGNED + PARAMS_START:PARAMS_START_SIGNED + PARAMS_TKN_START + PARAMS_START])
1291:             );
1292:
1293:             //Make tokens available to depositor.
1294:             _clearDeposit(_depositNonce);
1295:
1296:             emit LogCalloutFail(flag, data, rootChainId);
1297:
1298:             //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1299:             _payFallbackGas(_depositNonce, initialGas);
1300:
1301:             return (true, "");
1302:
1303:             //Unrecognized Function Selector
1304:         } else {
1305:             return (false, "unknown selector");
1306:         }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1189-L1218

File: ulysses-omnichain/RootBridgeAgent.sol

1141:         } else if (flag == 0x08) {
1142:             //Get nonce
1143:             uint32 nonce = uint32(bytes4(data[1:5]));
1144:
1145:             //Check if tx has already been executed
1146:             if (!executionHistory[fromChainId][uint32(bytes4(data[1:5]))]) {
1147:                 //Toggle Nonce as executed
1148:                 executionHistory[fromChainId][nonce] = true;
1149:
1150:                 //Retry failed fallback
1151:                 (success, result) = (false, "");
1152:             } else {
1153:                 _forceRevert();
1154:                 //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1155:                 return (true, "already executed tx");
1156:             }
1157:
1158:             //Unrecognized Function Selector
1159:         } else {
1160:             //Zero out gas after use if remote call
1161:             if (initialGas > 0) {
1162:                 _payExecutionGas(userFeeInfo.depositedGas, userFeeInfo.gasToBridgeOut, _initialGas, fromChainId);
1163:             }
1164:
1165:             return (false, "unknown selector");
1166:         }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L1141-L1166

[N-25] Unsigned divisions can be marked as unchecked

Divisions which do not divide by -1 cannot overflow or overflow so such operations can be unchecked to save gas

There are 7 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

136:             uint256 share = (_required * daoShare) / base;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L136

File: rewards/base/FlywheelCore.sol

201:         uint256 supplierDelta = (supplierTokens * deltaIndex) / ONE;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L201

File: talos/TalosStrategyVanilla.sol

120:         uint256 earnedProtocolFees0 = (collect0 * _protocolFee) / _GLOBAL_DIVISIONER;

121:         uint256 earnedProtocolFees1 = (collect1 * _protocolFee) / _GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L120

File: talos/boost-aggregator/BoostAggregator.sol

119:             uint256 newProtocolRewards = (pendingRewards * protocolFee) / DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L119

File: ulysses-omnichain/RootBridgeAgent.sol

677:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

720:             uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677

[N-26] Import only specific files

Using import declarations of the form import {<identifier_name>} from "some/file.sol" avoids polluting the symbol namespace making flattened files smaller, and speeds up compilation

There are 2 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

4: import "./GovernorBravoInterfaces.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L4

File: governance/GovernorBravoDelegator.sol

4: import "./GovernorBravoInterfaces.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L4

[N-27] require()/revert() statements should have descriptive reason strings

There are 35 instances of this issue:
File: erc-20/ERC20Boost.sol

139:         require(_userGauges[user].remove(msg.sender));

191:         require(_userGauges[msg.sender].remove(gauge));

213:                 require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.

239:             require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L139

File: erc-20/ERC20Gauges.sol

302:             require(_userGauges[user].remove(gauge));

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L302

File: erc-20/ERC20MultiVotes.sol

225:             require(_delegates[delegator].remove(delegatee));

339:                     require(_delegates[user].remove(delegatee)); // Remove from set. Should never fail.

376:         require(signer != address(0));

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L225

File: erc-4626/ERC4626MultiToken.sol

51:             require(ERC20(_assets[i]).decimals() == 18);

52:             require(_weights[i] > 0);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L51

File: rewards/rewards/FlywheelGaugeRewards.sol

90:         require(rewardToken.balanceOf(address(this)) - balanceBefore >= totalQueuedForCycle);

132:             require(rewardToken.balanceOf(address(this)) - balanceBefore >= newRewards);

133:             require(newRewards <= type(uint112).max); // safe cast

182:             require(queuedRewards.storedCycle < currentCycle);

187:             require(nextRewards <= type(uint112).max); // safe cast

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L90

File: talos/base/TalosBaseStrategy.sol

408:         require(balance0 >= amount0 && balance1 >= amount1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L408

File: ulysses-amm/UlyssesPool.sol

88:         require(_owner != address(0));

91:         require(_id != 0);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L88

File: ulysses-amm/UlyssesToken.sol

30:         require(_id != 0);

46:         require(ERC20(asset).decimals() == 18);

47:         require(_weight > 0);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L30

File: ulysses-omnichain/BaseBranchRouter.sol

147:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L147

File: ulysses-omnichain/BranchBridgeAgent.sol

1367:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1367

File: ulysses-omnichain/BranchPort.sol

424:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L424

File: ulysses-omnichain/CoreRootRouter.sol

386:         revert();

396:         revert();

407:         revert();

418:         revert();

428:         revert();

439:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L386

File: ulysses-omnichain/MulticallRootRouter.sol

172:         revert();

245:         revert();

255:         revert();

495:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L172

File: ulysses-omnichain/RootBridgeAgent.sol

1274:         require(_unlocked == 1);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L1274

[N-28] Interfaces should be indicated with an I prefix in the contract name

There are 6 instances of this issue:
File: erc-20/interfaces/Errors.sol

7: interface Errors {
8:     /// @notice thrown when attempting to approve an EOA that must be a contract
9:     error NonContractError();
10: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/Errors.sol#L7-L10

File: governance/GovernorBravoInterfaces.sol

169: interface TimelockInterface {
170:     function delay() external view returns (uint256);
171:     function GRACE_PERIOD() external view returns (uint256);
172:     function acceptAdmin() external;
173:     function queuedTransactions(bytes32 hash) external view returns (bool);
174:     function queueTransaction(
175:         address target,
176:         uint256 value,
177:         string calldata signature,
178:         bytes calldata data,
179:         uint256 eta
180:     ) external returns (bytes32);
181:     function cancelTransaction(
182:         address target,
183:         uint256 value,
184:         string calldata signature,
185:         bytes calldata data,
186:         uint256 eta
187:     ) external;
188:     function executeTransaction(
189:         address target,
190:         uint256 value,
191:         string calldata signature,
192:         bytes calldata data,
193:         uint256 eta
194:     ) external payable returns (bytes memory);
195: }

197: interface GovTokenInterface {
198:     function getPriorVotes(address account, uint256 blockNumber) external view returns (uint96);
199:
200:     function totalSupply() external view returns (uint256);
201: }

203: interface GovernorAlpha {
204:     /// @notice The total number of proposals
205:     function proposalCount() external returns (uint256);
206: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L169-L195

File: talos/interfaces/AutomationCompatibleInterface.sol

4: interface AutomationCompatibleInterface {
5:     /**
6:      * @notice method that is simulated by the keepers to see if any work actually
7:      * needs to be performed. This method does does not actually need to be
8:      * executable, and since it is only ever simulated it can consume lots of gas.
9:      * @dev To ensure that it is never called, you may want to add the
10:      * cannotExecute modifier from KeeperBase to your implementation of this
11:      * method.
12:      * @param checkData specified in the upkeep registration so it is always the
13:      * same for a registered upkeep. This can easily be broken down into specific
14:      * arguments using `abi.decode`, so multiple upkeeps can be registered on the
15:      * same contract and easily differentiated by the contract.
16:      * @return upkeepNeeded boolean to indicate whether the keeper should call
17:      * performUpkeep or not.
18:      * @return performData bytes that the keeper should call performUpkeep with, if
19:      * upkeep is needed. If you would like to encode data to decode later, try
20:      * `abi.encode`.
21:      */
22:     function checkUpkeep(bytes calldata checkData) external returns (bool upkeepNeeded, bytes memory performData);
23:
24:     /**
25:      * @notice method that is actually executed by the keepers, via the registry.
26:      * The data returned by the checkUpkeep simulation will be passed into
27:      * this method to actually be executed.
28:      * @dev The input to this method should not be trusted, and the caller of the
29:      * method should not even be restricted to any single registry. Anyone should
30:      * be able call it, and the input should be validated, there is no guarantee
31:      * that the data passed in is the performData returned from checkUpkeep. This
32:      * could happen due to malicious keepers, racing keepers, or simply a state
33:      * change while the performUpkeep transaction is waiting for confirmation.
34:      * Always validate the data passed in.
35:      * @param performData is the data which was passed back from the checkData
36:      * simulation. If it is encoded, it can easily be decoded into other types by
37:      * calling `abi.decode`. This data should not be trusted, and should be
38:      * validated against the contract's current state.
39:      */
40:     function performUpkeep(bytes calldata performData) external;
41: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/AutomationCompatibleInterface.sol#L4-L41

File: ulysses-omnichain/interfaces/IWETH9.sol

4: interface WETH9 {
5:     function withdraw(uint256 wad) external;
6:
7:     function deposit() external payable;
8:
9:     function balanceOf(address guy) external view returns (uint256 wad);
10:
11:     function transfer(address dst, uint256 wad) external;
12: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IWETH9.sol#L4-L12

[N-29] Redundant return statement with named return variable

Adding a return statement when the function defines a named return variable is redundant.

There are 22 instances of this issue:
File: erc-20/ERC20Gauges.sol

188:     function incrementGauge(address gauge, uint112 weight) external nonReentrant returns (uint112 newUserWeight) {

248:         returns (uint256 newUserWeight)

273:     function decrementGauge(address gauge, uint112 weight) external nonReentrant returns (uint112 newUserWeight) {

325:         returns (uint112 newUserWeight)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L188

File: rewards/depots/SingleRewardsDepot.sol

32:     function getRewards() external override onlyFlywheelRewards returns (uint256 balance) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L32

File: talos/TalosManager.sol

91:     function checkUpkeep(bytes calldata) external view override returns (bool upkeepNeeded, bytes memory performData) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L91

File: ulysses-amm/UlyssesPool.sol

683:         returns (uint256 fee)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L683

File: ulysses-amm/UlyssesToken.sol

39:     function totalAssets() public view override returns (uint256 _totalAssets) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L39

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

116:         returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L116

File: ulysses-omnichain/BaseBranchRouter.sol

105:         returns (bool success, bytes memory result)

116:         returns (bool success, bytes memory result)

127:         returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L105

File: ulysses-omnichain/BranchBridgeAgent.sol

1122:         returns (bool success, bytes memory result)

1231:         returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1122

File: ulysses-omnichain/CoreBranchRouter.sol

234:         returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L234

File: ulysses-omnichain/MulticallRootRouter.sol

351:     ) external payable override requiresExecutor lock returns (bool success, bytes memory result) {

427:     ) external payable requiresExecutor lock returns (bool success, bytes memory result) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L351

File: ulysses-omnichain/RootBridgeAgent.sol

864:         returns (bool success, bytes memory result)

1181:         returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L864

File: uni-v3-staker/libraries/IncentiveId.sol

16:     function compute(IUniswapV3Staker.IncentiveKey memory key) internal pure returns (bytes32 incentiveId) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L16

File: uni-v3-staker/libraries/IncentiveTime.sol

17:     function computeStart(uint256 timestamp) internal pure returns (uint96 start) {

23:     function computeEnd(uint256 timestamp) internal pure returns (uint96 end) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L17

[N-30] Use safeTransferOwnership instead of transferOwnership function

There are 3 instances of this issue:
File: gauges/factories/BaseV2GaugeManager.sol

138:         bHermesGaugeWeight.transferOwnership(newOwner);

139:         bHermesGaugeBoost.transferOwnership(newOwner);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L138

File: ulysses-amm/factories/UlyssesFactory.sol

124:             pools[poolIds[i]].transferOwnership(owner);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L124

[N-31] Contract name must be in CamelCase.

There are 7 instances of this issue:
File: erc-4626/ERC4626.sol

13: abstract contract ERC4626 is ERC20, IERC4626 {
14:     using SafeTransferLib for address;
15:     using FixedPointMathLib for uint256;
16:
17:     /*//////////////////////////////////////////////////////////////
18:                                IMMUTABLES
19:     //////////////////////////////////////////////////////////////*/
20:
21:     ERC20 public immutable asset;
22:
23:     constructor(ERC20 _asset, string memory _name, string memory _symbol) ERC20(_name, _symbol, _asset.decimals()) {
24:         asset = _asset;
25:     }
26:
27:     /*//////////////////////////////////////////////////////////////
28:                         DEPOSIT/WITHDRAWAL LOGIC
29:     //////////////////////////////////////////////////////////////*/
30:
31:     /// @inheritdoc IERC4626
32:     function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {
33:         // Check for rounding error since we round down in previewDeposit.
34:         require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");
35:
36:         // Need to transfer before minting or ERC777s could reenter.
37:         address(asset).safeTransferFrom(msg.sender, address(this), assets);
38:
39:         _mint(receiver, shares);
40:
41:         emit Deposit(msg.sender, receiver, assets, shares);
42:
43:         afterDeposit(assets, shares);
44:     }
45:
46:     /// @inheritdoc IERC4626
47:     function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {
48:         assets = previewMint(shares); // No need to check for rounding error, previewMint rounds up.
49:
50:         // Need to transfer before minting or ERC777s could reenter.
51:         address(asset).safeTransferFrom(msg.sender, address(this), assets);
52:
53:         _mint(receiver, shares);
54:
55:         emit Deposit(msg.sender, receiver, assets, shares);
56:
57:         afterDeposit(assets, shares);
58:     }
59:
60:     /// @inheritdoc IERC4626
61:     function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256 shares) {
62:         shares = previewWithdraw(assets); // No need to check for rounding error, previewWithdraw rounds up.
63:
64:         if (msg.sender != owner) {
65:             uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
66:
67:             if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
68:         }
69:
70:         beforeWithdraw(assets, shares);
71:
72:         _burn(owner, shares);
73:
74:         emit Withdraw(msg.sender, receiver, owner, assets, shares);
75:
76:         address(asset).safeTransfer(receiver, assets);
77:     }
78:
79:     /// @inheritdoc IERC4626
80:     function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256 assets) {
81:         if (msg.sender != owner) {
82:             uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
83:
84:             if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
85:         }
86:
87:         // Check for rounding error since we round down in previewRedeem.
88:         require((assets = previewRedeem(shares)) != 0, "ZERO_ASSETS");
89:
90:         beforeWithdraw(assets, shares);
91:
92:         _burn(owner, shares);
93:
94:         emit Withdraw(msg.sender, receiver, owner, assets, shares);
95:
96:         address(asset).safeTransfer(receiver, assets);
97:     }
98:
99:     /*//////////////////////////////////////////////////////////////
100:                             ACCOUNTING LOGIC
101:     //////////////////////////////////////////////////////////////*/
102:
103:     function totalAssets() public view virtual returns (uint256);
104:
105:     /// @inheritdoc IERC4626
106:     function convertToShares(uint256 assets) public view virtual returns (uint256) {
107:         uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
108:
109:         return supply == 0 ? assets : assets.mulDiv(supply, totalAssets());
110:     }
111:
112:     /// @inheritdoc IERC4626
113:     function convertToAssets(uint256 shares) public view virtual returns (uint256) {
114:         uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
115:
116:         return supply == 0 ? shares : shares.mulDiv(totalAssets(), supply);
117:     }
118:
119:     /// @inheritdoc IERC4626
120:     function previewDeposit(uint256 assets) public view virtual returns (uint256) {
121:         return convertToShares(assets);
122:     }
123:
124:     /// @inheritdoc IERC4626
125:     function previewMint(uint256 shares) public view virtual returns (uint256) {
126:         uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
127:
128:         return supply == 0 ? shares : shares.mulDivUp(totalAssets(), supply);
129:     }
130:
131:     /// @inheritdoc IERC4626
132:     function previewWithdraw(uint256 assets) public view virtual returns (uint256) {
133:         uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
134:
135:         return supply == 0 ? assets : assets.mulDivUp(supply, totalAssets());
136:     }
137:
138:     /// @inheritdoc IERC4626
139:     function previewRedeem(uint256 shares) public view virtual returns (uint256) {
140:         return convertToAssets(shares);
141:     }
142:
143:     /*//////////////////////////////////////////////////////////////
144:                      DEPOSIT/WITHDRAWAL LIMIT LOGIC
145:     //////////////////////////////////////////////////////////////*/
146:
147:     /// @inheritdoc IERC4626
148:     function maxDeposit(address) public view virtual returns (uint256) {
149:         return type(uint256).max;
150:     }
151:
152:     /// @inheritdoc IERC4626
153:     function maxMint(address) public view virtual returns (uint256) {
154:         return type(uint256).max;
155:     }
156:
157:     /// @inheritdoc IERC4626
158:     function maxWithdraw(address owner) public view virtual returns (uint256) {
159:         return convertToAssets(balanceOf[owner]);
160:     }
161:
162:     /// @inheritdoc IERC4626
163:     function maxRedeem(address owner) public view virtual returns (uint256) {
164:         return balanceOf[owner];
165:     }
166:
167:     /*//////////////////////////////////////////////////////////////
168:                           INTERNAL HOOKS LOGIC
169:     //////////////////////////////////////////////////////////////*/
170:
171:     function beforeWithdraw(uint256 assets, uint256 shares) internal virtual {}
172:
173:     function afterDeposit(uint256 assets, uint256 shares) internal virtual {}
174: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L13-L174

File: hermes/bHermes.sol

52: contract bHermes is UtilityManager, ERC4626DepositOnly {
53:     using SafeTransferLib for address;
54:
55:     constructor(ERC20 _hermes, address _owner, uint32 _gaugeCycleLength, uint32 _incrementFreezeWindow)
56:         UtilityManager(
57:             address(new bHermesGauges(_owner, _gaugeCycleLength, _incrementFreezeWindow)),
58:             address(new bHermesBoost(_owner)),
59:             address(new bHermesVotes(_owner))
60:         )
61:         ERC4626DepositOnly(_hermes, "Burned Hermes: Gov + Yield + Boost", "bHermes")
62:     {}
63:
64:     /*///////////////////////////////////////////////////////////////
65:                             MODIFIERS
66:     //////////////////////////////////////////////////////////////*/
67:
68:     /// @dev Checks available weight allows for the call.
69:     modifier checkWeight(uint256 amount) override {
70:         if (balanceOf[msg.sender] < amount + userClaimedWeight[msg.sender]) {
71:             revert InsufficientShares();
72:         }
73:         _;
74:     }
75:
76:     /// @dev Checks available boost allows for the call.
77:     modifier checkBoost(uint256 amount) override {
78:         if (balanceOf[msg.sender] < amount + userClaimedBoost[msg.sender]) {
79:             revert InsufficientShares();
80:         }
81:         _;
82:     }
83:
84:     /// @dev Checks available governance allows for the call.
85:     modifier checkGovernance(uint256 amount) override {
86:         if (balanceOf[msg.sender] < amount + userClaimedGovernance[msg.sender]) {
87:             revert InsufficientShares();
88:         }
89:         _;
90:     }
91:
92:     /*///////////////////////////////////////////////////////////////
93:                             UTILITY MANAGER LOGIC
94:     //////////////////////////////////////////////////////////////*/
95:
96:     function claimOutstanding() public virtual {
97:         uint256 balance = balanceOf[msg.sender];
98:         /// @dev Never overflows since balandeOf >= userClaimed.
99:         claimWeight(balance - userClaimedWeight[msg.sender]);
100:         claimBoost(balance - userClaimedBoost[msg.sender]);
101:         claimGovernance(balance - userClaimedGovernance[msg.sender]);
102:     }
103:
104:     /*///////////////////////////////////////////////////////////////
105:                             ERC4626 LOGIC
106:     //////////////////////////////////////////////////////////////*/
107:
108:     /**
109:      * @notice Computes the amounts of tokens available in the contract.
110:      * @dev Front-running first deposit vulnerability is not an
111:      *      issue since in the initial state:
112:      *      total assets (~90,000,000 ether) are larger than the
113:      *      underlying's remaining circulating supply (~30,000,000 ether).
114:      */
115:     function totalAssets() public view virtual override returns (uint256) {
116:         return address(asset).balanceOf(address(this));
117:     }
118:
119:     /*///////////////////////////////////////////////////////////////
120:                              ERC20 LOGIC
121:     //////////////////////////////////////////////////////////////*/
122:
123:     /**
124:      * @notice Mint new bHermes and its underlying tokens: governance, boost and gauge tokens
125:      * @param to address to mint new tokens for
126:      * @param amount amounts of new tokens to mint
127:      */
128:     function _mint(address to, uint256 amount) internal virtual override {
129:         gaugeWeight.mint(address(this), amount);
130:         gaugeBoost.mint(address(this), amount);
131:         governance.mint(address(this), amount);
132:         super._mint(to, amount);
133:     }
134:
135:     /**
136:      * @notice Transfer bHermes and its underlying tokens.
137:      * @param to address to transfer the tokens to
138:      * @param amount amounts of tokens to transfer
139:      */
140:     function transfer(address to, uint256 amount) public virtual override returns (bool) {
141:         uint256 userBalance = balanceOf[msg.sender];
142:
143:         if (
144:             userBalance - userClaimedWeight[msg.sender] < amount || userBalance - userClaimedBoost[msg.sender] < amount
145:                 || userBalance - userClaimedGovernance[msg.sender] < amount
146:         ) revert InsufficientUnderlying();
147:
148:         return super.transfer(to, amount);
149:     }
150:
151:     /**
152:      * @notice Transfer bHermes and its underlying tokens from a specific account
153:      * @param from address to transfer the tokens from
154:      * @param to address to transfer the tokens to
155:      * @param amount amounts of tokens to transfer
156:      */
157:
158:     function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
159:         uint256 userBalance = balanceOf[from];
160:
161:         if (
162:             userBalance - userClaimedWeight[from] < amount || userBalance - userClaimedBoost[from] < amount
163:                 || userBalance - userClaimedGovernance[from] < amount
164:         ) revert InsufficientUnderlying();
165:
166:         return super.transferFrom(from, to, amount);
167:     }
168:
169:     /*///////////////////////////////////////////////////////////////
170:                                 ERRORS
171:     //////////////////////////////////////////////////////////////*/
172:     /// @notice Insufficient Underlying assets in the vault for transfer.
173:     error InsufficientUnderlying();
174: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L52-L174

File: hermes/tokens/HERMES.sol

47: contract HERMES is ERC20, Ownable {
48:     constructor(address _owner) ERC20("Hermes", "HERMES", 18) {
49:         _initializeOwner(_owner);
50:     }
51:
52:     /*///////////////////////////////////////////////////////////////
53:                         ERC20 LOGIC
54:     //////////////////////////////////////////////////////////////*/
55:
56:     /**
57:      * @notice Responsible for minting new hermes tokens.
58:      * @dev Checks if the sender is an allowed minter.
59:      * @param account account to mint tokens to.
60:      * @param amount amount of hermes to mint.
61:      */
62:     function mint(address account, uint256 amount) external onlyOwner {
63:         _mint(account, amount);
64:     }
65: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L47-L65

File: hermes/tokens/bHermesBoost.sol

18: contract bHermesBoost is ERC20Boost, IbHermesUnderlying {
19:     /// @inheritdoc IbHermesUnderlying
20:     address public immutable bHermes;
21:
22:     constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {
23:         _initializeOwner(_owner);
24:         bHermes = msg.sender;
25:     }
26:
27:     /// @inheritdoc IbHermesUnderlying
28:     function mint(address to, uint256 amount) external onlybHermes {
29:         _mint(to, amount);
30:     }
31:
32:     modifier onlybHermes() {
33:         if (msg.sender != bHermes) revert NotbHermes();
34:         _;
35:     }
36: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L18-L36

File: hermes/tokens/bHermesGauges.sol

22: contract bHermesGauges is ERC20Gauges, IbHermesUnderlying {
23:     /// @inheritdoc IbHermesUnderlying
24:     address public immutable bHermes;
25:
26:     constructor(address _owner, uint32 _rewardsCycleLength, uint32 _incrementFreezeWindow)
27:         ERC20Gauges(_rewardsCycleLength, _incrementFreezeWindow)
28:         ERC20("bHermes Gauges", "bHERMES-G", 18)
29:     {
30:         _initializeOwner(_owner);
31:         bHermes = msg.sender;
32:     }
33:
34:     /// @inheritdoc IbHermesUnderlying
35:     function mint(address to, uint256 amount) external onlybHermes {
36:         _mint(to, amount);
37:     }
38:
39:     modifier onlybHermes() {
40:         if (msg.sender != bHermes) revert NotbHermes();
41:         _;
42:     }
43: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L22-L43

File: hermes/tokens/bHermesVotes.sol

16: contract bHermesVotes is ERC20MultiVotes, IbHermesUnderlying {
17:     /// @inheritdoc IbHermesUnderlying
18:     address public immutable bHermes;
19:
20:     constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {
21:         _initializeOwner(_owner);
22:         bHermes = msg.sender;
23:     }
24:
25:     /// @inheritdoc IbHermesUnderlying
26:     function mint(address to, uint256 amount) external onlybHermes {
27:         _mint(to, amount);
28:     }
29:
30:     /**
31:      * @notice Burns bHermes gauge tokens
32:      * @param from account to burn tokens from
33:      * @param amount amount of tokens to burn
34:      */
35:     function burn(address from, uint256 amount) external onlybHermes {
36:         _burn(from, amount);
37:     }
38:
39:     modifier onlybHermes() {
40:         if (msg.sender != bHermes) revert NotbHermes();
41:         _;
42:     }
43: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L16-L43

File: maia/vMaia.sol

26: contract vMaia is ERC4626PartnerManager {
27:     using SafeTransferLib for address;
28:     using FixedPointMathLib for uint256;
29:
30:     /*//////////////////////////////////////////////////////////////
31:                          vMAIA STATE
32:     //////////////////////////////////////////////////////////////*/
33:
34:     uint256 private currentMonth;
35:     uint256 private unstakePeriodEnd;
36:
37:     /**
38:      * @notice Initializes the vMaia token.
39:      * @param _factory The factory that created this contract.
40:      * @param _bHermesRate The rate at which bHermes can be claimed.
41:      * @param _partnerAsset The asset that will be used to deposit to get vMaia.
42:      * @param _name The name of the token.
43:      * @param _symbol The symbol of the token.
44:      * @param _bhermes The address of the bHermes token.
45:      * @param _partnerVault The address of the partner vault.
46:      * @param _owner The owner of the token.
47:      */
48:     constructor(
49:         PartnerManagerFactory _factory,
50:         uint256 _bHermesRate,
51:         ERC20 _partnerAsset,
52:         string memory _name,
53:         string memory _symbol,
54:         address _bhermes,
55:         address _partnerVault,
56:         address _owner
57:     ) ERC4626PartnerManager(_factory, _bHermesRate, _partnerAsset, _name, _symbol, _bhermes, _partnerVault, _owner) {
58:         // Set the current month to the current month.
59:         currentMonth = DateTimeLib.getMonth(block.timestamp);
60:     }
61:
62:     /*///////////////////////////////////////////////////////////////
63:                             MODIFIERS
64:     //////////////////////////////////////////////////////////////*/
65:
66:     /// @dev Checks available weight allows for the call.
67:     modifier checkWeight(uint256 amount) virtual override {
68:         if (balanceOf[msg.sender] < amount + userClaimedWeight[msg.sender]) {
69:             revert InsufficientShares();
70:         }
71:         _;
72:     }
73:
74:     /// @dev Checks available governance allows for the call.
75:     modifier checkGovernance(uint256 amount) virtual override {
76:         if (balanceOf[msg.sender] < amount + userClaimedGovernance[msg.sender]) {
77:             revert InsufficientShares();
78:         }
79:         _;
80:     }
81:
82:     /// @dev Checks available partner governance allows for the call.
83:     modifier checkPartnerGovernance(uint256 amount) virtual override {
84:         if (balanceOf[msg.sender] < amount + userClaimedPartnerGovernance[msg.sender]) {
85:             revert InsufficientShares();
86:         }
87:         _;
88:     }
89:
90:     /// @dev Boost can't be claimed; does not fail. It is all used by the partner vault.
91:     function claimBoost(uint256 amount) public override {}
92:
93:     /*//////////////////////////////////////////////////////////////
94:                           INTERNAL HOOKS LOGIC
95:     //////////////////////////////////////////////////////////////*/
96:
97:     /**
98:      * @notice Function that performs the necessary verifications before a user can withdraw from their vMaia position.
99:      *  Checks if we're inside the unstaked period, if so then the user is able to withdraw.
100:      * If we're not in the unstake period, then there will be checks to determine if this is the beginning of the month.
101:      */
102:     function beforeWithdraw(uint256, uint256) internal override {
103:         /// @dev Check if unstake period has not ended yet, continue if it is the case.
104:         if (unstakePeriodEnd >= block.timestamp) return;
105:
106:         uint256 _currentMonth = DateTimeLib.getMonth(block.timestamp);
107:         if (_currentMonth == currentMonth) revert UnstakePeriodNotLive();
108:
109:         (bool isTuesday, uint256 _unstakePeriodStart) = DateTimeLib.isTuesday(block.timestamp);
110:         if (!isTuesday) revert UnstakePeriodNotLive();
111:
112:         currentMonth = _currentMonth;
113:         unstakePeriodEnd = _unstakePeriodStart + 1 days;
114:     }
115:
116:     /*///////////////////////////////////////////////////////////////
117:                              ERRORS
118:     //////////////////////////////////////////////////////////////*/
119:
120:     /// @dev Error thrown when trying to withdraw and it is not the first Tuesday of the month.
121:     error UnstakePeriodNotLive();
122: }

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L26-L122

[N-32] Critical functions should be a two step procedure

There are 3 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

86:     function setDao(address _dao) external onlyOwner {
87:         /// @dev DAO can be set to address(0) to disable DAO rewards.
88:         dao = _dao;
89:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86-L89

File: rewards/base/FlywheelCore.sol

125:     function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {
126:         uint256 oldRewardBalance = rewardToken.balanceOf(address(flywheelRewards));
127:         if (oldRewardBalance > 0) {
128:             rewardToken.safeTransferFrom(address(flywheelRewards), address(newFlywheelRewards), oldRewardBalance);
129:         }
130:
131:         flywheelRewards = newFlywheelRewards;
132:
133:         emit FlywheelRewardsUpdate(address(newFlywheelRewards));
134:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L125-L134

File: ulysses-omnichain/BranchPort.sol

301:     function setCoreRouter(address _newCoreRouter) external requiresCoreRouter {
302:         require(coreBranchRouterAddress != address(0), "CoreRouter address is zero");
303:         require(_newCoreRouter != address(0), "New CoreRouter address is zero");
304:         coreBranchRouterAddress = _newCoreRouter;
305:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L301-L305

[N-33] Shorthand way to write if / else statement

The normal if / else statement can be written in a shorthand way using the ternary operator. It increases readability and reduces the number of lines of code.

There are 1 instances of this issue:
File: ulysses-amm/UlyssesPool.sol

126:     function getProtocolFees() public view returns (uint256) {
127:         uint256 balance = asset.balanceOf(address(this));
128:         uint256 assets;
129:
130:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {
131:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
132:
133:             assets += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
134:
135:             assets += bandwidthStateList[i].bandwidth;
136:         }
137:
138:         if (balance > assets) {
139:             return balance - assets;
140:         } else {
141:             return 0;
142:         }
143:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L126-L143

[N-34] Use require instead of assert

The assert() function when false, uses up all the remaining gas and reverts all the changes made.\n\nMeanwhile, a require() or a custom error function when false, also reverts back all the changes made to the contract but does refund all the remaining gas fees we offered to pay.

There are 3 instances of this issue:
File: rewards/rewards/FlywheelGaugeRewards.sol

183:             assert(queuedRewards.storedCycle == 0 || queuedRewards.storedCycle >= lastCycle);

215:         assert(queuedRewards.storedCycle >= cycle);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L183

File: uni-v3-staker/libraries/RewardMath.sol

65:         assert(currentTime >= startTime);

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L65

[N-35] Imports could be organized more systematically

The contract's interface should be imported first, followed by each of the interfaces it uses, followed by all other files. The examples below do not follow this layout.

There are 119 instances of this issue:
File: erc-20/ERC20Boost.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L5

File: erc-20/ERC20Gauges.sol

5: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L5

File: erc-20/ERC20MultiVotes.sol

6: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L6

File: erc-4626/ERC4626.sol

4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L4

File: erc-4626/ERC4626DepositOnly.sol

4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L4

File: erc-4626/ERC4626MultiToken.sol

4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L4

File: erc-4626/UlyssesERC4626.sol

4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L4

File: gauges/BaseV2Gauge.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L4

File: gauges/UniswapV3Gauge.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L4

File: gauges/factories/BaseV2GaugeFactory.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L5

File: gauges/factories/BaseV2GaugeManager.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L5

File: gauges/factories/BribesFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L4

File: gauges/factories/UniswapV3GaugeFactory.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L5

File: gauges/interfaces/IBaseV2Gauge.sol

4: import {FlywheelCore} from "@rewards/FlywheelCoreStrategy.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2Gauge.sol#L4

File: gauges/interfaces/IBaseV2GaugeFactory.sol

5: import {BaseV2Gauge} from "@gauges/BaseV2Gauge.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeFactory.sol#L5

File: gauges/interfaces/IBaseV2GaugeManager.sol

5: import {bHermesBoost} from "@hermes/tokens/bHermesBoost.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeManager.sol#L5

File: gauges/interfaces/IBribesFactory.sol

4: import {FlywheelCore} from "@rewards/FlywheelCoreStrategy.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBribesFactory.sol#L4

File: gauges/interfaces/IUniswapV3GaugeFactory.sol

5: import {FlywheelGaugeRewards} from "@rewards/rewards/FlywheelGaugeRewards.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IUniswapV3GaugeFactory.sol#L5

File: governance/GovernorBravoDelegateMaia.sol

4: import "./GovernorBravoInterfaces.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L4

File: governance/GovernorBravoDelegator.sol

4: import "./GovernorBravoInterfaces.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L4

File: hermes/UtilityManager.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L5

File: hermes/bHermes.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L4

File: hermes/interfaces/IBaseV2Minter.sol

4: import {ERC4626} from "@ERC4626/ERC4626.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L4

File: hermes/interfaces/IUtilityManager.sol

4: import {bHermesBoost} from "../tokens/bHermesBoost.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IUtilityManager.sol#L4

File: hermes/minters/BaseV2Minter.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L4

File: hermes/tokens/HERMES.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L4

File: hermes/tokens/bHermesBoost.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L4

File: hermes/tokens/bHermesGauges.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L4

File: hermes/tokens/bHermesVotes.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L4

File: maia/PartnerUtilityManager.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L4

File: maia/factories/PartnerManagerFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L4

File: maia/interfaces/IERC4626PartnerManager.sol

4: import {bHermes} from "@hermes/bHermes.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IERC4626PartnerManager.sol#L4

File: maia/interfaces/IPartnerManagerFactory.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IPartnerManagerFactory.sol#L4

File: maia/interfaces/IPartnerUtilityManager.sol

4: import {bHermesVotes as ERC20Votes} from "@hermes/tokens/bHermesVotes.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IPartnerUtilityManager.sol#L4

File: maia/tokens/ERC4626PartnerManager.sol

4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L4

File: maia/tokens/Maia.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L4

File: maia/vMaia.sol

5: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L5

File: rewards/FlywheelCoreInstant.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L4

File: rewards/FlywheelCoreStrategy.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L4

File: rewards/base/BaseFlywheelRewards.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L5

File: rewards/base/FlywheelCore.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L5

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L5

File: rewards/depots/MultiRewardsDepot.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L4

File: rewards/depots/RewardsDepot.sol

4: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L4

File: rewards/depots/SingleRewardsDepot.sol

4: import {RewardsDepot, IRewardsDepot} from "./RewardsDepot.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L4

File: rewards/interfaces/IFlywheelAcummulatedRewards.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelAcummulatedRewards.sol#L5

File: rewards/interfaces/IFlywheelBooster.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBooster.sol#L5

File: rewards/interfaces/IFlywheelBribeRewards.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBribeRewards.sol#L5

File: rewards/interfaces/IFlywheelCore.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L5

File: rewards/interfaces/IFlywheelGaugeRewards.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelGaugeRewards.sol#L5

File: rewards/interfaces/IFlywheelRewards.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L5

File: rewards/rewards/FlywheelAcummulatedRewards.sol

5: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L5

File: rewards/rewards/FlywheelBribeRewards.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L5

File: rewards/rewards/FlywheelGaugeRewards.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L5

File: rewards/rewards/FlywheelInstantRewards.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L5

File: talos/TalosManager.sol

4: import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L4

File: talos/TalosOptimizer.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L5

File: talos/TalosStrategyStaked.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L4

File: talos/TalosStrategyVanilla.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L5

File: talos/base/TalosBaseStrategy.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L5

File: talos/boost-aggregator/BoostAggregator.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L4

File: talos/factories/BoostAggregatorFactory.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L4

File: talos/factories/OptimizerFactory.sol

4: import {TalosOptimizer} from "../TalosOptimizer.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L4

File: talos/factories/TalosBaseStrategyFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L4

File: talos/factories/TalosStrategyStakedFactory.sol

4: import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L4

File: talos/factories/TalosStrategyVanillaFactory.sol

5: import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L5

File: talos/interfaces/IBoostAggregator.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IBoostAggregator.sol#L4

File: talos/interfaces/IBoostAggregatorFactory.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IBoostAggregatorFactory.sol#L4

File: talos/interfaces/IOptimizerFactory.sol

4: import {TalosOptimizer} from "../TalosOptimizer.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IOptimizerFactory.sol#L4

File: talos/interfaces/ITalosBaseStrategy.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L5

File: talos/interfaces/ITalosBaseStrategyFactory.sol

4: import {INonfungiblePositionManager} from "@uniswap/v3-periphery/contracts/interfaces/INonfungiblePositionManager.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategyFactory.sol#L4

File: talos/interfaces/ITalosManager.sol

4: import {ITalosBaseStrategy} from "./ITalosBaseStrategy.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosManager.sol#L4

File: talos/interfaces/ITalosStrategyStaked.sol

4: import {FlywheelCoreInstant} from "@rewards/FlywheelCoreInstant.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosStrategyStaked.sol#L4

File: talos/interfaces/ITalosStrategyStakedFactory.sol

4: import {FlywheelCoreInstant} from "@rewards/FlywheelCoreInstant.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosStrategyStakedFactory.sol#L4

File: talos/libraries/PoolActions.sol

5: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L5

File: talos/libraries/PoolVariables.sol

5: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L5

File: talos/strategies/TalosStrategySimple.sol

4: import {TalosBaseStrategy} from "../base/TalosBaseStrategy.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/strategies/TalosStrategySimple.sol#L4

File: ulysses-amm/UlyssesPool.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L4

File: ulysses-amm/UlyssesRouter.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L4

File: ulysses-amm/UlyssesToken.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L4

File: ulysses-amm/factories/UlyssesFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L4

File: ulysses-amm/interfaces/IUlyssesFactory.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesFactory.sol#L4

File: ulysses-amm/interfaces/IUlyssesPool.sol

4: import {UlyssesPool} from "../UlyssesPool.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesPool.sol#L4

File: ulysses-amm/interfaces/IUlyssesRouter.sol

4: import {UlyssesFactory} from "../factories/UlyssesFactory.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesRouter.sol#L4

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

4: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L4

File: ulysses-omnichain/ArbitrumBranchPort.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L5

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

4: import {ERC20} from "solmate/tokens/ERC20.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L4

File: ulysses-omnichain/BaseBranchRouter.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L4

File: ulysses-omnichain/BranchBridgeAgent.sol

4: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L4

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L4

File: ulysses-omnichain/BranchPort.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L5

File: ulysses-omnichain/CoreBranchRouter.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L4

File: ulysses-omnichain/CoreRootRouter.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L4

File: ulysses-omnichain/MulticallRootRouter.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L4

File: ulysses-omnichain/RootBridgeAgent.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L4

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L4

File: ulysses-omnichain/RootPort.sol

5: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L5

File: ulysses-omnichain/VirtualAccount.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L5

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

4: import {WETH9} from "../interfaces/IWETH9.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L4

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L4

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L4

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L4

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L4

File: ulysses-omnichain/interfaces/IArbitrumBranchPort.sol

5: import {IBranchPort} from "./IBranchPort.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IArbitrumBranchPort.sol#L5

File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol

4: import {IApp} from "./IApp.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchBridgeAgent.sol#L4

File: ulysses-omnichain/interfaces/IBranchRouter.sol

4: import {
5:     Deposit,
6:     DepositInput,
7:     DepositMultipleInput,
8:     SettlementParams,
9:     SettlementMultipleParams
10: } from "./IBranchBridgeAgent.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchRouter.sol#L4-L10

File: ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol

4: import {ERC20hTokenBranch} from "../token/ERC20hTokenBranch.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol#L4

File: ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol

4: import {ERC20hTokenRoot} from "../token/ERC20hTokenRoot.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol#L4

File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol

4: import {IApp} from "./IApp.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootBridgeAgent.sol#L4

File: ulysses-omnichain/interfaces/IRootPort.sol

5: import {VirtualAccount} from "../VirtualAccount.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootPort.sol#L5

File: ulysses-omnichain/interfaces/IRootRouter.sol

4: import {DepositParams, DepositMultipleParams} from "../interfaces/IRootBridgeAgent.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootRouter.sol#L4

File: ulysses-omnichain/interfaces/IVirtualAccount.sol

4: import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IVirtualAccount.sol#L4

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L4

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

4: import {Ownable} from "solady/auth/Ownable.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L4

File: uni-v3-staker/UniswapV3Staker.sol

5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L5

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

5: import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L5

File: uni-v3-staker/libraries/IncentiveId.sol

5: import {IUniswapV3Staker} from "@v3-staker/interfaces/IUniswapV3Staker.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L5

File: uni-v3-staker/libraries/NFTPositionInfo.sol

5: import {IUniswapV3Factory} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Factory.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/NFTPositionInfo.sol#L5

File: uni-v3-staker/libraries/RewardMath.sol

5: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L5

[N-36] Constant redefined elsewhere

Consider defining in only one contract so that values cannot become out of sync when only one location is updated. A cheap way to store constants in a single location is to create an internal constant in a library. If the variable is a local cache of another contract’s value, consider making the cache variable internal or private, which will require external users to query the contract with the source of truth, so that callers don’t get out of sync.

There are 37 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

36:     uint256 public constant DIVISIONER = 1 ether;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L36

File: ulysses-amm/UlyssesPool.sol

65:     uint256 private constant DIVISIONER = 1 ether;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L65

File: talos/TalosStrategyVanilla.sol

48:     uint24 private constant GLOBAL_DIVISIONER = 1e6;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L48

File: talos/libraries/PoolVariables.sol

23:     uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L23

File: ulysses-omnichain/RootBridgeAgent.sol

640:     uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)

100:     uint8 internal constant PARAMS_START = 1;

102:     uint8 internal constant PARAMS_START_SIGNED = 21;

108:     uint8 internal constant PARAMS_GAS_OUT = 16;

112:     uint8 internal constant PARAMS_TKN_START = 5;

114:     uint8 internal constant PARAMS_AMT_OFFSET = 64;

116:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;

104:     uint8 internal constant PARAMS_ADDRESS_SIZE = 20;

106:     uint8 internal constant PARAMS_GAS_IN = 32;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L640

File: ulysses-omnichain/BranchBridgeAgent.sol

68:     uint8 internal constant PARAMS_START = 1;

70:     uint8 internal constant PARAMS_START_SIGNED = 21;

72:     uint8 internal constant PARAMS_ENTRY_SIZE = 32;

74:     uint8 internal constant PARAMS_GAS_OUT = 16;

78:     uint8 internal constant PARAMS_TKN_START = 5;

80:     uint8 internal constant PARAMS_AMT_OFFSET = 64;

82:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L68

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

32:     uint8 internal constant PARAMS_START = 1;

34:     uint8 internal constant PARAMS_START_SIGNED = 21;

38:     uint8 internal constant PARAMS_ENTRY_SIZE = 32;

44:     uint8 internal constant PARAMS_GAS_OUT = 16;

48:     uint8 internal constant PARAMS_TKN_START = 5;

50:     uint8 internal constant PARAMS_AMT_OFFSET = 64;

52:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;

40:     uint8 internal constant PARAMS_ADDRESS_SIZE = 20;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L32

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

33:     uint8 internal constant PARAMS_START = 1;

35:     uint8 internal constant PARAMS_START_SIGNED = 21;

41:     uint8 internal constant PARAMS_ENTRY_SIZE = 32;

51:     uint8 internal constant PARAMS_GAS_OUT = 16;

55:     uint8 internal constant PARAMS_TKN_START = 5;

57:     uint8 internal constant PARAMS_AMT_OFFSET = 64;

59:     uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;

43:     uint8 internal constant PARAMS_ADDRESS_SIZE = 20;

49:     uint8 internal constant PARAMS_GAS_IN = 32;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L33

[N-37] NatSpec @return argument is missing

There are 75 instances of this issue:
File: talos/TalosStrategyVanilla.sol

57: // @audit @return is missing
58: function
    constructor(
        IUniswapV3Pool _pool,
        ITalosOptimizer _optimizer,
        INonfungiblePositionManager _nonfungiblePositionManager,
        address _strategyManager,
        address _owner
    ) TalosStrategySimple(_pool, _optimizer, _nonfungiblePositionManager, _strategyManager, _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L57-L58

File: talos/TalosStrategyStaked.sol

62: // @audit @return is missing
63: function
    constructor(
        IUniswapV3Pool _pool,
        ITalosOptimizer _optimizer,
        BoostAggregator _boostAggregator,
        address _strategyManager,
        FlywheelCoreInstant _flywheel,
        address _owner
    )
        TalosStrategySimple(
            _pool,
            _optimizer,
            _boostAggregator.nonfungiblePositionManager(),
            _strategyManager,
            _owner
        )

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L62-L63

File: talos/TalosManager.sol

65: // @audit @return is missing
66: function getRebalance(ITalosBaseStrategy position) private view returns (bool)

77: // @audit @return is missing
78: function getRerange(ITalosBaseStrategy position) private view returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L65-L66

File: talos/factories/TalosStrategyVanillaFactory.sol

23: // @audit @return is missing
24: function
    constructor(INonfungiblePositionManager _nonfungiblePositionManager, OptimizerFactory _optimizerFactory)
        TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L23-L24

File: talos/factories/TalosStrategyStakedFactory.sol

39: // @audit @return is missing
40: function
    constructor(
        INonfungiblePositionManager _nonfungiblePositionManager,
        OptimizerFactory _optimizerFactory,
        BoostAggregatorFactory _boostAggregatorFactory
    ) TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L39-L40

File: maia/vMaia.sol

47: // @audit @return is missing
48: function
    constructor(
        PartnerManagerFactory _factory,
        uint256 _bHermesRate,
        ERC20 _partnerAsset,
        string memory _name,
        string memory _symbol,
        address _bhermes,
        address _partnerVault,
        address _owner
    ) ERC4626PartnerManager(_factory, _bHermesRate, _partnerAsset, _name, _symbol, _bhermes, _partnerVault, _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L47-L48

File: maia/PartnerUtilityManager.sol

35: // @audit @return is missing
36: function
    constructor(
        address _gaugeWeight,
        address _gaugeBoost,
        address _governance,
        address _partnerGovernance,
        address _partnerVault
    ) UtilityManager(_gaugeWeight, _gaugeBoost, _governance)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L35-L36

File: maia/tokens/ERC4626PartnerManager.sol

49: // @audit @return is missing
50: function
    constructor(
        PartnerManagerFactory _factory,
        uint256 _bHermesRate,
        ERC20 _partnerAsset,
        string memory _name,
        string memory _symbol,
        address _bhermes,
        address _partnerVault,
        address _owner
    )
        PartnerUtilityManager(
            address(bHermes(_bhermes).gaugeWeight()),
            address(bHermes(_bhermes).gaugeBoost()),
            address(bHermes(_bhermes).governance()),
            address(new ERC20MultiVotes(_owner)),
            partnerVault
        )
        ERC4626(
            _partnerAsset,
            string.concat(_name, " - Burned Hermes: Aggregated Gov + Yield + Boost"),
            string.concat(_symbol, "-bHermes")
        )

112: // @audit @return is missing
113: function convertToShares(uint256 assets) public view virtual override returns (uint256)

120: // @audit @return is missing
121: function convertToAssets(uint256 shares) public view virtual override returns (uint256)

128: // @audit @return is missing
129: function previewDeposit(uint256 assets) public view virtual override returns (uint256)

135: // @audit @return is missing
136: function previewMint(uint256 shares) public view virtual override returns (uint256)

142: // @audit @return is missing
143: function previewWithdraw(uint256 assets) public view virtual override returns (uint256)

150: // @audit @return is missing
151: function previewRedeem(uint256 shares) public view virtual override returns (uint256)

253: // @audit @return is missing
254: function _burn(address from, uint256 amount) internal virtual override checkTransfer(from, amount)

262: // @audit @return is missing
263: function transfer(address to, uint256 amount)
        public
        virtual
        override
        checkTransfer(msg.sender, amount)
        returns (bool)

278: // @audit @return is missing
279: function transferFrom(address from, address to, uint256 amount)
        public
        virtual
        override
        checkTransfer(from, amount)
        returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L49-L50

File: erc-20/ERC20Gauges.sol

362: // @audit @return is missing
363: function _writeGaugeWeight(
        Weight storage weight,
        function(uint112, uint112) view returns (uint112) op,
        uint112 delta,
        uint32 cycle
    ) private

495: // @audit @return is missing
496: function transfer(address to, uint256 amount) public virtual override returns (bool)

507: // @audit @return is missing
508: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L362-L363

File: erc-20/ERC20MultiVotes.sol

240: // @audit @return is missing
241: function _writeCheckpoint(address delegatee, function(uint256, uint256) view returns (uint256) op, uint256 delta)
        private

290: // @audit @return is missing
291: function transfer(address to, uint256 amount) public virtual override returns (bool)

302: // @audit @return is missing
303: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L240-L241

File: erc-20/ERC20Boost.sol

301: // @audit @return is missing
302: function _burn(address from, uint256 amount) internal override notAttached(from, amount)

311: // @audit @return is missing
312: function transfer(address to, uint256 amount) public override notAttached(msg.sender, amount) returns (bool)

322: // @audit @return is missing
323: function transferFrom(address from, address to, uint256 amount)
        public
        override
        notAttached(from, amount)
        returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L301-L302

File: ulysses-amm/UlyssesPool.sol

79: // @audit @return is missing
80: function
    constructor(
        uint256 _id,
        address _asset,
        string memory _name,
        string memory _symbol,
        address _owner,
        address _factory
    ) UlyssesERC4626(_asset, _name, _symbol)

344: // @audit @return is missing
345: function getBandwidthUpdateAmounts(
        bool roundUp,
        bool positiveTransfer,
        uint256 amount,
        uint256 _totalWeights,
        uint256 _totalSupply
    ) private view returns (uint256[] memory bandwidthUpdateAmounts, uint256 length)

538: // @audit @return is missing
539: function updateBandwidth(
        bool depositFees,
        bool positiveTransfer,
        BandwidthState storage destinationState,
        uint256 difference,
        uint256 _totalWeights,
        uint256 _totalSupply,
        uint256 _newTotalSupply
    ) private returns (uint256 positivefee, uint256 negativeFee)

841: // @audit @return is missing
842: function calcFee(
        uint256 feeTier,
        uint256 maxWidth,
        uint256 upperBound,
        uint256 bandwidth,
        uint256 offset,
        bool roundDown
    ) private pure returns (uint256 fee)

1199: // @audit @return is missing
1200: function beforeDeposit(uint256 assets) internal override returns (uint256 shares)

1208: // @audit @return is missing
1209: function beforeMint(uint256 shares) internal override returns (uint256 assets)

1217: // @audit @return is missing
1218: function afterRedeem(uint256 shares) internal override returns (uint256 assets)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L79-L80

File: ulysses-amm/UlyssesRouter.sol

30: // @audit @return is missing
31: function getUlyssesLP(uint256 id) private returns (UlyssesPool ulysses)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L30-L31

File: ulysses-amm/factories/UlyssesFactory.sol

24: // @audit @return is missing
25: function deployPool(
        uint256 id,
        address asset,
        string calldata name,
        string calldata symbol,
        address owner,
        address factory
    ) public returns (UlyssesPool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L24-L25

File: gauges/UniswapV3Gauge.sol

32: // @audit @return is missing
33: function
    constructor(
        FlywheelGaugeRewards _flywheelGaugeRewards,
        address _uniswapV3Staker,
        address _uniswapV3Pool,
        uint24 _minimumWidth,
        address _owner
    ) BaseV2Gauge(_flywheelGaugeRewards, _uniswapV3Pool, _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L32-L33

File: gauges/factories/UniswapV3GaugeFactory.sol

49: // @audit @return is missing
50: function
    constructor(
        BaseV2GaugeManager _gaugeManager,
        bHermesBoost _bHermesBoost,
        IUniswapV3Factory _factory,
        INonfungiblePositionManager _nonfungiblePositionManager,
        FlywheelGaugeRewards _flywheelGaugeRewards,
        BribesFactory _bribesFactory,
        address _owner
    ) BaseV2GaugeFactory(_gaugeManager, _bHermesBoost, _bribesFactory, _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L49-L50

File: rewards/rewards/FlywheelInstantRewards.sol

27: // @audit @return is missing
28: function
    constructor(FlywheelCore _flywheel) BaseFlywheelRewards(_flywheel)

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L27-L28

File: rewards/rewards/FlywheelBribeRewards.sol

26: // @audit @return is missing
27: function
    constructor(FlywheelCore _flywheel, uint256 _rewardsCycleLength)
        FlywheelAcummulatedRewards(_flywheel, _rewardsCycleLength)

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L26-L27

File: rewards/rewards/FlywheelAcummulatedRewards.sol

32: // @audit @return is missing
33: function
    constructor(FlywheelCore _flywheel, uint256 _rewardsCycleLength) BaseFlywheelRewards(_flywheel)

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L32-L33

File: hermes/bHermes.sol

114: // @audit @return is missing
115: function totalAssets() public view virtual override returns (uint256)

139: // @audit @return is missing
140: function transfer(address to, uint256 amount) public virtual override returns (bool)

156: // @audit @return is missing
157: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L114-L115

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

349: // @audit @return is missing
350: function _bridgeInMultiple(address _recipient, bytes calldata _dParams, uint24 _fromChain)
        internal
        returns (DepositMultipleParams memory dParams)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L349-L350

File: ulysses-omnichain/MulticallRootRouter.sol

90: // @audit @return is missing
91: function _multicall(IMulticall.Call[] memory calls)
        internal
        returns (uint256 blockNumber, bytes[] memory returnData)

184: // @audit @return is missing
185: function anyExecute(bytes1 funcId, bytes calldata encodedData, uint24)
        external
        payable
        override
        lock
        requiresExecutor
        returns (bool, bytes memory)

267: // @audit @return is missing
268: function anyExecuteSigned(bytes1 funcId, bytes calldata encodedData, address userAccount, uint24)
        external
        payable
        override
        lock
        requiresExecutor
        returns (bool, bytes memory)

344: // @audit @return is missing
345: function anyExecuteSignedDepositSingle(
        bytes1 funcId,
        bytes calldata encodedData,
        DepositParams calldata,
        address userAccount,
        uint24
    ) external payable override requiresExecutor lock returns (bool success, bytes memory result)

420: // @audit @return is missing
421: function anyExecuteSignedDepositMultiple(
        bytes1 funcId,
        bytes memory encodedData,
        DepositMultipleParams calldata,
        address userAccount,
        uint24
    ) external payable requiresExecutor lock returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L90-L91

File: ulysses-omnichain/BranchBridgeAgent.sol

936: // @audit @return is missing
937: function _getAndIncrementDepositNonce() internal returns (uint32)

1098: // @audit @return is missing
1099: function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount)

1108: // @audit @return is missing
1109: function _getContext() internal view returns (address from, uint256 fromChainId)

1339: // @audit @return is missing
1340: function _normalizeDecimals(uint256 _amount, uint8 _decimals) internal pure returns (uint256)

1348: // @audit @return is missing
1349: function _normalizeDecimalsMultiple(uint256[] memory _deposits, address[] memory _tokens)
        internal
        view
        returns (uint256[] memory deposits)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L936-L937

File: ulysses-omnichain/BranchPort.sol

387: // @audit @return is missing
388: function _denormalizeDecimals(uint256 _amount, uint8 _decimals) internal pure returns (uint256)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L387-L388

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

148: // @audit @return is missing
149: function _gasSwapIn(bytes memory gasData) internal override returns (uint256 gasAmount)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L148-L149

File: ulysses-omnichain/RootBridgeAgent.sol

49: // @audit @return is missing
50: function checkParams(address _localPortAddress, DepositParams memory _dParams, uint24 _fromChain)
        internal
        view
        returns (bool)

549: // @audit @return is missing
550: function _retrySettlement(uint32 _settlementNonce) internal returns (bool)

631: // @audit @return is missing
632: function _getAndIncrementSettlementNonce() internal returns (uint32)

658: // @audit @return is missing
659: function _gasSwapIn(uint256 _amount, uint24 _fromChain) internal returns (uint256)

702: // @audit @return is missing
703: function _gasSwapOut(uint256 _amount, uint24 _toChain) internal returns (uint256, address)

742: // @audit @return is missing
743: function _manageGasOut(uint24 _toChain) internal returns (uint128)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L49-L50

File: ulysses-omnichain/ArbitrumBranchPort.sol

32: // @audit @return is missing
33: function
    constructor(uint24 _localChainId, address _rootPortAddress, address _owner) BranchPort(_owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L32-L33

File: ulysses-omnichain/RootPort.sol

183: // @audit @return is missing
184: function _getLocalToken(address _localAddress, uint256 _fromChain, uint24 _toChain)
        internal
        view
        returns (address)

202: // @audit @return is missing
203: function _getUnderlyingTokenFromGlobal(address _globalAddress, uint24 _fromChain) internal view returns (address)

217: // @audit @return is missing
218: function _isGlobalToken(address _globalAddress, uint24 _fromChain) internal view returns (bool)

348: // @audit @return is missing
349: function addVirtualAccount(address _user) internal returns (VirtualAccount newAccount)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L183-L184

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

53: // @audit @return is missing
54: function createToken(string memory _name, string memory _symbol)
        external
        requiresCoreRouter
        returns (ERC20hTokenRoot newToken)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L53-L54

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

112: // @audit @return is missing
113: function createBridgeAgent(
        address _newBranchRouterAddress,
        address _rootBridgeAgentAddress,
        address _rootBridgeAgentFactoryAddress
    ) external virtual returns (address newBridgeAgent)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L112-L113

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

59: // @audit @return is missing
60: function createToken(string memory _name, string memory _symbol)
        external
        requiresCoreRouter
        returns (ERC20hTokenBranch newToken)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L59-L60

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

30: // @audit @return is missing
31: function
    constructor(
        uint256 _rootChainId,
        address _rootBridgeAgentFactoryAddress,
        WETH9 _wrappedNativeToken,
        address _localAnyCallAddress,
        address _localAnyCallExecutorAddress,
        address _localCoreBranchRouterAddress,
        address _localPortAddress,
        address _owner
    )
        BranchBridgeAgentFactory(
            _rootChainId,
            _rootChainId,
            _rootBridgeAgentFactoryAddress,
            _wrappedNativeToken,
            _localAnyCallAddress,
            _localAnyCallExecutorAddress,
            _localCoreBranchRouterAddress,
            _localPortAddress,
            _owner
        )

78: // @audit @return is missing
79: function createBridgeAgent(
        address _newBranchRouterAddress,
        address _rootBridgeAgentAddress,
        address _rootBridgeAgentFactoryAddress
    ) external virtual override returns (address newBridgeAgent)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L30-L31

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

37: // @audit @return is missing
38: function
    constructor(
        uint256 _localChainId,
        address _factoryAddress,
        address _rootPortAddress,
        string memory _name,
        string memory _symbol
    ) ERC20(string(string.concat("Hermes ", _name)), string(string.concat("h-", _symbol)), 18)

71: // @audit @return is missing
72: function mint(address to, uint256 amount, uint256 chainId) external requiresPort returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L37-L38

[N-38] NatSpec @param is missing

There are 35 instances of this issue:
File: talos/TalosManager.sol

65: // @audit missing @param: position
66: function getRebalance(ITalosBaseStrategy position) private view returns (bool)

77: // @audit missing @param: position
78: function getRerange(ITalosBaseStrategy position) private view returns (bool)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L65-L66

File: talos/TalosOptimizer.sol

33: // @audit missing @param: _owner
34: function
    constructor(
        uint32 _twapDuration,
        int24 _maxTwapDeviation,
        int24 _tickRangeMultiplier,
        uint24 _priceImpactPercentage,
        uint256 _maxTotalSupply,
        address _owner
    )

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L33-L34

File: maia/vMaia.sol

101: // @audit missing @param: uint256
102: function beforeWithdraw(uint256, uint256) internal override

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L101-L102

File: maia/tokens/ERC4626PartnerManager.sol

135: // @audit missing @param: shares
136: function previewMint(uint256 shares) public view virtual override returns (uint256)

142: // @audit missing @param: assets
143: function previewWithdraw(uint256 assets) public view virtual override returns (uint256)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L135-L136

File: erc-20/ERC20Gauges.sol

362: // @audit missing @param: functionno matching args for @param: cycle, op, delta
363: function _writeGaugeWeight(
        Weight storage weight,
        function(uint112, uint112) view returns (uint112) op,
        uint112 delta,
        uint32 cycle
    ) private

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L362-L363

File: erc-20/ERC20MultiVotes.sol

240: // @audit missing @param: functionno matching args for @param: op, delta
241: function _writeCheckpoint(address delegatee, function(uint256, uint256) view returns (uint256) op, uint256 delta)
        private

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L240-L241

File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol

345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity2.sol#L345-L346

File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol

345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity5.sol#L345-L346

File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol

345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity4.sol#L345-L346

File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol

345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity3.sol#L345-L346

File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol

345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external

https://github.com/code-423n4/2023-05-maia/tree/main/src/out-of-scope/governance/GovernorBravoDelegateSeverity1.sol#L345-L346

File: governance/GovernorBravoDelegateMaia.sol

343: // @audit missing @param: v, r, proposalId, support, s
344: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L343-L344

File: ulysses-amm/UlyssesPool.sol

1208: // @audit missing @param: sharesno matching args for @param: assets
1209: function beforeMint(uint256 shares) internal override returns (uint256 assets)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L1208-L1209

File: ulysses-amm/factories/UlyssesFactory.sol

82: // @audit missing @param: owner
83: function _createPool(ERC20 asset, address owner) private returns (uint256 _poolId)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L82-L83

File: gauges/UniswapV3Gauge.sol

52: // @audit missing @param: amount
53: function distribute(uint256 amount) internal override

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L52-L53

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

324: // @audit missing @param: _recipient
325: function _bridgeIn(address _recipient, DepositParams memory _dParams, uint24 _fromChain) internal

349: // @audit missing @param: _recipient
350: function _bridgeInMultiple(address _recipient, bytes calldata _dParams, uint24 _fromChain)
        internal
        returns (DepositMultipleParams memory dParams)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L324-L325

File: ulysses-omnichain/MulticallRootRouter.sol

136: // @audit missing @param: toChain
137: function _approveMultipleAndCallOut(
        address owner,
        address recipient,
        address[] memory outputTokens,
        uint256[] memory amountsOut,
        uint256[] memory depositsOut,
        uint24 toChain
    ) internal virtual

184: // @audit missing @param: funcId, encodedData, uint24
185: function anyExecute(bytes1 funcId, bytes calldata encodedData, uint24)
        external
        payable
        override
        lock
        requiresExecutor
        returns (bool, bytes memory)

267: // @audit missing @param: funcId, userAccount, encodedData, uint24
268: function anyExecuteSigned(bytes1 funcId, bytes calldata encodedData, address userAccount, uint24)
        external
        payable
        override
        lock
        requiresExecutor
        returns (bool, bytes memory)

344: // @audit missing @param: userAccount, funcId, calldata, encodedData, uint24
345: function anyExecuteSignedDepositSingle(
        bytes1 funcId,
        bytes calldata encodedData,
        DepositParams calldata,
        address userAccount,
        uint24
    ) external payable override requiresExecutor lock returns (bool success, bytes memory result)

420: // @audit missing @param: userAccount, funcId, calldata, encodedData, uint24
421: function anyExecuteSignedDepositMultiple(
        bytes1 funcId,
        bytes memory encodedData,
        DepositMultipleParams calldata,
        address userAccount,
        uint24
    ) external payable requiresExecutor lock returns (bool success, bytes memory result)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L136-L137

File: ulysses-omnichain/BranchBridgeAgent.sol

708: // @audit missing @param: _depositor
709: function _callOutAndBridgeMultiple(
        address _depositor,
        bytes calldata _params,
        DepositMultipleInput memory _dParams,
        uint128 _gasToBridgeOut,
        uint128 _remoteExecutionGas
    ) internal

1098: // @audit missing @param: gasData
1099: function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L708-L709

File: ulysses-omnichain/CoreRootRouter.sol

80: // @audit missing @param: _rootBridgeAgent
81: function addBranchToBridgeAgent(
        address _rootBridgeAgent,
        address _branchBridgeAgentFactory,
        address _newBranchRouter,
        address _gasReceiver,
        uint24 _toChain,
        uint128 _remoteExecutionGas
    ) external payable

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L80-L81

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

148: // @audit missing @param: gasData
149: function _gasSwapIn(bytes memory gasData) internal override returns (uint256 gasAmount)

155: // @audit missing @param: uint256, _recipient
156: function _payExecutionGas(address _recipient, uint256) internal override

173: // @audit missing @param: uint256, uint32
174: function _payFallbackGas(uint32, uint256) internal override

180: // @audit missing @param: uint256
181: function _replenishGas(uint256) internal override

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L148-L149

File: ulysses-omnichain/RootBridgeAgent.sol

200: // @audit missing @param: _localAnyCallExecutorAddress
201: function
    constructor(
        WETH9 _wrappedNativeToken,
        uint24 _localChainId,
        address _daoAddress,
        address _localAnyCallAddress,
        address _localAnyCallExecutorAddress,
        address _localPortAddress,
        address _localRouterAddress
    )

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L200-L201

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

74: // @audit missing @param: uint128
75: function _receiveAddBridgeAgent(
        address _newBranchRouter,
        address _branchBridgeAgentFactory,
        address _rootBridgeAgent,
        address _rootBridgeAgentFactory,
        uint128
    ) internal override

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L74-L75

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

112: // @audit missing @param: _rootBridgeAgentFactoryAddress
113: function createBridgeAgent(
        address _newBranchRouterAddress,
        address _rootBridgeAgentAddress,
        address _rootBridgeAgentFactoryAddress
    ) external virtual returns (address newBridgeAgent)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L112-L113

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

78: // @audit missing @param: _rootBridgeAgentFactoryAddress
79: function createBridgeAgent(
        address _newBranchRouterAddress,
        address _rootBridgeAgentAddress,
        address _rootBridgeAgentFactoryAddress
    ) external virtual override returns (address newBridgeAgent)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L78-L79

[G-1] Pre-increments and pre-decrements are cheaper than post-increments and post-decrements

Saves 5 gas per iteration.

There are 60 instances of this issue:
File: rewards/rewards/FlywheelGaugeRewards.sol

176:         for (uint256 i = 0; i < size; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L176

File: erc-20/ERC20Boost.sol

55:                 i++;


101:                 i++;


166:                 i++;


224:                 i++;


245:                 i++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L55

File: erc-20/ERC20Gauges.sol

117:                 i++;


158:                 i++;


266:                 i++;


346:                 i++;


548:                     i++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L117

File: erc-20/ERC20MultiVotes.sol

328:         for (uint256 i = 0; i < size && (userFreeVotes + totalFreed) < votes; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L328

File: gauges/BaseV2Gauge.sol

118:                 i++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L118

File: gauges/factories/BaseV2GaugeManager.sol

68:                 i++;


84:                 i++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L68

File: gauges/factories/BaseV2GaugeFactory.sol

81:                 i++;


97:                 i++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L81

File: uni-v3-staker/UniswapV3Staker.sol

428:         incentive.numberOfStakes--;


502:         incentives[incentiveId].numberOfStakes++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L428

File: governance/GovernorBravoDelegateMaia.sol

142:         proposalCount++;


181:         for (uint256 i = 0; i < proposal.targets.length; i++) {


215:         for (uint256 i = 0; i < proposal.targets.length; i++) {


251:         for (uint256 i = 0; i < proposal.targets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L142

File: talos/libraries/PoolVariables.sol

98:         if (tick < 0 && tick % tickSpacing != 0) compressed--;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98

File: ulysses-omnichain/RootBridgeAgent.sol

278:             abi.encodePacked(bytes1(0x00), _recipient, settlementNonce++, _data, _manageGasOut(_toChain));


633:         return settlementNonce++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L278

File: ulysses-omnichain/BranchBridgeAgent.sol

283:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {


426:             bytes1(0x07), depositNonce++, _settlementNonce, msg.value.toUint128(), _gasToBoostSettlement


719:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {


938:         return depositNonce++;


1354:         for (uint256 i = 0; i < _deposits.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L283

File: ulysses-omnichain/VirtualAccount.sol

48:         for (uint256 i = 0; i < calls.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L48

File: ulysses-omnichain/BranchPort.sol

109:         bridgeAgentFactoriesLenght++;


280:                 i++;


293:         bridgeAgentsLenght++;


311:         bridgeAgentFactoriesLenght++;


334:         strategyTokensLenght++;


355:         portStrategiesLenght++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L109

File: ulysses-omnichain/RootPort.sol

135:         bridgeAgentFactoriesLenght++;


370:         bridgeAgentsLenght++;


407:         bridgeAgentFactories[bridgeAgentsLenght++] = _bridgeAgentFactory;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L135

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

45:         hTokensLenght++;


67:         hTokensLenght++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L45

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

67:         hTokensLenght++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L67

File: erc-4626/ERC4626MultiToken.sol

60:                 i++;


72:                 i++;


83:                 i++;


174:                 i++;


205:                 i++;


219:                 i++;


238:                 i++;


254:                 i++;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L60

File: ulysses-amm/UlyssesToken.sol

95:         for (uint256 i = 0; i < assets.length; i++) {


111:         for (uint256 i = 0; i < assets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95

File: ulysses-amm/UlyssesPool.sol

130:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {


175:         for (uint256 i = 1; i < index; i++) {


211:         for (uint256 i = 1; i <= index; i++) {


232:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {


296:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {


775:      *  fee1 + fee2 * amount-->|       /|  |

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130

[G-2] Use assembly to check for address(0)

There are 31 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

126:         if (block.timestamp >= _period + week && initializer == address(0)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L126

File: erc-20/ERC20Boost.sol

267:         if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGauge();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L267

File: erc-20/ERC20Gauges.sol

411:         if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGaugeError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L411

File: erc-20/ERC20MultiVotes.sol

191:         if (delegatee == address(0) || free < amount || amount == 0) revert DelegationError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L191

File: gauges/factories/BribesFactory.sol

73:         if (address(flywheelTokens[bribeToken]) == address(0)) createBribeFlywheel(bribeToken);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L73

File: uni-v3-staker/UniswapV3Staker.sol

144:         if (address(pool) == address(0)) revert IncentiveCallerMustBeRegisteredGauge();


169:         if (address(gauges[key.pool]) == address(0)) {


244:         if (to == address(0)) revert InvalidRecipient();


492:         if (tokenOwner == address(0)) revert TokenNotDeposited();


529:         if (uniswapV3Gauge == address(0)) revert InvalidGauge();

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L144

File: governance/GovernorBravoDelegateMaia.sol

63:         require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L63

File: talos/base/TalosBaseStrategy.sol

253:         if (receiver == address(0)) revert ReceiverIsZeroAddress();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L253

File: talos/factories/BoostAggregatorFactory.sol

52:         if (owner == address(0)) revert InvalidOwner();

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L52

File: ulysses-omnichain/RootBridgeAgent.sol

260:         if (getSettlement[_depositNonce].status != SettlementStatus.Failed || depositOwner == address(0)) {


301:         if (localAddress == address(0) || (underlyingAddress == address(0) && _deposit > 0)) {


347:             if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();


397:         if (globalAddress == address(0)) revert InvalidInputParams();


453:             if (_localAddress == address(0)) revert UnrecognizedLocalAddress();


459:             if (_underlyingAddress == address(0)) revert UnrecognizedUnderlyingAddress();


555:         if (settlement.owner == address(0)) return false;


665:         if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();


709:         if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();


778:         if (callee == address(0)) revert UnrecognizedBridgeAgent();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L260

File: ulysses-omnichain/ArbitrumBranchPort.sol

50:         if (globalToken == address(0)) revert UnknownUnderlyingToken();


68:         if (underlyingAddress == address(0)) revert UnknownUnderlyingToken();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L50

File: ulysses-omnichain/BranchPort.sol

100:         require(coreBranchRouterAddress == address(0), "Contract already initialized");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L100

File: ulysses-omnichain/RootPort.sol

342:         if (address(account) == address(0)) account = addVirtualAccount(_user);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L342

File: ulysses-amm/UlyssesRouter.sol

33:         if (address(ulysses) == address(0)) {


36:             if (address(ulysses) == address(0)) revert UnrecognizedUlyssesLP();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L33

File: ulysses-amm/factories/UlyssesFactory.sol

84:         if (address(asset) == address(0)) revert InvalidAsset();


148:             if (destination == address(0)) revert InvalidPoolId();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L84

[G-3] Use custom errors instead of require

Source

Instead of using error strings, to reduce deployment and runtime cost, you should use custom errors. This would save both deployment and runtime cost.

There are 108 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

364:         require(block.timestamp <= expiry, "ERC20MultiVotes: signature expired");

375:         require(nonce == nonces[signer]++, "ERC20MultiVotes: invalid nonce");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L364

File: erc-4626/ERC4626.sol

34:         require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");

88:         require((assets = previewRedeem(shares)) != 0, "ZERO_ASSETS");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L34

File: erc-4626/ERC4626DepositOnly.sol

34:         require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L34

File: erc-4626/ERC4626MultiToken.sol

100:         require((shares = previewDeposit(assetsAmounts)) != 0, "ZERO_SHARES");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L100

File: erc-4626/UlyssesERC4626.sol

40:         require(shares != 0, "ZERO_SHARES");

50:         require(assets != 0, "ZERO_ASSETS");

75:         require(assets != 0, "ZERO_ASSETS");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L40

File: governance/GovernorBravoDelegateMaia.sol

63:         require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");

64:         require(msg.sender == admin, "GovernorBravo::initialize: admin only");

65:         require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");

66:         require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");

67:         require(
68:             votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
69:             "GovernorBravo::initialize: invalid voting period"
70:         );

71:         require(
72:             votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
73:             "GovernorBravo::initialize: invalid voting delay"
74:         );

75:         require(
76:             proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
77:             "GovernorBravo::initialize: invalid proposal threshold"
78:         );

112:         require(initialProposalId != 0, "GovernorBravo::propose: Governor Bravo not active");

114:         require(
115:             govToken.getPriorVotes(msg.sender, sub256(block.number, 1)) > getProposalThresholdAmount()
116:                 || isWhitelisted(msg.sender),
117:             "GovernorBravo::propose: proposer votes below proposal threshold"
118:         );

119:         require(
120:             targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,
121:             "GovernorBravo::propose: proposal function information arity mismatch"
122:         );

123:         require(targets.length != 0, "GovernorBravo::propose: must provide actions");

124:         require(targets.length <= proposalMaxOperations, "GovernorBravo::propose: too many actions");

129:             require(
130:                 proposersLatestProposalState != ProposalState.Active,
131:                 "GovernorBravo::propose: one live proposal per proposer, found an already active proposal"
132:             );

133:             require(
134:                 proposersLatestProposalState != ProposalState.Pending,
135:                 "GovernorBravo::propose: one live proposal per proposer, found an already pending proposal"
136:             );

146:         require(newProposal.id == 0, "GovernorBravo::propose: ProposalID collsion");

175:         require(
176:             state(proposalId) == ProposalState.Succeeded,
177:             "GovernorBravo::queue: proposal can only be queued if it is succeeded"
178:         );

197:         require(
198:             !timelock.queuedTransactions(keccak256(abi.encode(target, value, signature, data, eta))),
199:             "GovernorBravo::queueOrRevertInternal: identical proposal action already queued at eta"
200:         );

209:         require(
210:             state(proposalId) == ProposalState.Queued,
211:             "GovernorBravo::execute: proposal can only be executed if it is queued"
212:         );

228:         require(state(proposalId) != ProposalState.Executed, "GovernorBravo::cancel: cannot cancel executed proposal");

237:                 require(
238:                     (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount())
239:                         && msg.sender == whitelistGuardian,
240:                     "GovernorBravo::cancel: whitelisted proposer"
241:                 );

243:                 require(
244:                     (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount()),
245:                     "GovernorBravo::cancel: proposer above threshold"
246:                 );

298:         require(
299:             proposalCount >= proposalId && proposalId > initialProposalId, "GovernorBravo::state: invalid proposal id"
300:         );

350:         require(signatory != address(0), "GovernorBravo::castVoteBySig: invalid signature");

362:         require(state(proposalId) == ProposalState.Active, "GovernorBravo::castVoteInternal: voting is closed");

363:         require(support <= 2, "GovernorBravo::castVoteInternal: invalid vote type");

366:         require(receipt.hasVoted == false, "GovernorBravo::castVoteInternal: voter already voted");

398:         require(msg.sender == admin, "GovernorBravo::_setVotingDelay: admin only");

399:         require(
400:             newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
401:             "GovernorBravo::_setVotingDelay: invalid voting delay"
402:         );

414:         require(msg.sender == admin, "GovernorBravo::_setVotingPeriod: admin only");

415:         require(
416:             newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
417:             "GovernorBravo::_setVotingPeriod: invalid voting period"
418:         );

431:         require(msg.sender == admin, "GovernorBravo::_setProposalThreshold: admin only");

432:         require(
433:             newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
434:             "GovernorBravo::_setProposalThreshold: invalid proposal threshold"
435:         );

448:         require(
449:             msg.sender == admin || msg.sender == whitelistGuardian,
450:             "GovernorBravo::_setWhitelistAccountExpiration: admin only"
451:         );

462:         require(msg.sender == admin, "GovernorBravo::_setWhitelistGuardian: admin only");

475:         require(msg.sender == admin, "GovernorBravo::_initiate: admin only");

476:         require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");

489:         require(msg.sender == admin, "GovernorBravo:_setPendingAdmin: admin only");

507:         require(
508:             msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"
509:         );

527:         require(c >= a, "addition overflow");

532:         require(b <= a, "subtraction underflow");

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L63

File: governance/GovernorBravoDelegator.sol

42:         require(msg.sender == admin, "GovernorBravoDelegator::_setImplementation: admin only");

43:         require(
44:             implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
45:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L42

File: rewards/base/FlywheelCore.sol

116:         require(strategyIndex[strategy] == 0, "strategy");

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L116

File: ulysses-amm/factories/UlyssesFactory.sol

61:         require(_owner != address(0), "Owner cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L61

File: ulysses-omnichain/ArbitrumBranchPort.sol

34:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L34

File: ulysses-omnichain/BaseBranchRouter.sol

38:         require(_localBridgeAgentAddress != address(0), "Bridge Agent address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L38

File: ulysses-omnichain/BranchBridgeAgent.sol

151:         require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");

152:         require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");

153:         require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");

154:         require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");

155:         require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L151

File: ulysses-omnichain/BranchPort.sol

95:         require(_owner != address(0), "Owner is zero address");

100:         require(coreBranchRouterAddress == address(0), "Contract already initialized");

101:         require(!isBridgeAgentFactory[_bridgeAgentFactory], "Contract already initialized");

103:         require(_coreBranchRouter != address(0), "CoreBranchRouter is zero address");

104:         require(_bridgeAgentFactory != address(0), "BridgeAgentFactory is zero address");

302:         require(coreBranchRouterAddress != address(0), "CoreRouter address is zero");

303:         require(_newCoreRouter != address(0), "New CoreRouter address is zero");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L95

File: ulysses-omnichain/MulticallRootRouter.sol

65:         require(_localPortAddress != address(0), "Local Port Address cannot be 0");

66:         require(_multicallAddress != address(0), "Multicall Address cannot be 0");

75:         require(_bridgeAgentAddress != address(0), "Bridge Agent Address cannot be 0");

509:         require(msg.sender == bridgeAgentExecutorAddress, "Unauthorized Caller");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L65

File: ulysses-omnichain/RootBridgeAgent.sol

210:         require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");

211:         require(_daoAddress != address(0), "DAO cannot be zero address");

212:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");

213:         require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");

214:         require(_localPortAddress != address(0), "Port Address cannot be zero address");

215:         require(_localRouterAddress != address(0), "Router Address cannot be zero address");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L210

File: ulysses-omnichain/RootPort.sol

115:         require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");

129:         require(_setup, "Setup ended.");

130:         require(_bridgeAgentFactory != address(0), "Bridge Agent Factory cannot be 0 address.");

131:         require(_coreRootRouter != address(0), "Core Root Router cannot be 0 address.");

145:         require(_setup, "Setup ended.");

146:         require(isBridgeAgent[_coreRootBridgeAgent], "Core Bridge Agent doesn't exist.");

147:         require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0 address.");

148:         require(_coreLocalBranchBridgeAgent != address(0), "Core Local Branch Bridge Agent cannot be 0 address.");

149:         require(_localBranchPortAddress != address(0), "Local Branch Port Address cannot be 0 address.");

159:         require(_owner != address(0), "Owner cannot be 0 address.");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L115

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

84:         require(
85:             msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
86:         );

87:         require(
88:             _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
89:             "Root Bridge Agent Factory Address does not match."
90:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L84-L86

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

64:         require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");

65:         require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");

66:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be 0");

67:         require(_localAnyCallExecutorAddress != address(0), "Anyexec Address cannot be 0");

68:         require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");

69:         require(_localPortAddress != address(0), "Port Address cannot be 0");

70:         require(_owner != address(0), "Owner cannot be 0");

84:         require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0");

118:         require(
119:             msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
120:         );

121:         require(
122:             _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
123:             "Root Bridge Agent Factory Address does not match."
124:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L64

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

28:         require(_localPortAddress != address(0), "Port address cannot be 0");

36:         require(_coreRouter != address(0), "CoreRouter address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L28

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

34:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

41:         require(_coreRouter != address(0), "CoreRouter address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L34

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

55:         require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");

56:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

57:         require(_daoAddress != address(0), "DAO Address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L55

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

45:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");

46:         require(_factoryAddress != address(0), "Factory Address cannot be 0");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L45

[G-4] Empty blocks should be removed or emit something

The code should be refactored such that they no longer exist, or the block should do something useful, such as emitting an event or reverting.

There are 3 instances of this issue:
File: ulysses-omnichain/BranchBridgeAgent.sol

1419:     fallback() external payable {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1419

File: ulysses-omnichain/CoreBranchRouter.sol

284:     fallback() external payable {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L284

File: ulysses-omnichain/RootBridgeAgent.sol

1334:     fallback() external payable {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L1334

[G-5] Non efficient zero initialization

Solidity does not recognize null as a value, so uint variables are initialized to zero. Setting a uint variable to zero is redundant and can waste gas.

There are 56 instances of this issue:
File: erc-20/ERC20Boost.sol

52:         for (uint256 i = 0; i < num;) {

98:         for (uint256 i = 0; i < num;) {

151:         uint256 userBoost = 0;

156:         for (uint256 i = 0; i < length;) {

207:         for (uint256 i = 0; i < num && i < length;) {

236:         for (uint256 i = 0; i < size;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L52

File: erc-20/ERC20Gauges.sol

114:         for (uint256 i = 0; i < num;) {

155:         for (uint256 i = 0; i < num;) {

259:         for (uint256 i = 0; i < size;) {

338:         for (uint256 i = 0; i < size;) {

536:         for (uint256 i = 0; i < size && (userFreeWeight + totalFreed) < weight;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L114

File: erc-20/ERC20MultiVotes.sol

67:         uint256 low = 0;

328:         for (uint256 i = 0; i < size && (userFreeVotes + totalFreed) < votes; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L67

File: erc-4626/ERC4626MultiToken.sol

50:         for (uint256 i = 0; i < length;) {

68:         for (uint256 i = 0; i < length;) {

79:         for (uint256 i = 0; i < length;) {

170:         for (uint256 i = 0; i < length;) {

201:         for (uint256 i = 0; i < length;) {

216:         for (uint256 i = 0; i < length;) {

235:         for (uint256 i = 0; i < length;) {

250:         for (uint256 i = 0; i < length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L50

File: gauges/BaseV2Gauge.sol

114:         for (uint256 i = 0; i < length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L114

File: gauges/factories/BaseV2GaugeFactory.sol

77:         for (uint256 i = 0; i < length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L77

File: gauges/factories/BaseV2GaugeManager.sol

64:         for (uint256 i = 0; i < length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L64

File: governance/GovernorBravoDelegateMaia.sol

181:         for (uint256 i = 0; i < proposal.targets.length; i++) {

215:         for (uint256 i = 0; i < proposal.targets.length; i++) {

251:         for (uint256 i = 0; i < proposal.targets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L181

File: rewards/rewards/FlywheelGaugeRewards.sol

176:         for (uint256 i = 0; i < size; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L176

File: ulysses-amm/UlyssesRouter.sol

78:         for (uint256 i = 0; i < length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L78

File: ulysses-amm/UlyssesToken.sol

95:         for (uint256 i = 0; i < assets.length; i++) {

111:         for (uint256 i = 0; i < assets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95

File: ulysses-amm/factories/UlyssesFactory.sol

99:         for (uint256 i = 0; i < length;) {

107:         for (uint256 i = 0; i < length;) {

110:             for (uint256 j = 0; j < length;) {

123:         for (uint256 i = 0; i < length;) {

145:         for (uint256 i = 0; i < length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L99

File: ulysses-omnichain/ArbitrumBranchPort.sol

101:         for (uint256 i = 0; i < _localAddresses.length;) {

136:         for (uint256 i = 0; i < _localAddresses.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L101

File: ulysses-omnichain/BranchBridgeAgent.sol

283:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {

580:         for (uint256 i = 0; i < numOfAssets;) {

719:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {

951:         for (uint256 i = 0; i < deposit.hTokens.length;) {

1354:         for (uint256 i = 0; i < _deposits.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L283

File: ulysses-omnichain/BranchPort.sol

231:         for (uint256 i = 0; i < _localAddresses.length;) {

267:         for (uint256 i = 0; i < _localAddresses.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L231

File: ulysses-omnichain/MulticallRootRouter.sol

146:         for (uint256 i = 0; i < outputTokens.length;) {

311:             for (uint256 i = 0; i < outputParams.outputTokens.length;) {

387:             for (uint256 i = 0; i < outputParams.outputTokens.length;) {

463:             for (uint256 i = 0; i < outputParams.outputTokens.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L146

File: ulysses-omnichain/RootBridgeAgent.sol

342:         for (uint256 i = 0; i < _globalAddresses.length;) {

408:         for (uint256 i = 0; i < _dParams.hTokens.length;) {

561:         for (uint256 i = 0; i < newGas.length;) {

596:         for (uint256 i = 0; i < settlement.hTokens.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L342

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

364:         for (uint256 i = 0; i < uint256(uint8(numOfAssets));) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L364

File: ulysses-omnichain/VirtualAccount.sol

48:         for (uint256 i = 0; i < calls.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L48

File: ulysses-omnichain/lib/AnycallFlags.sol

8:     uint256 public constant FLAG_NONE = 0x0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/lib/AnycallFlags.sol#L8

[G-6] Use assembly to write address storage values

There are 209 instances of this issue:
File: erc-20/ERC20Gauges.sol

30:         gaugeCycleLength = _gaugeCycleLength;

31:         incrementFreezeWindow = _incrementFreezeWindow;

457:         maxGauges = newMax;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L30

File: erc-20/ERC20MultiVotes.sol

98:         maxDelegates = newMax;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L98

File: erc-4626/ERC4626.sol

24:         asset = _asset;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L24

File: erc-4626/ERC4626DepositOnly.sol

24:         asset = _asset;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L24

File: erc-4626/ERC4626MultiToken.sol

63:         totalWeights = _totalWeights;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L63

File: erc-4626/UlyssesERC4626.sol

25:         asset = _asset;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L25

File: gauges/BaseV2Gauge.sol

63:         flywheelGaugeRewards = _flywheelGaugeRewards;

64:         rewardToken = _flywheelGaugeRewards.rewardToken();

65:         hermesGaugeBoost = BaseV2GaugeFactory(msg.sender).bHermesBoostToken();

66:         strategy = _strategy;

68:         epoch = (block.timestamp / WEEK) * WEEK;

70:         multiRewardsDepot = new MultiRewardsDepot(address(this));

87:             epoch = _newEpoch;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L63

File: gauges/UniswapV3Gauge.sol

40:         uniswapV3Staker = _uniswapV3Staker;

41:         minimumWidth = _minimumWidth;

63:         minimumWidth = _minimumWidth;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L40

File: gauges/factories/BaseV2GaugeFactory.sol

58:         bribesFactory = _bribesFactory;

59:         bHermesBoostToken = _bHermesBoost;

60:         gaugeManager = _gaugeManager;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L58

File: gauges/factories/BaseV2GaugeManager.sol

44:         admin = _admin;

46:         bHermesGaugeWeight = _bHermes.gaugeWeight();

47:         bHermesGaugeBoost = _bHermes.gaugeBoost();

146:         admin = newAdmin;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L44

File: gauges/factories/BribesFactory.sol

57:         gaugeManager = _gaugeManager;

58:         flywheelGaugeWeightBooster = _flywheelGaugeWeightBooster;

59:         rewardsCycleLength = _rewardsCycleLength;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L57

File: gauges/factories/UniswapV3GaugeFactory.sol

59:         flywheelGaugeRewards = _flywheelGaugeRewards;

60:         uniswapV3Staker = new UniswapV3Staker(

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L59

File: hermes/UtilityManager.sol

45:         gaugeWeight = bHermesGauges(_gaugeWeight);

46:         gaugeBoost = bHermesBoost(_gaugeBoost);

47:         governance = ERC20Votes(_governance);

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L45

File: hermes/minters/BaseV2Minter.sol

59:         initializer = msg.sender;

60:         dao = _dao;

61:         underlying = address(ERC4626(_vault).asset());

62:         vault = ERC4626(_vault);

80:         flywheelGaugeRewards = _flywheelGaugeRewards;

81:         initializer = address(0);

82:         activePeriod = (block.timestamp / week) * week;

88:         dao = _dao;

128:             activePeriod = _period;

165:         weekly = 0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L59

File: hermes/tokens/bHermesBoost.sol

24:         bHermes = msg.sender;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L24

File: hermes/tokens/bHermesGauges.sol

31:         bHermes = msg.sender;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L31

File: hermes/tokens/bHermesVotes.sol

22:         bHermes = msg.sender;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L22

File: maia/PartnerUtilityManager.sol

43:         partnerGovernance = ERC20Votes(_partnerGovernance);

44:         partnerVault = _partnerVault;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L43

File: maia/factories/PartnerManagerFactory.sol

39:         bHermes = _bHermes;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L39

File: maia/tokens/ERC4626PartnerManager.sol

75:         factory = _factory;

76:         bHermesRate = _bHermesRate;

77:         bHermesToken = bHermes(_bhermes);

223:         bHermesRate = newRate;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L75

File: maia/vMaia.sol

59:         currentMonth = DateTimeLib.getMonth(block.timestamp);

112:         currentMonth = _currentMonth;

113:         unstakePeriodEnd = _unstakePeriodStart + 1 days;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L59

File: rewards/base/BaseFlywheelRewards.sol

32:         flywheel = _flywheel;

34:         rewardToken = _rewardToken;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L32

File: rewards/base/FlywheelCore.sol

47:         rewardToken = _rewardToken;

48:         flywheelRewards = _flywheelRewards;

49:         flywheelBooster = _flywheelBooster;

131:         flywheelRewards = newFlywheelRewards;

138:         flywheelBooster = newBooster;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L47

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

49:         bhermes = _bHermesGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L49

File: rewards/depots/SingleRewardsDepot.sol

23:         asset = _asset;

24:         rewardsContract = msg.sender;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L23

File: rewards/rewards/FlywheelAcummulatedRewards.sol

34:         rewardsCycleLength = _rewardsCycleLength;

51:             endCycle = newEndCycle;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L34

File: rewards/rewards/FlywheelGaugeRewards.sol

55:         rewardToken = _rewardToken;

57:         gaugeCycleLength = _gaugeToken.gaugeCycleLength();

60:         gaugeCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;

62:         gaugeToken = _gaugeToken;

64:         minter = _minter;

85:         gaugeCycle = currentCycle;

100:         nextCycleQueuedRewards = 0;

101:         paginationOffset = 0;

121:             nextCycle = currentCycle;

122:             paginationOffset = 0;

144:             gaugeCycle = currentCycle;

145:             nextCycleQueuedRewards = 0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L55

File: rewards/rewards/FlywheelInstantRewards.sol

29:         rewardsDepot = new SingleRewardsDepot(rewardToken);

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L29

File: talos/TalosManager.sol

51:         strategy = ITalosBaseStrategy(_strategy);

52:         ticksFromLowerRebalance = _ticksFromLowerRebalance;

53:         ticksFromUpperRebalance = _ticksFromUpperRebalance;

54:         ticksFromLowerRerange = _ticksFromLowerRerange;

55:         ticksFromUpperRerange = _ticksFromUpperRerange;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L51

File: talos/TalosOptimizer.sol

50:         twapDuration = _twapDuration;

51:         maxTwapDeviation = _maxTwapDeviation;

52:         tickRangeMultiplier = _tickRangeMultiplier;

53:         priceImpactPercentage = _priceImpactPercentage;

54:         maxTotalSupply = _maxTotalSupply;

64:         maxTotalSupply = _maxTotalSupply;

70:         twapDuration = _twapDuration;

76:         maxTwapDeviation = _maxTwapDeviation;

81:         tickRangeMultiplier = _tickRangeMultiplier;

89:         priceImpactPercentage = _priceImpactPercentage;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L50

File: talos/TalosStrategyStaked.sol

79:         flywheel = _flywheel;

81:         boostAggregator = _boostAggregator;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L79

File: talos/base/TalosBaseStrategy.sol

87:         optimizer = _optimizer;

88:         nonfungiblePositionManager = _nonfungiblePositionManager;

89:         strategyManager = _strategyManager;

90:         pool = _pool;

91:         token0 = ERC20(_pool.token0());

92:         token1 = ERC20(_pool.token1());

93:         tickSpacing = _pool.tickSpacing();

94:         poolFee = _pool.fee();

120:             tickLower = _tickLower;

121:             tickUpper = _tickUpper;

154:         liquidity = _liquidity;

155:         tokenId = _tokenId;

362:         liquidity = 0;

412:         protocolFees0 = _protocolFees0 - amount0;

413:         protocolFees1 = _protocolFees1 - amount1;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L87

File: talos/boost-aggregator/BoostAggregator.sol

66:         uniswapV3Staker = _uniswapV3Staker;

67:         hermesGaugeBoost = uniswapV3Staker.hermesGaugeBoost();

68:         nonfungiblePositionManager = uniswapV3Staker.nonfungiblePositionManager();

69:         hermes = _hermes;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L66

File: talos/factories/BoostAggregatorFactory.sol

35:         uniswapV3Staker = _uniswapV3Staker;

36:         hermes = ERC20(_uniswapV3Staker.hermes());

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L35

File: talos/factories/TalosBaseStrategyFactory.sol

41:         nonfungiblePositionManager = _nonfungiblePositionManager;

42:         optimizerFactory = _optimizerFactory;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L41

File: talos/factories/TalosStrategyStakedFactory.sol

45:         boostAggregatorFactory = _boostAggregatorFactory;

47:         flywheel = new FlywheelCoreInstant(

53:         rewards = new FlywheelInstantRewards(flywheel);

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L45

File: ulysses-amm/UlyssesPool.sol

89:         factory = UlyssesFactory(_factory);

92:         id = _id;

183:         totalWeights = newTotalWeights;

241:         totalWeights = newTotalWeights;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L89

File: ulysses-amm/UlyssesRouter.sol

21:         ulyssesFactory = _ulyssesFactory;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L21

File: ulysses-amm/UlyssesToken.sol

31:         id = _id;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L31

File: ulysses-omnichain/ArbitrumBranchPort.sol

36:         localChainId = _localChainId;

37:         rootPortAddress = _rootPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L36

File: ulysses-omnichain/BaseBranchRouter.sol

39:         localBridgeAgentAddress = _localBridgeAgentAddress;

40:         bridgeAgentExecutorAddress = IBridgeAgent(localBridgeAgentAddress).bridgeAgentExecutorAddress();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L39

File: ulysses-omnichain/BranchBridgeAgent.sol

157:         wrappedNativeToken = _wrappedNativeToken;

158:         localChainId = _localChainId;

159:         rootChainId = _rootChainId;

160:         rootBridgeAgentAddress = _rootBridgeAgentAddress;

161:         localAnyCallAddress = _localAnyCallAddress;

162:         localAnyCallExecutorAddress = _localAnyCallExecutorAddress;

163:         localRouterAddress = _localRouterAddress;

164:         localPortAddress = _localPortAddress;

165:         bridgeAgentExecutorAddress = DeployBranchBridgeAgentExecutor.deploy();

166:         depositNonce = 1;

1134:         remoteCallDepositedGas = depositedGas;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L157

File: ulysses-omnichain/BranchPort.sol

106:         coreBranchRouterAddress = _coreBranchRouter;

304:         coreBranchRouterAddress = _newCoreRouter;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L106

File: ulysses-omnichain/CoreBranchRouter.sol

27:         localPortAddress = _localPortAddress;

28:         hTokenFactoryAddress = _hTokenFactoryAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L27

File: ulysses-omnichain/CoreRootRouter.sol

57:         rootChainId = _rootChainId;

58:         wrappedNativeToken = WETH9(_wrappedNativeToken);

59:         rootPortAddress = _rootPortAddress;

65:         bridgeAgentExecutorAddress = IBridgeAgent(_bridgeAgentAddress).bridgeAgentExecutorAddress();

66:         hTokenFactoryAddress = _hTokenFactory;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L57

File: ulysses-omnichain/MulticallRootRouter.sol

68:         localChainId = _localChainId;

69:         localPortAddress = _localPortAddress;

70:         multicallAddress = _multicallAddress;

78:         bridgeAgentExecutorAddress = IBridgeAgent(_bridgeAgentAddress).bridgeAgentExecutorAddress();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L68

File: ulysses-omnichain/RootBridgeAgent.sol

217:         wrappedNativeToken = _wrappedNativeToken;

218:         factoryAddress = msg.sender;

219:         daoAddress = _daoAddress;

220:         localChainId = _localChainId;

221:         localAnyCallAddress = _localAnyCallAddress;

222:         localPortAddress = _localPortAddress;

223:         localRouterAddress = _localRouterAddress;

224:         bridgeAgentExecutorAddress = DeployRootBridgeAgentExecutor.deploy(address(this));

225:         localAnyCallExecutorAddress = _localAnyCallExecutorAddress;

226:         settlementNonce = 1;

227:         accumulatedFees = 1; //Avoid paying 20k gas in first `payExecutionGas` making MIN_EXECUTION_OVERHEAD constant.

875:             initialGas = _initialGas;

908:         userFeeInfo = _userFeeInfo;

1262:         accumulatedFees = 1;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L217

File: ulysses-omnichain/RootPort.sol

117:         localChainId = _localChainId;

118:         wrappedNativeTokenAddress = _wrappedNativeToken;

137:         coreRootRouterAddress = _coreRootRouter;

151:         coreRootBridgeAgentAddress = _coreRootBridgeAgent;

152:         localBranchPortAddress = _localBranchPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L117

File: ulysses-omnichain/VirtualAccount.sol

26:         userAddress = _userAddress;

27:         localPortAddress = _localPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L26

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

72:         localChainId = _localChainId;

73:         rootChainId = _rootChainId;

74:         rootBridgeAgentFactoryAddress = _rootBridgeAgentFactoryAddress;

75:         wrappedNativeToken = _wrappedNativeToken;

76:         localAnyCallAddress = _localAnyCallAddress;

77:         localAnyCallExecutorAddress = _localAnyCallExecutorAddress;

78:         localCoreBranchRouterAddress = _localCoreBranchRouterAddress;

79:         localPortAddress = _localPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L72

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

30:         localChainId = _localChainId;

31:         localPortAddress = _localPortAddress;

47:         localCoreRouterAddress = _coreRouter;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L30

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

35:         localChainId = _localChainId;

36:         rootPortAddress = _rootPortAddress;

42:         coreRootRouterAddress = _coreRouter;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L35

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

59:         rootChainId = _rootChainId;

60:         wrappedNativeToken = _wrappedNativeToken;

61:         localAnyCallAddress = _localAnyCallAddress;

62:         localAnyCallExecutorAddress = IAnycallProxy(localAnyCallAddress).executor();

63:         rootPortAddress = _rootPortAddress;

64:         daoAddress = _daoAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L59

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

47:         localChainId = _localChainId;

48:         factoryAddress = _factoryAddress;

49:         rootPortAddress = _rootPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L47

File: uni-v3-staker/UniswapV3Staker.sol

123:         factory = _factory;

124:         nonfungiblePositionManager = _nonfungiblePositionManager;

125:         maxIncentiveStartLeadTime = _maxIncentiveStartLeadTime;

126:         uniswapV3GaugeFactory = _uniswapV3GaugeFactory;

127:         hermesGaugeBoost = _hermesGaugeBoost;

128:         minter = _minter;

129:         hermes = _hermes;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L123

[G-7] Duplicated require/if checks should be refactored to a modifier or function

This saves deployment gas cost.

There are 2 instances of this issue:
File: erc-4626/UlyssesERC4626.sol

50:         require(assets != 0, "ZERO_ASSETS");

75:         require(assets != 0, "ZERO_ASSETS");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L50

[G-8] Functions guaranteed to revert when called by normal users can be marked payable

If a function modifier such as onlyOwner is used, the function will revert if a normal user tries to pay the function. Marking the function as payable will lower the gas cost for legitimate callers because the compiler will not include checks for whether a payment was provided. The extra opcodes avoided are CALLVALUE(2),DUP1(3),ISZERO(3),PUSH2(3),JUMPI(10),PUSH1(3),DUP1(3),REVERT(0),JUMPDEST(1),POP(2), which costs an average of about 21 gas per call to the function, in addition to the extra deployment cost

There are 92 instances of this issue:
File: erc-20/ERC20Boost.sol

259:     function addGauge(address gauge) external onlyOwner {

273:     function removeGauge(address gauge) external onlyOwner {

285:     function replaceGauge(address oldGauge, address newGauge) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L259

File: erc-20/ERC20Gauges.sol

398:     function addGauge(address gauge) external onlyOwner returns (uint112) {

425:     function removeGauge(address gauge) external onlyOwner {

449:     function replaceGauge(address oldGauge, address newGauge) external onlyOwner {

455:     function setMaxGauges(uint256 newMax) external onlyOwner {

463:     function setContractExceedMaxGauges(address account, bool canExceedMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L398

File: erc-20/ERC20MultiVotes.sol

96:     function setMaxDelegates(uint256 newMax) external onlyOwner {

104:     function setContractExceedMaxDelegates(address account, bool canExceedMax) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L96

File: gauges/BaseV2Gauge.sol

128:     function addBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {

144:     function removeBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L128

File: gauges/UniswapV3Gauge.sol

62:     function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62

File: gauges/factories/BaseV2GaugeFactory.sol

109:     function createGauge(address strategy, bytes memory data) external onlyOwner {

130:     function removeGauge(BaseV2Gauge gauge) external onlyOwner {

144:     function addBribeToGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {

151:     function removeBribeFromGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L109

File: gauges/factories/BaseV2GaugeManager.sol

110:     function addGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {

121:     function removeGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L110

File: gauges/factories/UniswapV3GaugeFactory.sol

98:     function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L98

File: hermes/minters/BaseV2Minter.sol

86:     function setDao(address _dao) external onlyOwner {

92:     function setDaoShare(uint256 _daoShare) external onlyOwner {

98:     function setTailEmission(uint256 _tail_emission) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86

File: hermes/tokens/HERMES.sol

62:     function mint(address account, uint256 amount) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L62

File: maia/factories/PartnerManagerFactory.sol

58:     function addPartner(PartnerManager newPartnerManager) external onlyOwner {

67:     function addVault(IBaseVault newVault) external onlyOwner {

80:     function removePartner(PartnerManager partnerManager) external onlyOwner {

89:     function removeVault(IBaseVault vault) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L58

File: maia/tokens/ERC4626PartnerManager.sol

188:     function migratePartnerVault(address newPartnerVault) external onlyOwner {

216:     function increaseConversionRate(uint256 newRate) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L188

File: maia/tokens/Maia.sol

55:     function mint(address account, uint256 amount) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L55

File: rewards/base/FlywheelCore.sol

111:     function addStrategyForRewards(ERC20 strategy) external onlyOwner {

125:     function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {

137:     function setBooster(IFlywheelBooster newBooster) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L111

File: rewards/depots/MultiRewardsDepot.sol

47:     function addAsset(address rewardsContract, address asset) external onlyOwner {

57:     function removeAsset(address rewardsContract) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L47

File: talos/TalosOptimizer.sol

62:     function setMaxTotalSupply(uint256 _maxTotalSupply) external onlyOwner {

68:     function setTwapDuration(uint32 _twapDuration) external onlyOwner {

74:     function setMaxTwapDeviation(int24 _maxTwapDeviation) external onlyOwner {

80:     function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {

85:     function setPriceImpact(uint24 _priceImpactPercentage) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L62

File: talos/base/TalosBaseStrategy.sol

394:     function collectProtocolFees(uint256 amount0, uint256 amount1) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L394

File: talos/boost-aggregator/BoostAggregator.sol

143:     function addWhitelistedAddress(address user) external onlyOwner {

148:     function removeWhitelistedAddress(address user) external onlyOwner {

153:     function setProtocolFee(uint256 _protocolFee) external onlyOwner {

159:     function withdrawProtocolFees(address to) external onlyOwner {

165:     function withdrawAllGaugeBoost(address to) external onlyOwner {

172:     function withdrawGaugeBoost(address to, uint256 amount) external onlyOwner {

180:     function decrementGaugesBoostIndexed(uint256 boost, uint256 offset, uint256 num) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L143

File: ulysses-amm/UlyssesPool.sol

159:     function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {

223:     function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {

308:     function setFees(Fees calldata _fees) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L159

File: ulysses-amm/UlyssesToken.sol

44:     function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {

60:     function removeAsset(address asset) external nonReentrant onlyOwner {

88:     function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L44

File: ulysses-amm/factories/UlyssesFactory.sol

65:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L65

File: ulysses-omnichain/BaseBranchRouter.sol

37:     function initialize(address _localBridgeAgentAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L37

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

70:     function executeNoSettlement(address _router, bytes calldata _data)

88:     function executeWithSettlement(address _recipient, address _router, bytes calldata _data)

125:     function executeWithSettlementMultiple(address _recipient, address _router, bytes calldata _data)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L70

File: ulysses-omnichain/BranchPort.sol

99:     function initialize(address _coreBranchRouter, address _bridgeAgentFactory) external virtual onlyOwner {

113:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L99

File: ulysses-omnichain/CoreRootRouter.sol

63:     function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {

227:     function toggleBranchBridgeAgentFactory(

253:     function removeBranchBridgeAgent(address _branchBridgeAgent, address _gasReceiver, uint24 _toChain)

275:     function manageStrategyToken(

300:     function managePortStrategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L63

File: ulysses-omnichain/MulticallRootRouter.sol

74:     function initialize(address _bridgeAgentAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L74

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

78:     function executeSystemRequest(address _router, bytes calldata _data, uint24 _fromChainId)

98:     function executeNoDeposit(address _router, bytes calldata _data, uint24 _fromChainId)

117:     function executeWithDeposit(address _router, bytes calldata _data, uint24 _fromChainId)

154:     function executeWithDepositMultiple(address _router, bytes calldata _data, uint24 _fromChainId)

201:     function executeSignedNoDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)

221:     function executeSignedWithDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)

259:     function executeSignedWithDepositMultiple(

308:     function executeRetrySettlement(uint32 _settlementNonce)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L78

File: ulysses-omnichain/RootPort.sol

128:     function initialize(address _bridgeAgentFactory, address _coreRootRouter) external onlyOwner {

140:     function initializeCore(

158:     function forefeitOwnership(address _owner) external onlyOwner {

165:     function renounceOwnership() public payable override onlyOwner {

399:     function toggleBridgeAgent(address _bridgeAgent) external onlyOwner {

406:     function addBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {

413:     function toggleBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {

420:     function addNewChain(

484:     function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {

491:     function addEcosystemToken(address _ecoTokenGlobalAddress) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L128

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

54:     function initialize(address _coreRootBridgeAgent) external override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L54

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

83:     function initialize(address _coreRootBridgeAgent) external virtual onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L83

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

35:     function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L35

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

40:     function initialize(address _coreRouter) external onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L40

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

23:     function mint(address account, uint256 amount) external override onlyOwner returns (bool) {

29:     function burn(uint256 value) public override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L23

[G-9] State variable read in a loop

State variable reads and writes are more expensive than local variable reads and writes. Therefore, it is recommended to replace state variable reads and writes within loops with local variable reads and writes.

There are 68 instances of this issue:
File: erc-20/ERC20Boost.sol

54:                 values[i] = _gauges.at(offset + i); // will revert if out of bounds

100:                 values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds

159:             if (!_deprecatedGauges.contains(gauge)) {

160:                 uint256 gaugeBoost = getUserGaugeBoost[user][gauge].userGaugeBoost;

210:             GaugeState storage gaugeState = getUserGaugeBoost[msg.sender][gauge];

212:             if (_deprecatedGauges.contains(gauge) || boost >= gaugeState.userGaugeBoost) {

213:                 require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.

214:                 delete getUserGaugeBoost[msg.sender][gauge];

239:             require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.

240:             delete getUserGaugeBoost[msg.sender][gauge];

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L54

File: erc-20/ERC20Gauges.sol

116:                 values[i] = _gauges.at(offset + i); // will revert if out of bounds

157:                 values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds

342:             if (!_deprecatedGauges.contains(gauge)) globalWeightsSum += weight;

538:             uint112 userGaugeWeight = getUserGaugeWeight[user][gauge];

541:                 if (!_deprecatedGauges.contains(gauge)) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L116

File: erc-20/ERC20MultiVotes.sol

330:             uint256 delegateVotes = _delegatesVotesCount[user][delegatee];

339:                     require(_delegates[user].remove(delegatee)); // Remove from set. Should never fail.

340:                     _delegatesVotesCount[user][delegatee] = 0;

343:                     _delegatesVotesCount[user][delegatee] -= votesToFree;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L330

File: erc-4626/ERC4626MultiToken.sol

55:             assetId[_assets[i]] = i + 1;

69:             assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);

80:             assets[i].safeTransfer(receiver, assetsAmounts[i]);

202:             uint256 share = assetsAmounts[i].mulDiv(_totalWeights, weights[i]);

217:             assetsAmounts[i] = shares.mulDiv(weights[i], _totalWeights);

236:             assetsAmounts[i] = shares.mulDivUp(weights[i], _totalWeights);

251:             uint256 share = assetsAmounts[i].mulDivUp(_totalWeights, weights[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L55

File: gauges/BaseV2Gauge.sol

115:             if (isActive[_bribeFlywheels[i]]) _bribeFlywheels[i].accrue(ERC20(address(this)), user);

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L115

File: gauges/factories/BaseV2GaugeFactory.sol

78:             if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();

94:             if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L78

File: gauges/factories/BaseV2GaugeManager.sol

65:             if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();

81:             if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L65

File: rewards/rewards/FlywheelGaugeRewards.sol

179:             QueuedRewards memory queuedRewards = gaugeQueuedRewards[gauge];

189:             gaugeQueuedRewards[gauge] = QueuedRewards({

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L179

File: ulysses-amm/UlyssesPool.sol

130:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

131:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

133:             assets += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);

135:             assets += bandwidthStateList[i].bandwidth;

176:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

178:             oldRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);

190:             uint256 oldBandwidth = bandwidthStateList[i].bandwidth;

192:                 bandwidthStateList[i].bandwidth = oldBandwidth.mulDivUp(oldTotalWeights, newTotalWeights).toUint248();

194:                 newBandwidth += oldBandwidth - bandwidthStateList[i].bandwidth;

212:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

214:             newRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);

232:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

233:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

235:             oldRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);

253:             for (uint256 i = 1; i < bandwidthStateList.length;) {

255:                     uint256 oldBandwidth = bandwidthStateList[i].bandwidth;

257:                         bandwidthStateList[i].bandwidth =

260:                         leftOverBandwidth += oldBandwidth - bandwidthStateList[i].bandwidth;

278:             for (uint256 i = 1; i < bandwidthStateList.length;) {

280:                     if (i == bandwidthStateList.length - 1) {

281:                         bandwidthStateList[i].bandwidth += leftOverBandwidth.toUint248();

283:                         bandwidthStateList[i].bandwidth +=

284:                             leftOverBandwidth.mulDiv(bandwidthStateList[i].weight, weightsWithoutPool).toUint248();

296:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

297:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

299:             newRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);

921:                     updateBandwidth(true, true, bandwidthStateList[i], updateAmount, _totalWeights, _totalSupply, 0);

973:                 depositFees, true, bandwidthStateList[i], updateAmount, _totalWeights, _totalSupply, _newTotalSupply

1058:                     false, false, bandwidthStateList[i], updateAmount, _totalWeights, _totalSupply, _newTotalSupply

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130

File: ulysses-amm/factories/UlyssesFactory.sol

111:                 if (j != i && weights[i][j] > 0) pools[poolIds[i]].addNewBandwidth(poolIds[j], weights[i][j]);

124:             pools[poolIds[i]].transferOwnership(owner);

146:             address destination = address(pools[poolIds[i]]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L111

File: ulysses-omnichain/ArbitrumBranchPort.sol

102:             IRootPort(rootPortAddress).bridgeToLocalBranchFromRoot(_recipient, _localAddresses[i], _amounts[i]);

145:                 IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L102

File: ulysses-omnichain/MulticallRootRouter.sol

148:             ERC20hTokenRoot(outputTokens[i]).approve(bridgeAgentAddress, amountsOut[i]);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L148

[G-10] State variables only set in the constructor should be declared immutable

Avoids a Gsset (20000 gas) in the constructor, and replaces each Gwarmacces (100 gas) with a PUSH32 (3 gas).

There are 18 instances of this issue:
File: erc-4626/ERC4626MultiToken.sol

42:         assets = _assets;

43:         weights = _weights;

63:         totalWeights = _totalWeights;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L42

File: gauges/BaseV2Gauge.sol

66:         strategy = _strategy;

70:         multiRewardsDepot = new MultiRewardsDepot(address(this));

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L66

File: maia/PartnerUtilityManager.sol

44:         partnerVault = _partnerVault;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L44

File: ulysses-amm/UlyssesRouter.sol

21:         ulyssesFactory = _ulyssesFactory;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L21

File: ulysses-omnichain/ArbitrumBranchPort.sol

36:         localChainId = _localChainId;

37:         rootPortAddress = _rootPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L36

File: ulysses-omnichain/BranchBridgeAgent.sol

165:         bridgeAgentExecutorAddress = DeployBranchBridgeAgentExecutor.deploy();

166:         depositNonce = 1;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L165

File: ulysses-omnichain/CoreBranchRouter.sol

27:         localPortAddress = _localPortAddress;

28:         hTokenFactoryAddress = _hTokenFactoryAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L27

File: ulysses-omnichain/RootBridgeAgent.sol

226:         settlementNonce = 1;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L226

File: ulysses-omnichain/VirtualAccount.sol

27:         localPortAddress = _localPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L27

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

47:         localChainId = _localChainId;

48:         factoryAddress = _factoryAddress;

49:         rootPortAddress = _rootPortAddress;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L47

[G-11] Don’t compare boolean expressions to boolean literals

if (<x> == true) => if (<x>), if (<x> == false) => if (!<x>).

There are 1 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

366:         require(receipt.hasVoted == false, "GovernorBravo::castVoteInternal: voter already voted");

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L366

[G-12] Using storage instead of memory for structs/arrays saves gas

When fetching data from a storage location, assigning the data to a memory variable causes all fields of the struct/array to be read from storage, which incurs a Gcoldsload (2100 gas) for each field of the struct/array. If the fields are read from the new memory variable, they incur an additional MLOAD rather than a cheap stack read. Instead of declearing the variable with the memory keyword, declaring the variable with the storage keyword and caching any fields that need to be re-read in stack variables, will be much cheaper, only incuring the Gcoldsload for the fields actually read. The only time it makes sense to read the whole struct/array into a memory variable, is if the full struct/array is being returned by the function, is being passed to a function that requires memory, or if the array/struct is being read from another memory array/struct

There are 8 instances of this issue:
File: erc-20/ERC20Boost.sol

153:         address[] memory gaugeList = _userGauges[user].values();

204:         address[] memory gaugeList = _userGauges[msg.sender].values();

232:         address[] memory gaugeList = _userGauges[msg.sender].values();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L153

File: erc-20/ERC20Gauges.sol

532:         address[] memory gaugeList = _userGauges[user].values();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L532

File: erc-20/ERC20MultiVotes.sol

324:         address[] memory delegateList = _delegates[user].values();

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L324

File: rewards/rewards/FlywheelGaugeRewards.sol

179:             QueuedRewards memory queuedRewards = gaugeQueuedRewards[gauge];

204:         QueuedRewards memory queuedRewards = gaugeQueuedRewards[ERC20(msg.sender)];

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L179

File: ulysses-omnichain/RootBridgeAgent.sol

552:         Settlement memory settlement = getSettlement[_settlementNonce];

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L552

[G-13] Use calldata instead of memory for function parameters

If you are not modifying the function parameters, consider using calldata instead of memory. This will save gas.

There are 22 instances of this issue:
File: erc-4626/ERC4626MultiToken.sol

66:     function receiveAssets(uint256[] memory assetsAmounts) private {
67:         uint256 length = assetsAmounts.length;
68:         for (uint256 i = 0; i < length;) {
69:             assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);
70:
71:             unchecked {
72:                 i++;
73:             }
74:         }
75:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L66-L75

File: gauges/factories/BaseV2GaugeFactory.sol

109:     function createGauge(address strategy, bytes memory data) external onlyOwner {
110:         if (address(strategyGauges[strategy]) != address(0)) revert GaugeAlreadyExists();
111:
112:         BaseV2Gauge gauge = newGauge(strategy, data);
113:         strategyGauges[strategy] = gauge;
114:
115:         uint256 id = gauges.length;
116:         gauges.push(gauge);
117:         gaugeIds[gauge] = id;
118:         activeGauges[gauge] = true;
119:
120:         gaugeManager.addGauge(address(gauge));
121:
122:         afterCreateGauge(strategy, data);
123:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L109-L123

File: gauges/factories/UniswapV3GaugeFactory.sol

76:     function newGauge(address strategy, bytes memory data) internal override returns (BaseV2Gauge) {
77:         uint24 minimumWidth = abi.decode(data, (uint24));
78:         return new UniswapV3Gauge(
79:                 flywheelGaugeRewards,
80:                 address(uniswapV3Staker),
81:                 strategy,
82:                 minimumWidth,
83:                 address(this)
84:             );
85:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L76-L85

File: governance/GovernorBravoDelegator.sol

59:     function delegateTo(address callee, bytes memory data) internal {
60:         (bool success, bytes memory returnData) = callee.delegatecall(data);
61:         assembly {
62:             if eq(success, 0) { revert(add(returnData, 0x20), returndatasize()) }
63:         }
64:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L59-L64

File: talos/factories/TalosBaseStrategyFactory.sol

55:     function createTalosBaseStrategy(
56:         IUniswapV3Pool pool,
57:         ITalosOptimizer optimizer,
58:         address strategyManager,
59:         bytes memory data
60:     ) external {
61:         if (optimizerFactory.optimizerIds(TalosOptimizer(address(optimizer))) == 0) {
62:             revert UnrecognizedOptimizer();
63:         }
64:
65:         TalosBaseStrategy strategy = createTalosV3Strategy(pool, optimizer, strategyManager, data);
66:
67:         strategyIds[strategy] = strategies.length;
68:         strategies.push(strategy);
69:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L55-L69

File: talos/factories/TalosStrategyStakedFactory.sol

62:     function createTalosV3Strategy(
63:         IUniswapV3Pool pool,
64:         ITalosOptimizer optimizer,
65:         address strategyManager,
66:         bytes memory data
67:     ) internal override returns (TalosBaseStrategy strategy) {
68:         BoostAggregator boostAggregator = abi.decode(data, (BoostAggregator));
69:         if (boostAggregator.nonfungiblePositionManager() != nonfungiblePositionManager) {
70:             revert InvalidNFTManager();
71:         }
72:
73:         strategy =
74:             DeployStaked.createTalosV3Strategy(pool, optimizer, boostAggregator, strategyManager, flywheel, owner());
75:
76:         flywheel.addStrategyForRewards(strategy);
77:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L62-L77

File: ulysses-amm/UlyssesToken.sol

88:     function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {
89:         if (_weights.length != assets.length) revert InvalidWeightsLength();
90:
91:         weights = _weights;
92:
93:         uint256 newTotalWeights;
94:
95:         for (uint256 i = 0; i < assets.length; i++) {
96:             newTotalWeights += _weights[i];
97:
98:             emit AssetRemoved(assets[i]);
99:             emit AssetAdded(assets[i], _weights[i]);
100:         }
101:
102:         totalWeights = newTotalWeights;
103:
104:         updateAssetBalances();
105:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L88-L105

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

142:     function _performCall(bytes memory _callData) internal override {
143:         IRootBridgeAgent(rootBridgeAgentAddress).anyExecute(_callData);
144:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L142-L144

File: ulysses-omnichain/ArbitrumBranchPort.sol

96:     function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
97:         external
98:         override(IBranchPort, BranchPort)
99:         requiresBridgeAgent
100:     {
101:         for (uint256 i = 0; i < _localAddresses.length;) {
102:             IRootPort(rootPortAddress).bridgeToLocalBranchFromRoot(_recipient, _localAddresses[i], _amounts[i]);
103:
104:             unchecked {
105:                 ++i;
106:             }
107:         }
108:     }

129:     function bridgeOutMultiple(
130:         address _depositor,
131:         address[] memory _localAddresses,
132:         address[] memory _underlyingAddresses,
133:         uint256[] memory _amounts,
134:         uint256[] memory _deposits
135:     ) external override(IBranchPort, BranchPort) requiresBridgeAgent {
136:         for (uint256 i = 0; i < _localAddresses.length;) {
137:             if (_deposits[i] > 0) {
138:                 _underlyingAddresses[i].safeTransferFrom(
139:                     _depositor,
140:                     address(this),
141:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142:                 );
143:             }
144:             if (_amounts[i] - _deposits[i] > 0) {
145:                 IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(
146:                     _depositor, _localAddresses[i], _amounts[i] - _deposits[i]
147:                 );
148:             }
149:
150:             unchecked {
151:                 ++i;
152:             }
153:         }
154:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L96-L108

File: ulysses-omnichain/BranchBridgeAgent.sol

441:     function _sendRetrieveOrRetry(bytes memory _data) internal {
442:         //Deposit Gas for call.
443:         _createGasDeposit(msg.sender, msg.value.toUint128());
444:
445:         //Perform Call
446:         _performCall(_data);
447:     }

1006:     function _performCall(bytes memory _calldata) internal virtual {
1007:         //Sends message to AnycallProxy
1008:         IAnycallProxy(localAnyCallAddress).anyCall(
1009:             rootBridgeAgentAddress, _calldata, rootChainId, AnycallFlags.FLAG_ALLOW_FALLBACK, ""
1010:         );
1011:     }

1099:     function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount) {
1100:         //Cast to uint256
1101:         gasAmount = uint256(uint128(bytes16(gasData)));
1102:         //Move Gas hTokens from Branch to Root / Mint Sufficient hTokens to match new port deposit
1103:         IPort(localPortAddress).withdraw(address(this), address(wrappedNativeToken), gasAmount);
1104:     }

1349:     function _normalizeDecimalsMultiple(uint256[] memory _deposits, address[] memory _tokens)
1350:         internal
1351:         view
1352:         returns (uint256[] memory deposits)
1353:     {
1354:         for (uint256 i = 0; i < _deposits.length; i++) {
1355:             deposits[i] = _normalizeDecimals(_deposits[i], ERC20(_tokens[i]).decimals());
1356:         }
1357:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L441-L447

File: ulysses-omnichain/BranchPort.sol

226:     function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
227:         external
228:         virtual
229:         requiresBridgeAgent
230:     {
231:         for (uint256 i = 0; i < _localAddresses.length;) {
232:             ERC20hTokenBranch(_localAddresses[i]).mint(_recipient, _amounts[i]);
233:
234:             unchecked {
235:                 ++i;
236:             }
237:         }
238:     }

260:     function bridgeOutMultiple(
261:         address _depositor,
262:         address[] memory _localAddresses,
263:         address[] memory _underlyingAddresses,
264:         uint256[] memory _amounts,
265:         uint256[] memory _deposits
266:     ) external virtual requiresBridgeAgent {
267:         for (uint256 i = 0; i < _localAddresses.length;) {
268:             if (_deposits[i] > 0) {
269:                 _underlyingAddresses[i].safeTransferFrom(
270:                     _depositor,
271:                     address(this),
272:                     _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273:                 );
274:             }
275:             if (_amounts[i] - _deposits[i] > 0) {
276:                 _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
277:                 ERC20hTokenBranch(_localAddresses[i]).burn(_amounts[i] - _deposits[i]);
278:             }
279:             unchecked {
280:                 i++;
281:             }
282:         }
283:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L226-L238

File: ulysses-omnichain/MulticallRootRouter.sol

91:     function _multicall(IMulticall.Call[] memory calls)
92:         internal
93:         returns (uint256 blockNumber, bytes[] memory returnData)
94:     {
95:         //Call desired functions
96:         (blockNumber, returnData) = IMulticall(multicallAddress).aggregate(calls);
97:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L91-L97

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

60:     function createToken(string memory _name, string memory _symbol)
61:         external
62:         requiresCoreRouter
63:         returns (ERC20hTokenBranch newToken)
64:     {
65:         newToken = new ERC20hTokenBranch(_name, _symbol, localPortAddress);
66:         hTokens.push(newToken);
67:         hTokensLenght++;
68:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L60-L68

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

54:     function createToken(string memory _name, string memory _symbol)
55:         external
56:         requiresCoreRouter
57:         returns (ERC20hTokenRoot newToken)
58:     {
59:         newToken = new ERC20hTokenRoot(
60:             localChainId,
61:             address(this),
62:             rootPortAddress,
63:             _name,
64:             _symbol
65:         );
66:         hTokens.push(newToken);
67:         hTokensLenght++;
68:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L54-L68

File: uni-v3-staker/UniswapV3Staker.sol

187:     function endIncentive(IncentiveKey memory key) external returns (uint256 refund) {
188:         if (block.timestamp < IncentiveTime.getEnd(key.startTime)) {
189:             revert EndIncentiveBeforeEndTime();
190:         }
191:
192:         bytes32 incentiveId = IncentiveId.compute(key);
193:
194:         Incentive storage incentive = incentives[incentiveId];
195:
196:         refund = incentive.totalRewardUnclaimed;
197:
198:         if (refund == 0) revert EndIncentiveNoRefundAvailable();
199:         if (incentive.numberOfStakes > 0) revert EndIncentiveWhileStakesArePresent();
200:
201:         // issue the refund
202:         incentive.totalRewardUnclaimed = 0;
203:
204:         hermes.safeTransfer(minter, refund);
205:
206:         // note we never clear totalSecondsClaimedX128
207:
208:         emit IncentiveEnded(incentiveId, refund);
209:     }

243:     function withdrawToken(uint256 tokenId, address to, bytes memory data) external {
244:         if (to == address(0)) revert InvalidRecipient();
245:
246:         Deposit storage deposit = deposits[tokenId];
247:
248:         if (deposit.owner != msg.sender) revert NotCalledByOwner();
249:         if (deposit.stakedTimestamp != 0) revert TokenStakedError();
250:
251:         delete deposits[tokenId];
252:         emit DepositTransferred(tokenId, msg.sender, address(0));
253:
254:         nonfungiblePositionManager.safeTransferFrom(address(this), to, tokenId, data);
255:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L187-L209

File: uni-v3-staker/libraries/IncentiveId.sol

16:     function compute(IUniswapV3Staker.IncentiveKey memory key) internal pure returns (bytes32 incentiveId) {
17:         return keccak256(abi.encode(key));
18:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L16-L18

[G-14] Pre-increments and pre-decrements are cheaper than post-increments and post-decrements1

Saves 5 gas per iteration.1

There are 2 instances of this issue:
File: talos/libraries/PoolVariables.sol

98:         if (tick < 0 && tick % tickSpacing != 0) compressed--;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98

File: uni-v3-staker/UniswapV3Staker.sol

428:         incentive.numberOfStakes--;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L428

[G-15] Function calls should be cached

The instances below point to the second call of the function within a single function

There are 32 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

61:         underlying = address(ERC4626(_vault).asset());

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L61

File: ulysses-amm/UlyssesPool.sol

176:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

233:             uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);

375:         bandwidthUpdateAmounts = new uint256[](length);

480:                                 iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)

508:                                     iszero(iszero(mod(mul(transferedChange, weight), _totalWeights))),

509:                                     div(mul(transferedChange, weight), _totalWeights)

574:         uint256 oldRebalancingFee = _calculateRebalancingFee(

880:             case true { fee := div(mul(width, height), DIVISIONER) }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L176

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

49:         string memory name = ERC20(_underlyingAddress).name();

132:             (address bridgeAgentFactoryAddress) = abi.decode(_data[1:], (address));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L49

File: ulysses-omnichain/BranchBridgeAgent.sol

341:                     _normalizeDecimals(

342:                         getDeposit[_depositNonce].deposits[0], ERC20(getDeposit[_depositNonce].tokens[0]).decimals()

346:                     msg.value.toUint128(),

378:                     _normalizeDecimalsMultiple(getDeposit[nonce].deposits, getDeposit[nonce].tokens),

574:         address[] memory _hTokens = new address[](numOfAssets);

576:         uint256[] memory _amounts = new uint256[](numOfAssets);

872:         address[] memory hTokens = new address[](1);

876:         uint256[] memory amounts = new uint256[](1);

1029:         uint256 gasLeft = gasleft();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L341

File: ulysses-omnichain/CoreBranchRouter.sol

65:         string memory name = ERC20(_underlyingAddress).name();

258:             (address bridgeAgentFactoryAddress) = abi.decode(_data[1:], (address));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L65

File: ulysses-omnichain/CoreRootRouter.sol

332:             (address globalAddress, address localAddress) = abi.decode(_encodedData, (address, address));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L332

File: ulysses-omnichain/RootBridgeAgent.sol

295:         address localAddress = IPort(localPortAddress).getLocalTokenFromGlobal(_globalAddress, _toChain);

340:         address[] memory hTokens = new address[](_globalAddresses.length);

494:         address[] memory hTokens = new address[](1);

498:         uint256[] memory amounts = new uint256[](1);

717:             (uint160 sqrtPriceX96,,,,,,) = IUniswapV3Pool(poolAddress).slot0();

1024:             VirtualAccount userAccount = IPort(localPortAddress).fetchVirtualAccount(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L295

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

359:         address[] memory hTokens = new address[](numOfAssets);

361:         uint256[] memory amounts = new uint256[](numOfAssets);

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L359

File: ulysses-omnichain/RootPort.sol

465:             newGasPoolAddress = INonfungiblePositionManager(_nonFungiblePositionManagerAddress)

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L465

[G-16] Usage of uint/int smaller than 32 bytes (256 bits) incurs overhead

When using elements that are smaller than 32 bytes, your contract’s gas usage may be higher. This is because the EVM operates on 32 bytes at a time. Therefore, if the element is smaller than that, the EVM must use more operations in order to reduce the size of the element from 32 bytes to the desired size. Each operation involving a uint8 costs an extra 22-28 gas (depending on whether the other operand is also a variable of type uint8) as compared to ones involving uint256, due to the compiler having to clear the higher bits of the memory word before operating on the uint8, as well as the associated stack operations of doing so. Use a larger size then downcast where needed. https://docs.soliditylang.org/en/v0.8.11/internals/layout_in_storage.html Use a larger size then downcast where needed.

There are 21 instances of this issue:
File: gauges/factories/UniswapV3GaugeFactory.sol

77:         uint24 minimumWidth = abi.decode(data, (uint24));

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L77

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

124:             ) = abi.decode(_data[1:], (address, address, address, address, uint128));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L124

File: ulysses-omnichain/CoreBranchRouter.sol

239:                 abi.decode(_data[1:], (address, string, string, uint128));

250:             ) = abi.decode(_data[1:], (address, address, address, address, uint128));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L239

File: ulysses-omnichain/CoreRootRouter.sol

360:                 abi.decode(_encodedData, (address, address, uint24, uint128));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L360

File: ulysses-omnichain/MulticallRootRouter.sol

202:                 abi.decode(encodedData, (IMulticall.Call[], OutputParams, uint24));

218:                 abi.decode(encodedData, (IMulticall.Call[], OutputMultipleParams, uint24));

286:                 abi.decode(encodedData, (Call[], OutputParams, uint24));

306:                 abi.decode(encodedData, (Call[], OutputMultipleParams, uint24));

362:                 abi.decode(encodedData, (Call[], OutputParams, uint24));

382:                 abi.decode(encodedData, (Call[], OutputMultipleParams, uint24));

438:                 abi.decode(encodedData, (Call[], OutputParams, uint24));

458:                 abi.decode(encodedData, (Call[], OutputMultipleParams, uint24));

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L202

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

164:                     PARAMS_END_OFFSET + uint16(uint8(bytes1(_data[PARAMS_START]))) * PARAMS_TKN_SET_SIZE_MULTIPLE

174:                 > PARAMS_END_OFFSET + uint16(uint8(bytes1(_data[PARAMS_START]))) * PARAMS_TKN_SET_SIZE_MULTIPLE

178:                 bytes1(_data[PARAMS_END_OFFSET + uint16(numOfAssets) * PARAMS_TKN_SET_SIZE_MULTIPLE]),

180:                     PARAMS_START + PARAMS_END_OFFSET + uint16(numOfAssets) * PARAMS_TKN_SET_SIZE_MULTIPLE:

271:                         + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE

280:                         + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE

285:                         + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE],

288:                             + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE:

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L164

[G-17] Change public to external for functions that are not called internally

Contracts are allowed to override their parents' functions and change the visibility from external to public.

There are 89 instances of this issue:
File: erc-20/ERC20Boost.sol

175:     function decrementGaugeBoost(address gauge, uint256 boost) public {

312:     function transfer(address to, uint256 amount) public override notAttached(msg.sender, amount) returns (bool) {

323:     function transferFrom(address from, address to, uint256 amount)

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L175

File: erc-20/ERC20Gauges.sol

496:     function transfer(address to, uint256 amount) public virtual override returns (bool) {

508:     function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L496

File: erc-20/ERC20MultiVotes.sol

32:     function checkpoints(address account, uint32 pos) public view virtual returns (Checkpoint memory) {

37:     function numCheckpoints(address account) public view virtual returns (uint32) {

58:     function getPriorVotes(address account, uint256 blockNumber) public view virtual returns (uint256) {

126:     function delegatesVotesCount(address delegator, address delegatee) public view virtual returns (uint256) {

131:     function delegates(address delegator) public view returns (address[] memory) {

141:     function incrementDelegation(address delegatee, uint256 amount) public virtual {

146:     function undelegate(address delegatee, uint256 amount) public virtual {

291:     function transfer(address to, uint256 amount) public virtual override returns (bool) {

303:     function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {

363:     function delegateBySig(address delegatee, uint256 nonce, uint256 expiry, uint8 v, bytes32 r, bytes32 s) public {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L32

File: erc-4626/ERC4626.sol

32:     function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {

47:     function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {

61:     function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256 shares) {

80:     function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256 assets) {

148:     function maxDeposit(address) public view virtual returns (uint256) {

153:     function maxMint(address) public view virtual returns (uint256) {

158:     function maxWithdraw(address owner) public view virtual returns (uint256) {

163:     function maxRedeem(address owner) public view virtual returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L32

File: erc-4626/ERC4626DepositOnly.sol

32:     function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {

47:     function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {

75:     function convertToAssets(uint256 shares) public view virtual returns (uint256) {

98:     function maxDeposit(address) public view virtual returns (uint256) {

103:     function maxMint(address) public view virtual returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L32

File: erc-4626/ERC4626MultiToken.sol

93:     function deposit(uint256[] calldata assetsAmounts, address receiver)

113:     function mint(uint256 shares, address receiver)

132:     function withdraw(uint256[] calldata assetsAmounts, address receiver, address owner)

156:     function redeem(uint256 shares, address receiver, address owner)

269:     function maxDeposit(address) public view virtual returns (uint256) {

274:     function maxMint(address) public view virtual returns (uint256) {

279:     function maxWithdraw(address owner) public view virtual returns (uint256[] memory) {

284:     function maxRedeem(address owner) public view virtual returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L93

File: erc-4626/UlyssesERC4626.sol

34:     function deposit(uint256 assets, address receiver) public virtual nonReentrant returns (uint256 shares) {

47:     function mint(uint256 shares, address receiver) public virtual nonReentrant returns (uint256 assets) {

59:     function redeem(uint256 shares, address receiver, address owner)

88:     function convertToShares(uint256 assets) public view virtual returns (uint256) {

92:     function convertToAssets(uint256 shares) public view virtual returns (uint256) {

96:     function previewDeposit(uint256 assets) public view virtual returns (uint256) {

100:     function previewMint(uint256 shares) public view virtual returns (uint256) {

104:     function previewRedeem(uint256 shares) public view virtual returns (uint256) {

112:     function maxDeposit(address) public view virtual returns (uint256) {

116:     function maxMint(address) public view virtual returns (uint256) {

120:     function maxRedeem(address owner) public view virtual returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L34

File: governance/GovernorBravoDelegateMaia.sol

56:     function initialize(

104:     function propose(

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L56

File: governance/GovernorBravoDelegator.sol

8:     constructor(

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L8

File: hermes/UtilityManager.sol

55:     function forfeitMultiple(uint256 amount) public virtual {

62:     function forfeitMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance) public virtual {

96:     function claimMultiple(uint256 amount) public virtual {

103:     function claimMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance) public virtual {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L55

File: hermes/bHermes.sol

96:     function claimOutstanding() public virtual {

115:     function totalAssets() public view virtual override returns (uint256) {

140:     function transfer(address to, uint256 amount) public virtual override returns (bool) {

158:     function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L96

File: maia/PartnerUtilityManager.sol

52:     function forfeitMultiple(uint256 amount) public virtual override {

60:     function forfeitMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance, uint256 _partnerGovernance)

108:     function claimMultiple(uint256 amount) public virtual override {

116:     function claimMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance, uint256 _partnerGovernance)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L52

File: maia/tokens/ERC4626PartnerManager.sol

85:     function updateUnderlyingBalance() public virtual {

90:     function claimOutstanding() public virtual {

105:     function totalAssets() public view override returns (uint256) {

113:     function convertToShares(uint256 assets) public view virtual override returns (uint256) {

121:     function convertToAssets(uint256 shares) public view virtual override returns (uint256) {

129:     function previewDeposit(uint256 assets) public view virtual override returns (uint256) {

136:     function previewMint(uint256 shares) public view virtual override returns (uint256) {

143:     function previewWithdraw(uint256 assets) public view virtual override returns (uint256) {

151:     function previewRedeem(uint256 shares) public view virtual override returns (uint256) {

161:     function maxDeposit(address) public view virtual override returns (uint256) {

173:     function maxWithdraw(address user) public view virtual override returns (uint256) {

179:     function maxRedeem(address user) public view virtual override returns (uint256) {

263:     function transfer(address to, uint256 amount)

279:     function transferFrom(address from, address to, uint256 amount)

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L85

File: maia/vMaia.sol

91:     function claimBoost(uint256 amount) public override {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L91

File: rewards/base/FlywheelCore.sol

84:     function accrue(ERC20 strategy, address user, address secondUser) public returns (uint256, uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L84

File: talos/TalosStrategyStaked.sol

89:     function transfer(address _to, uint256 _amount) public override returns (bool) {

94:     function transferFrom(address _from, address _to, uint256 _amount) public override returns (bool) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L89

File: talos/base/TalosBaseStrategy.sol

182:     function deposit(uint256 amount0Desired, uint256 amount1Desired, address receiver)

238:     function redeem(uint256 shares, uint256 amount0Min, uint256 amount1Min, address receiver, address _owner)

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L182

File: ulysses-amm/UlyssesPool.sol

102:     function totalAssets() public view override returns (uint256) {

107:     function maxRedeem(address owner) public view override returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L102

File: ulysses-amm/UlyssesToken.sol

39:     function totalAssets() public view override returns (uint256 _totalAssets) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L39

File: ulysses-amm/factories/UlyssesFactory.sol

65:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L65

File: ulysses-omnichain/BranchPort.sol

113:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L113

File: ulysses-omnichain/RootPort.sol

165:     function renounceOwnership() public payable override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L165

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

29:     function burn(uint256 value) public override onlyOwner {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L29

[G-18] <array>.length should not be looked up in every loop of a for-loop

The overheads outlined below are PER LOOP, excluding the first loop\n\n- storage arrays incur a Gwarmaccess (100 gas)\n\n- memory arrays use MLOAD (3 gas)\n\n- calldata arrays use CALLDATALOAD (3 gas)\nCaching the length changes each of these to a DUP (3 gas), and gets rid of the extra DUP needed to store the stack offset.

There are 29 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

181:         for (uint256 i = 0; i < proposal.targets.length; i++) {

215:         for (uint256 i = 0; i < proposal.targets.length; i++) {

251:         for (uint256 i = 0; i < proposal.targets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L181

File: ulysses-amm/UlyssesPool.sol

130:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

232:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

253:             for (uint256 i = 1; i < bandwidthStateList.length;) {

278:             for (uint256 i = 1; i < bandwidthStateList.length;) {

280:                     if (i == bandwidthStateList.length - 1) {

296:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130

File: ulysses-amm/UlyssesToken.sol

95:         for (uint256 i = 0; i < assets.length; i++) {

111:         for (uint256 i = 0; i < assets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95

File: ulysses-amm/factories/UlyssesFactory.sol

108:             if (length != weights[i].length) revert ParameterLengthError();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L108

File: ulysses-omnichain/ArbitrumBranchPort.sol

101:         for (uint256 i = 0; i < _localAddresses.length;) {

136:         for (uint256 i = 0; i < _localAddresses.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L101

File: ulysses-omnichain/BranchBridgeAgent.sol

283:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {

719:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {

951:         for (uint256 i = 0; i < deposit.hTokens.length;) {

1354:         for (uint256 i = 0; i < _deposits.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L283

File: ulysses-omnichain/BranchPort.sol

231:         for (uint256 i = 0; i < _localAddresses.length;) {

267:         for (uint256 i = 0; i < _localAddresses.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L231

File: ulysses-omnichain/MulticallRootRouter.sol

146:         for (uint256 i = 0; i < outputTokens.length;) {

311:             for (uint256 i = 0; i < outputParams.outputTokens.length;) {

387:             for (uint256 i = 0; i < outputParams.outputTokens.length;) {

463:             for (uint256 i = 0; i < outputParams.outputTokens.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L146

File: ulysses-omnichain/RootBridgeAgent.sol

342:         for (uint256 i = 0; i < _globalAddresses.length;) {

408:         for (uint256 i = 0; i < _dParams.hTokens.length;) {

561:         for (uint256 i = 0; i < newGas.length;) {

562:             settlement.callData[settlement.callData.length - 16 + i] = newGas[i];

596:         for (uint256 i = 0; i < settlement.hTokens.length;) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L342

[G-19] Multiplication by two should use bit shifting

<x> * 2 is the same as <x> << 1. While the compiler uses the SHL opcode to accomplish both, the version that uses multiplication incurs an overhead of 20 gas due to JUMPs to and from a compiler utility function that introduces checks which can be avoided by using unchecked {} around the division by two.

There are 3 instances of this issue:
File: maia/libraries/DateTimeLib.sol

58:             startOfDay = day * 86400;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L58

File: uni-v3-staker/libraries/RewardMath.sol

35:                 ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10

44:             boostedSecondsInsideX128 = (secondsInsideX128 * 4) / 10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L35

[G-20] Reduce the size of error messages

Shortening revert strings to fit in 32 bytes will decrease deployment time gas and will decrease runtime gas when the revert condition is met.

There are 65 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

364:         require(block.timestamp <= expiry, "ERC20MultiVotes: signature expired");

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L364

File: governance/GovernorBravoDelegateMaia.sol

63:         require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");

64:         require(msg.sender == admin, "GovernorBravo::initialize: admin only");

65:         require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");

66:         require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");

67:         require(
68:             votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
69:             "GovernorBravo::initialize: invalid voting period"
70:         );

71:         require(
72:             votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
73:             "GovernorBravo::initialize: invalid voting delay"
74:         );

75:         require(
76:             proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
77:             "GovernorBravo::initialize: invalid proposal threshold"
78:         );

112:         require(initialProposalId != 0, "GovernorBravo::propose: Governor Bravo not active");

114:         require(
115:             govToken.getPriorVotes(msg.sender, sub256(block.number, 1)) > getProposalThresholdAmount()
116:                 || isWhitelisted(msg.sender),
117:             "GovernorBravo::propose: proposer votes below proposal threshold"
118:         );

119:         require(
120:             targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,
121:             "GovernorBravo::propose: proposal function information arity mismatch"
122:         );

123:         require(targets.length != 0, "GovernorBravo::propose: must provide actions");

124:         require(targets.length <= proposalMaxOperations, "GovernorBravo::propose: too many actions");

129:             require(
130:                 proposersLatestProposalState != ProposalState.Active,
131:                 "GovernorBravo::propose: one live proposal per proposer, found an already active proposal"
132:             );

133:             require(
134:                 proposersLatestProposalState != ProposalState.Pending,
135:                 "GovernorBravo::propose: one live proposal per proposer, found an already pending proposal"
136:             );

146:         require(newProposal.id == 0, "GovernorBravo::propose: ProposalID collsion");

175:         require(
176:             state(proposalId) == ProposalState.Succeeded,
177:             "GovernorBravo::queue: proposal can only be queued if it is succeeded"
178:         );

197:         require(
198:             !timelock.queuedTransactions(keccak256(abi.encode(target, value, signature, data, eta))),
199:             "GovernorBravo::queueOrRevertInternal: identical proposal action already queued at eta"
200:         );

209:         require(
210:             state(proposalId) == ProposalState.Queued,
211:             "GovernorBravo::execute: proposal can only be executed if it is queued"
212:         );

228:         require(state(proposalId) != ProposalState.Executed, "GovernorBravo::cancel: cannot cancel executed proposal");

237:                 require(
238:                     (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount())
239:                         && msg.sender == whitelistGuardian,
240:                     "GovernorBravo::cancel: whitelisted proposer"
241:                 );

243:                 require(
244:                     (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount()),
245:                     "GovernorBravo::cancel: proposer above threshold"
246:                 );

298:         require(
299:             proposalCount >= proposalId && proposalId > initialProposalId, "GovernorBravo::state: invalid proposal id"
300:         );

350:         require(signatory != address(0), "GovernorBravo::castVoteBySig: invalid signature");

362:         require(state(proposalId) == ProposalState.Active, "GovernorBravo::castVoteInternal: voting is closed");

363:         require(support <= 2, "GovernorBravo::castVoteInternal: invalid vote type");

366:         require(receipt.hasVoted == false, "GovernorBravo::castVoteInternal: voter already voted");

398:         require(msg.sender == admin, "GovernorBravo::_setVotingDelay: admin only");

399:         require(
400:             newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
401:             "GovernorBravo::_setVotingDelay: invalid voting delay"
402:         );

414:         require(msg.sender == admin, "GovernorBravo::_setVotingPeriod: admin only");

415:         require(
416:             newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
417:             "GovernorBravo::_setVotingPeriod: invalid voting period"
418:         );

431:         require(msg.sender == admin, "GovernorBravo::_setProposalThreshold: admin only");

432:         require(
433:             newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
434:             "GovernorBravo::_setProposalThreshold: invalid proposal threshold"
435:         );

448:         require(
449:             msg.sender == admin || msg.sender == whitelistGuardian,
450:             "GovernorBravo::_setWhitelistAccountExpiration: admin only"
451:         );

462:         require(msg.sender == admin, "GovernorBravo::_setWhitelistGuardian: admin only");

475:         require(msg.sender == admin, "GovernorBravo::_initiate: admin only");

476:         require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");

489:         require(msg.sender == admin, "GovernorBravo:_setPendingAdmin: admin only");

507:         require(
508:             msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"
509:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L63

File: governance/GovernorBravoDelegator.sol

42:         require(msg.sender == admin, "GovernorBravoDelegator::_setImplementation: admin only");

43:         require(
44:             implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
45:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L42

File: ulysses-omnichain/BranchBridgeAgent.sol

151:         require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");

152:         require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");

153:         require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");

154:         require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");

155:         require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L151

File: ulysses-omnichain/BranchPort.sol

104:         require(_bridgeAgentFactory != address(0), "BridgeAgentFactory is zero address");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L104

File: ulysses-omnichain/RootBridgeAgent.sol

210:         require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");

212:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");

213:         require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");

214:         require(_localPortAddress != address(0), "Port Address cannot be zero address");

215:         require(_localRouterAddress != address(0), "Router Address cannot be zero address");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L210

File: ulysses-omnichain/RootPort.sol

115:         require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");

130:         require(_bridgeAgentFactory != address(0), "Bridge Agent Factory cannot be 0 address.");

131:         require(_coreRootRouter != address(0), "Core Root Router cannot be 0 address.");

147:         require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0 address.");

148:         require(_coreLocalBranchBridgeAgent != address(0), "Core Local Branch Bridge Agent cannot be 0 address.");

149:         require(_localBranchPortAddress != address(0), "Local Branch Port Address cannot be 0 address.");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L115

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

84:         require(
85:             msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
86:         );

87:         require(
88:             _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
89:             "Root Bridge Agent Factory Address does not match."
90:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L84-L86

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

64:         require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");

68:         require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");

84:         require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0");

118:         require(
119:             msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
120:         );

121:         require(
122:             _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
123:             "Root Bridge Agent Factory Address does not match."
124:         );

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L64

[G-21] Internal functions only called once can be inlined to save gas

Not inlining costs 20 to 40 gas because of two extra JUMP instructions and additional stack operations needed for function calls.

There are 38 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

80:     function average(uint256 a, uint256 b) internal pure returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L80

File: governance/GovernorBravoDelegateMaia.sol

190:     function queueOrRevertInternal(

536:     function getChainIdInternal() internal view returns (uint256) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L190

File: governance/GovernorBravoDelegator.sol

59:     function delegateTo(address callee, bytes memory data) internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L59

File: rewards/base/FlywheelCore.sol

115:     function _addStrategyForRewards(ERC20 strategy) internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L115

File: talos/TalosStrategyStaked.sol

164:     function _unstake(uint256 _tokenId) internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L164

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

75:     function _receiveAddBridgeAgent(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L75

File: ulysses-omnichain/BranchBridgeAgent.sol

857:     function _createDepositSingle(

903:     function _createDepositMultiple(

946:     function _redeemDeposit(uint32 _depositNonce) internal {

1099:     function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount) {

1386:     function _requiresExecutor() internal view virtual {

1399:     function _requiresRouter() internal view {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L857

File: ulysses-omnichain/BranchPort.sol

137:     function _reservesLacking(address _token) internal view returns (uint256) {

193:     function _checkTimeLimit(address _token, uint256 _amount) internal {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L137

File: ulysses-omnichain/CoreBranchRouter.sol

95:     function _receiveAddGlobalToken(

125:     function _receiveAddBridgeAgent(

163:     function _toggleBranchBridgeAgentFactory(address _newBridgeAgentFactoryAddress) internal {

177:     function _removeBranchBridgeAgent(address _branchBridgeAgent) internal {

189:     function _manageStrategyToken(address _underlyingToken, uint256 _minimumReservesRatio) internal {

206:     function _managePortStrategy(

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L95

File: ulysses-omnichain/CoreRootRouter.sol

125:     function _syncBranchBridgeAgent(address _newBranchBridgeAgent, address _rootBridgeAgent, uint24 _fromChain)

143:     function _addGlobalToken(uint128 _remoteExecutionGas, address _globalAddress, address _gasReceiver, uint24 _toChain)

178:     function _addLocalToken(

208:     function _setLocalToken(address _globalAddress, address _localAddress, uint24 _toChain) internal {

452:     function _requiresExecutor() internal view {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L125

File: ulysses-omnichain/MulticallRootRouter.sol

508:     function _requiresExecutor() internal view {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L508

File: ulysses-omnichain/RootBridgeAgent.sol

483:     function _createSettlement(

550:     function _retrySettlement(uint32 _settlementNonce) internal returns (bool) {

591:     function _redeemSettlement(uint32 _settlementNonce) internal {

659:     function _gasSwapIn(uint256 _amount, uint24 _fromChain) internal returns (uint256) {

831:     function _payFallbackGas(uint32 _settlementNonce, uint256 _initialGas) internal virtual {

1287:     function _requiresExecutor() internal view {

1302:     function _requiresRouter() internal view {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L483

File: ulysses-omnichain/RootPort.sol

203:     function _getUnderlyingTokenFromGlobal(address _globalAddress, uint24 _fromChain) internal view returns (address) {

218:     function _isGlobalToken(address _globalAddress, uint24 _fromChain) internal view returns (bool) {

233:     function _isLocalToken(address _localAddress, uint24 _fromChain, uint24 _toChain) internal view returns (bool) {

349:     function addVirtualAccount(address _user) internal returns (VirtualAccount newAccount) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L203

[G-22] Using bools for storage incurs overhead

Use uint256(1) and uint256(2) for true/false to avoid a Gwarmaccess (100 gas), and to avoid Gsset (20000 gas) when changing from ‘false’ to ‘true’, after having been ‘true’ in the past. See source.

There are 71 instances of this issue:
File: gauges/BaseV2Gauge.sol

137:         isActive[bribeFlywheel] = true;

138:         added[bribeFlywheel] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L137

File: gauges/factories/BaseV2GaugeFactory.sol

118:         activeGauges[gauge] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L118

File: gauges/factories/BaseV2GaugeManager.sol

115:         activeGaugeFactories[gaugeFactory] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L115

File: gauges/factories/BribesFactory.sol

94:         activeBribeFlywheels[flywheel] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L94

File: governance/GovernorBravoDelegateMaia.sol

159:         newProposal.canceled = false;

160:         newProposal.executed = false;

214:         proposal.executed = true;

250:         proposal.canceled = true;

377:         receipt.hasVoted = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L159

File: rewards/depots/MultiRewardsDepot.sol

49:         _isAsset[asset] = true;

50:         _isRewardsContract[rewardsContract] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L49

File: talos/TalosManager.sol

102:             upkeepNeeded = true;

104:             upkeepNeeded = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L102

File: talos/TalosStrategyStaked.sol

52:     bool private stakeFlag = false;

168:         stakeFlag = false;

178:             stakeFlag = true; // flag to store staking state to avoid failing to unstake when it is not staked

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L52

File: talos/base/TalosBaseStrategy.sol

163:         initialized = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L163

File: talos/boost-aggregator/BoostAggregator.sol

144:         whitelistedAddresses[user] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L144

File: ulysses-omnichain/BranchBridgeAgent.sol

1156:                 (success, result) = (true, res);

1162:             executionHistory[nonce] = true;

1180:                 (success, result) = (true, res);

1186:             executionHistory[nonce] = true;

1204:                 (success, result) = (true, res);

1210:             executionHistory[nonce] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L1156

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

112:             success = true;

155:             success = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L112

File: ulysses-omnichain/BranchPort.sol

107:         isBridgeAgentFactory[_bridgeAgentFactory] = true;

291:         isBridgeAgent[_bridgeAgent] = true;

309:         isBridgeAgentFactory[_newBridgeAgentFactory] = true;

336:         isStrategyToken[_token] = true;

357:         isPortStrategy[_portStrategy][_token] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L107

File: ulysses-omnichain/RootBridgeAgent.sol

671:         if (!approvedGasPool[poolAddress]) approvedGasPool[poolAddress] = true;

712:         if (!approvedGasPool[poolAddress]) approvedGasPool[poolAddress] = true;

929:                 (success, result) = (true, res);

932:                 (success, result) = (false, reason);

936:             executionHistory[fromChainId][nonce] = true;

954:                 (success, result) = (true, res);

957:                 (success, result) = (true, reason);

961:             executionHistory[fromChainId][nonce] = true;

979:                 (success, result) = (true, res);

985:             executionHistory[fromChainId][nonce] = true;

1003:                 (success, result) = (true, res);

1009:             executionHistory[fromChainId][nonce] = true;

1035:                 (success, result) = (true, res);

1038:                 (success, result) = (true, reason);

1045:             executionHistory[fromChainId][nonce] = true;

1071:                 (success, result) = (true, res);

1080:             executionHistory[fromChainId][nonce] = true;

1106:                 (success, result) = (true, res);

1115:             executionHistory[fromChainId][nonce] = true;

1132:                 (success, result) = (true, res);

1138:             executionHistory[fromChainId][nonce] = true;

1148:                 executionHistory[fromChainId][nonce] = true;

1151:                 (success, result) = (false, "");

1250:         isBranchBridgeAgentAllowed[_branchChainId] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L671

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

141:             success = true;

187:             success = true;

245:             success = true;

296:                 success = true;

316:         (success, result) = (true, "");

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L141

File: ulysses-omnichain/RootPort.sol

120:         isChainId[_localChainId] = true;

123:         _setup = true;

133:         isBridgeAgentFactory[_bridgeAgentFactory] = true;

161:         _setup = false;

251:         isGlobalAddress[_globalAddress] = true;

447:         isChainId[_chainId] = true;

448:         isGlobalAddress[newGlobalToken] = true;

464:             zeroForOneOnInflow = true;

468:             zeroForOneOnInflow = false;

498:         isGlobalAddress[_ecoTokenGlobalAddress] = true;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L120

[G-23] Multiple mappings can be replaced with a single struct mapping

Saves a storage slot for the mapping. Depending on the circumstances and sizes of types, can avoid a Gsset (20000 gas) per mapping combined. Reads and subsequent writes can also be cheaper when a function requires both values and they both fit in the same storage slot.

There are 56 instances of this issue:
File: erc-20/ERC20Boost.sol

28:     mapping(address => mapping(address => GaugeState)) public override getUserGaugeBoost;

31:     mapping(address => uint256) public override getUserBoost;

33:     mapping(address => EnumerableSet.AddressSet) internal _userGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L28

File: erc-20/ERC20Gauges.sol

45:     mapping(address => mapping(address => uint112)) public override getUserGaugeWeight;

49:     mapping(address => uint112) public override getUserWeight;

53:     mapping(address => Weight) internal _getGaugeWeight;

58:     mapping(address => EnumerableSet.AddressSet) internal _userGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L45

File: erc-20/ERC20MultiVotes.sol

117:     mapping(address => mapping(address => uint256)) private _delegatesVotesCount;

120:     mapping(address => uint256) public userDelegatedVotes;

123:     mapping(address => EnumerableSet.AddressSet) private _delegates;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L117

File: gauges/BaseV2Gauge.sol

35:     mapping(FlywheelCore => bool) public override isActive;

38:     mapping(FlywheelCore => bool) public override added;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L35

File: gauges/factories/BaseV2GaugeFactory.sol

36:     mapping(BaseV2Gauge => uint256) public override gaugeIds;

39:     mapping(BaseV2Gauge => bool) public override activeGauges;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L36

File: gauges/factories/BaseV2GaugeManager.sol

32:     mapping(BaseV2GaugeFactory => uint256) public gaugeFactoryIds;

35:     mapping(BaseV2GaugeFactory => bool) public activeGaugeFactories;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L32

File: gauges/factories/BribesFactory.sol

32:     mapping(FlywheelCore => uint256) public bribeFlywheelIds;

35:     mapping(FlywheelCore => bool) public activeBribeFlywheels;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L32

File: rewards/base/FlywheelCore.sol

30:     mapping(ERC20 => uint256) public override strategyIds;

151:     mapping(ERC20 => uint256) public strategyIndex;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L30

File: rewards/depots/MultiRewardsDepot.sol

17:     mapping(address => address) private _assets;

20:     mapping(address => bool) private _isRewardsContract;

23:     mapping(address => bool) private _isAsset;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L17

File: talos/boost-aggregator/BoostAggregator.sol

42:     mapping(uint256 => address) public tokenIdToUser;

45:     mapping(uint256 => uint256) public tokenIdRewards;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L42

File: ulysses-amm/factories/UlyssesFactory.sol

55:     mapping(uint256 => UlyssesPool) public pools;

58:     mapping(uint256 => UlyssesToken) public tokens;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L55

File: ulysses-omnichain/BranchPort.sol

54:     mapping(address => bool) public isStrategyToken;

63:     mapping(address => uint256) public getStrategyTokenDebt;

66:     mapping(address => uint256) public getMinimumTokenReserveRatio;

71:     mapping(address => mapping(address => bool)) public isPortStrategy;

80:     mapping(address => mapping(address => uint256)) public getPortStrategyTokenDebt;

83:     mapping(address => mapping(address => uint256)) public lastManaged;

86:     mapping(address => mapping(address => uint256)) public strategyDailyLimitAmount;

89:     mapping(address => mapping(address => uint256)) public strategyDailyLimitRemaining;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L54

File: ulysses-omnichain/RootBridgeAgent.sol

154:     mapping(uint256 => address) public getBranchBridgeAgent;

157:     mapping(uint256 => bool) public isBranchBridgeAgentAllowed;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L154

File: ulysses-omnichain/RootPort.sol

58:     mapping(uint256 => bool) public isChainId;

61:     mapping(address => bool) public isBridgeAgent;

70:     mapping(address => address) public getBridgeAgentManager;

90:     mapping(address => bool) public isGlobalAddress;

93:     mapping(address => mapping(uint256 => address)) public getGlobalTokenFromLocal;

96:     mapping(address => mapping(uint256 => address)) public getLocalTokenFromGlobal;

99:     mapping(address => mapping(uint256 => address)) public getLocalTokenFromUnder;

102:     mapping(address => mapping(uint256 => address)) public getUnderlyingTokenFromLocal;

109:     mapping(uint256 => address) public getWrappedNativeToken;

112:     mapping(uint256 => GasPoolInfo) public getGasPoolInfo;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L58

File: uni-v3-staker/UniswapV3Staker.sol

37:     mapping(IUniswapV3Pool => UniswapV3Gauge) public gauges;

40:     mapping(IUniswapV3Pool => address) public bribeDepots;

43:     mapping(IUniswapV3Pool => uint24) public poolsMinimumWidth;

49:     mapping(uint256 => Deposit) public override deposits;

52:     mapping(address => mapping(IUniswapV3Pool => uint256)) private _userAttachements;

55:     mapping(uint256 => mapping(bytes32 => Stake)) private _stakes;

58:     mapping(uint256 => IncentiveKey) private stakedIncentiveKey;

81:     mapping(address => uint256) public override rewards;

84:     mapping(uint256 => uint256) public tokenIdRewards;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L37

[G-24] Setting the constructor to payable

The msg.sender is the address of the account that initiated the current call. This is the address where the current (external) function call came from. It is possible to delegatecall() to another contract, which means that msg.sender will be the address of the current contract, not the original caller (as defined by CALLER in the yellow paper).\n\nThe tx.origin is the address of the account that sent the transaction, which started it all. It is never an account with code, and for any externally owned account, it is the same as msg.sender.

There are 57 instances of this issue:
File: gauges/UniswapV3Gauge.sol

33:     constructor(
34:         FlywheelGaugeRewards _flywheelGaugeRewards,
35:         address _uniswapV3Staker,
36:         address _uniswapV3Pool,
37:         uint24 _minimumWidth,
38:         address _owner
39:     ) BaseV2Gauge(_flywheelGaugeRewards, _uniswapV3Pool, _owner) {
40:         uniswapV3Staker = _uniswapV3Staker;
41:         minimumWidth = _minimumWidth;
42:
43:         emit NewMinimumWidth(_minimumWidth);
44:
45:         rewardToken.safeApprove(_uniswapV3Staker, type(uint256).max);
46:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L33-L46

File: gauges/factories/BaseV2GaugeManager.sol

43:     constructor(bHermes _bHermes, address _owner, address _admin) {
44:         admin = _admin;
45:         _initializeOwner(_owner);
46:         bHermesGaugeWeight = _bHermes.gaugeWeight();
47:         bHermesGaugeBoost = _bHermes.gaugeBoost();
48:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L43-L48

File: gauges/factories/BribesFactory.sol

50:     constructor(
51:         BaseV2GaugeManager _gaugeManager,
52:         FlywheelBoosterGaugeWeight _flywheelGaugeWeightBooster,
53:         uint256 _rewardsCycleLength,
54:         address _owner
55:     ) {
56:         _initializeOwner(_owner);
57:         gaugeManager = _gaugeManager;
58:         flywheelGaugeWeightBooster = _flywheelGaugeWeightBooster;
59:         rewardsCycleLength = _rewardsCycleLength;
60:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L50-L60

File: gauges/factories/UniswapV3GaugeFactory.sol

50:     constructor(
51:         BaseV2GaugeManager _gaugeManager,
52:         bHermesBoost _bHermesBoost,
53:         IUniswapV3Factory _factory,
54:         INonfungiblePositionManager _nonfungiblePositionManager,
55:         FlywheelGaugeRewards _flywheelGaugeRewards,
56:         BribesFactory _bribesFactory,
57:         address _owner
58:     ) BaseV2GaugeFactory(_gaugeManager, _bHermesBoost, _bribesFactory, _owner) {
59:         flywheelGaugeRewards = _flywheelGaugeRewards;
60:         uniswapV3Staker = new UniswapV3Staker(
61:             _factory,
62:             _nonfungiblePositionManager,
63:             this,
64:             _bHermesBoost,
65:             52 weeks,
66:             address(_flywheelGaugeRewards.minter()),
67:             address(_flywheelGaugeRewards.rewardToken())
68:         );
69:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L50-L69

File: governance/GovernorBravoDelegator.sol

8:     constructor(
9:         address timelock_,
10:         address govToken_,
11:         address admin_,
12:         address implementation_,
13:         uint256 votingPeriod_,
14:         uint256 votingDelay_,
15:         uint256 proposalThreshold_
16:     ) public {
17:         // Admin set to msg.sender for initialization
18:         admin = msg.sender;
19:
20:         delegateTo(
21:             implementation_,
22:             abi.encodeWithSignature(
23:                 "initialize(address,address,uint256,uint256,uint256)",
24:                 timelock_,
25:                 govToken_,
26:                 votingPeriod_,
27:                 votingDelay_,
28:                 proposalThreshold_
29:             )
30:         );
31:
32:         _setImplementation(implementation_);
33:
34:         admin = admin_;
35:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L8-L35

File: hermes/bHermes.sol

55:     constructor(ERC20 _hermes, address _owner, uint32 _gaugeCycleLength, uint32 _incrementFreezeWindow)
56:         UtilityManager(
57:             address(new bHermesGauges(_owner, _gaugeCycleLength, _incrementFreezeWindow)),
58:             address(new bHermesBoost(_owner)),
59:             address(new bHermesVotes(_owner))
60:         )
61:         ERC4626DepositOnly(_hermes, "Burned Hermes: Gov + Yield + Boost", "bHermes")
62:     {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L55-L62

File: hermes/minters/BaseV2Minter.sol

53:     constructor(
54:         address _vault, // the B(3,3) system that will be locked into
55:         address _dao,
56:         address _owner
57:     ) {
58:         _initializeOwner(_owner);
59:         initializer = msg.sender;
60:         dao = _dao;
61:         underlying = address(ERC4626(_vault).asset());
62:         vault = ERC4626(_vault);
63:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L53-L63

File: hermes/tokens/HERMES.sol

48:     constructor(address _owner) ERC20("Hermes", "HERMES", 18) {
49:         _initializeOwner(_owner);
50:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L48-L50

File: hermes/tokens/bHermesBoost.sol

22:     constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {
23:         _initializeOwner(_owner);
24:         bHermes = msg.sender;
25:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L22-L25

File: hermes/tokens/bHermesGauges.sol

26:     constructor(address _owner, uint32 _rewardsCycleLength, uint32 _incrementFreezeWindow)
27:         ERC20Gauges(_rewardsCycleLength, _incrementFreezeWindow)
28:         ERC20("bHermes Gauges", "bHERMES-G", 18)
29:     {
30:         _initializeOwner(_owner);
31:         bHermes = msg.sender;
32:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L26-L32

File: hermes/tokens/bHermesVotes.sol

20:     constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {
21:         _initializeOwner(_owner);
22:         bHermes = msg.sender;
23:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L20-L23

File: maia/factories/PartnerManagerFactory.sol

37:     constructor(ERC20 _bHermes, address _owner) {
38:         _initializeOwner(_owner);
39:         bHermes = _bHermes;
40:         partners.push(PartnerManager(address(0)));
41:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L37-L41

File: maia/tokens/Maia.sol

41:     constructor(address _owner) ERC20("Maia", "MAIA", 18) {
42:         _initializeOwner(_owner);
43:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L41-L43

File: maia/vMaia.sol

48:     constructor(
49:         PartnerManagerFactory _factory,
50:         uint256 _bHermesRate,
51:         ERC20 _partnerAsset,
52:         string memory _name,
53:         string memory _symbol,
54:         address _bhermes,
55:         address _partnerVault,
56:         address _owner
57:     ) ERC4626PartnerManager(_factory, _bHermesRate, _partnerAsset, _name, _symbol, _bhermes, _partnerVault, _owner) {
58:         // Set the current month to the current month.
59:         currentMonth = DateTimeLib.getMonth(block.timestamp);
60:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L48-L60

File: rewards/FlywheelCoreInstant.sol

33:     constructor(
34:         address _rewardToken,
35:         IFlywheelRewards _flywheelRewards,
36:         IFlywheelBooster _flywheelBooster,
37:         address _owner
38:     ) Core(_rewardToken, address(_flywheelRewards), _flywheelBooster, _owner) {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L33-L38

File: rewards/FlywheelCoreStrategy.sol

32:     constructor(
33:         address _rewardToken,
34:         IFlywheelRewards _flywheelRewards,
35:         IFlywheelBooster _flywheelBooster,
36:         address _owner
37:     ) Core(_rewardToken, address(_flywheelRewards), _flywheelBooster, _owner) {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L32-L37

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

48:     constructor(bHermesGauges _bHermesGauges) {
49:         bhermes = _bHermesGauges;
50:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L48-L50

File: rewards/depots/MultiRewardsDepot.sol

29:     constructor(address _owner) {
30:         _initializeOwner(_owner);
31:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L29-L31

File: rewards/depots/SingleRewardsDepot.sol

22:     constructor(address _asset) {
23:         asset = _asset;
24:         rewardsContract = msg.sender;
25:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L22-L25

File: rewards/rewards/FlywheelBribeRewards.sol

27:     constructor(FlywheelCore _flywheel, uint256 _rewardsCycleLength)
28:         FlywheelAcummulatedRewards(_flywheel, _rewardsCycleLength)
29:     {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L27-L29

File: rewards/rewards/FlywheelGaugeRewards.sol

53:     constructor(address _rewardToken, address _owner, ERC20Gauges _gaugeToken, IBaseV2Minter _minter) {
54:         _initializeOwner(_owner);
55:         rewardToken = _rewardToken;
56:
57:         gaugeCycleLength = _gaugeToken.gaugeCycleLength();
58:
59:         // seed initial gaugeCycle
60:         gaugeCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;
61:
62:         gaugeToken = _gaugeToken;
63:
64:         minter = _minter;
65:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L53-L65

File: rewards/rewards/FlywheelInstantRewards.sol

28:     constructor(FlywheelCore _flywheel) BaseFlywheelRewards(_flywheel) {
29:         rewardsDepot = new SingleRewardsDepot(rewardToken);
30:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L28-L30

File: talos/TalosManager.sol

44:     constructor(
45:         address _strategy,
46:         int24 _ticksFromLowerRebalance,
47:         int24 _ticksFromUpperRebalance,
48:         int24 _ticksFromLowerRerange,
49:         int24 _ticksFromUpperRerange
50:     ) {
51:         strategy = ITalosBaseStrategy(_strategy);
52:         ticksFromLowerRebalance = _ticksFromLowerRebalance;
53:         ticksFromUpperRebalance = _ticksFromUpperRebalance;
54:         ticksFromLowerRerange = _ticksFromLowerRerange;
55:         ticksFromUpperRerange = _ticksFromUpperRerange;
56:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L44-L56

File: talos/TalosOptimizer.sol

34:     constructor(
35:         uint32 _twapDuration,
36:         int24 _maxTwapDeviation,
37:         int24 _tickRangeMultiplier,
38:         uint24 _priceImpactPercentage,
39:         uint256 _maxTotalSupply,
40:         address _owner
41:     ) {
42:         if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();
43:         if (_twapDuration < 100) revert TwapDurationTooLow();
44:         if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {
45:             revert PriceImpactPercentageInvalid();
46:         }
47:         if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();
48:
49:         _initializeOwner(_owner);
50:         twapDuration = _twapDuration;
51:         maxTwapDeviation = _maxTwapDeviation;
52:         tickRangeMultiplier = _tickRangeMultiplier;
53:         priceImpactPercentage = _priceImpactPercentage;
54:         maxTotalSupply = _maxTotalSupply;
55:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L34-L55

File: talos/TalosStrategyStaked.sol

63:     constructor(
64:         IUniswapV3Pool _pool,
65:         ITalosOptimizer _optimizer,
66:         BoostAggregator _boostAggregator,
67:         address _strategyManager,
68:         FlywheelCoreInstant _flywheel,
69:         address _owner
70:     )
71:         TalosStrategySimple(
72:             _pool,
73:             _optimizer,
74:             _boostAggregator.nonfungiblePositionManager(),
75:             _strategyManager,
76:             _owner
77:         )
78:     {
79:         flywheel = _flywheel;
80:
81:         boostAggregator = _boostAggregator;
82:         _boostAggregator.setOwnRewardsDepot(address(FlywheelInstantRewards(_flywheel.flywheelRewards()).rewardsDepot()));
83:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L63-L83

File: talos/TalosStrategyVanilla.sol

58:     constructor(
59:         IUniswapV3Pool _pool,
60:         ITalosOptimizer _optimizer,
61:         INonfungiblePositionManager _nonfungiblePositionManager,
62:         address _strategyManager,
63:         address _owner
64:     ) TalosStrategySimple(_pool, _optimizer, _nonfungiblePositionManager, _strategyManager, _owner) {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L58-L64

File: talos/boost-aggregator/BoostAggregator.sol

64:     constructor(UniswapV3Staker _uniswapV3Staker, ERC20 _hermes, address _owner) {
65:         _initializeOwner(_owner);
66:         uniswapV3Staker = _uniswapV3Staker;
67:         hermesGaugeBoost = uniswapV3Staker.hermesGaugeBoost();
68:         nonfungiblePositionManager = uniswapV3Staker.nonfungiblePositionManager();
69:         hermes = _hermes;
70:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L64-L70

File: talos/factories/BoostAggregatorFactory.sol

34:     constructor(UniswapV3Staker _uniswapV3Staker) {
35:         uniswapV3Staker = _uniswapV3Staker;
36:         hermes = ERC20(_uniswapV3Staker.hermes());
37:
38:         boostAggregators.push(BoostAggregator(address(0)));
39:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L34-L39

File: talos/factories/OptimizerFactory.sol

26:     constructor() {
27:         optimizers.push(TalosOptimizer(address(0)));
28:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L26-L28

File: talos/factories/TalosStrategyStakedFactory.sol

40:     constructor(
41:         INonfungiblePositionManager _nonfungiblePositionManager,
42:         OptimizerFactory _optimizerFactory,
43:         BoostAggregatorFactory _boostAggregatorFactory
44:     ) TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory) {
45:         boostAggregatorFactory = _boostAggregatorFactory;
46:
47:         flywheel = new FlywheelCoreInstant(
48:             address(_boostAggregatorFactory.hermes()),
49:             IFlywheelRewards(address(0)),
50:             IFlywheelBooster(address(0)),
51:             address(this)
52:         );
53:         rewards = new FlywheelInstantRewards(flywheel);
54:         flywheel.setFlywheelRewards(address(rewards));
55:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L40-L55

File: talos/factories/TalosStrategyVanillaFactory.sol

24:     constructor(INonfungiblePositionManager _nonfungiblePositionManager, OptimizerFactory _optimizerFactory)
25:         TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory)
26:     {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L24-L26

File: ulysses-amm/UlyssesPool.sol

80:     constructor(
81:         uint256 _id,
82:         address _asset,
83:         string memory _name,
84:         string memory _symbol,
85:         address _owner,
86:         address _factory
87:     ) UlyssesERC4626(_asset, _name, _symbol) {
88:         require(_owner != address(0));
89:         factory = UlyssesFactory(_factory);
90:         _initializeOwner(_owner);
91:         require(_id != 0);
92:         id = _id;
93:
94:         bandwidthStateList.push(BandwidthState({bandwidth: 0, destination: UlyssesPool(address(0)), weight: 0}));
95:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L80-L95

File: ulysses-amm/UlyssesRouter.sol

20:     constructor(UlyssesFactory _ulyssesFactory) {
21:         ulyssesFactory = _ulyssesFactory;
22:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L20-L22

File: ulysses-amm/UlyssesToken.sol

21:     constructor(
22:         uint256 _id,
23:         address[] memory _assets,
24:         uint256[] memory _weights,
25:         string memory _name,
26:         string memory _symbol,
27:         address _owner
28:     ) ERC4626MultiToken(_assets, _weights, _name, _symbol) {
29:         _initializeOwner(_owner);
30:         require(_id != 0);
31:         id = _id;
32:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L21-L32

File: ulysses-amm/factories/UlyssesFactory.sol

60:     constructor(address _owner) {
61:         require(_owner != address(0), "Owner cannot be 0");
62:         _initializeOwner(_owner);
63:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L60-L63

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

71:     constructor(
72:         WETH9 _wrappedNativeToken,
73:         uint256 _localChainId,
74:         address _rootBridgeAgentAddress,
75:         address _localAnyCallAddress,
76:         address _localAnyCallExecutorAddress,
77:         address _localRouterAddress,
78:         address _localPortAddress
79:     )
80:         BranchBridgeAgent(
81:             _wrappedNativeToken,
82:             _localChainId,
83:             _localChainId,
84:             _rootBridgeAgentAddress,
85:             _localAnyCallAddress,
86:             _localAnyCallExecutorAddress,
87:             _localRouterAddress,
88:             _localPortAddress
89:         )
90:     {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L71-L90

File: ulysses-omnichain/ArbitrumBranchPort.sol

33:     constructor(uint24 _localChainId, address _rootPortAddress, address _owner) BranchPort(_owner) {
34:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
35:
36:         localChainId = _localChainId;
37:         rootPortAddress = _rootPortAddress;
38:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L33-L38

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

38:     constructor(address _hTokenFactoryAddress, address _localPortAddress)
39:         CoreBranchRouter(_hTokenFactoryAddress, _localPortAddress)
40:     {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L38-L40

File: ulysses-omnichain/BaseBranchRouter.sol

28:     constructor() {
29:         _initializeOwner(msg.sender);
30:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L28-L30

File: ulysses-omnichain/BranchBridgeAgent.sol

141:     constructor(
142:         WETH9 _wrappedNativeToken,
143:         uint256 _rootChainId,
144:         uint256 _localChainId,
145:         address _rootBridgeAgentAddress,
146:         address _localAnyCallAddress,
147:         address _localAnyCallExecutorAddress,
148:         address _localRouterAddress,
149:         address _localPortAddress
150:     ) {
151:         require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");
152:         require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");
153:         require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");
154:         require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");
155:         require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");
156:
157:         wrappedNativeToken = _wrappedNativeToken;
158:         localChainId = _localChainId;
159:         rootChainId = _rootChainId;
160:         rootBridgeAgentAddress = _rootBridgeAgentAddress;
161:         localAnyCallAddress = _localAnyCallAddress;
162:         localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
163:         localRouterAddress = _localRouterAddress;
164:         localPortAddress = _localPortAddress;
165:         bridgeAgentExecutorAddress = DeployBranchBridgeAgentExecutor.deploy();
166:         depositNonce = 1;
167:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L141-L167

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

54:     constructor() {
55:         _initializeOwner(msg.sender);
56:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L54-L56

File: ulysses-omnichain/BranchPort.sol

94:     constructor(address _owner) {
95:         require(_owner != address(0), "Owner is zero address");
96:         _initializeOwner(_owner);
97:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L94-L97

File: ulysses-omnichain/CoreBranchRouter.sol

26:     constructor(address _hTokenFactoryAddress, address _localPortAddress) BaseBranchRouter() {
27:         localPortAddress = _localPortAddress;
28:         hTokenFactoryAddress = _hTokenFactoryAddress;
29:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L26-L29

File: ulysses-omnichain/CoreRootRouter.sol

56:     constructor(uint24 _rootChainId, address _wrappedNativeToken, address _rootPortAddress) {
57:         rootChainId = _rootChainId;
58:         wrappedNativeToken = WETH9(_wrappedNativeToken);
59:         rootPortAddress = _rootPortAddress;
60:         _initializeOwner(msg.sender);
61:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L56-L61

File: ulysses-omnichain/MulticallRootRouter.sol

64:     constructor(uint256 _localChainId, address _localPortAddress, address _multicallAddress) {
65:         require(_localPortAddress != address(0), "Local Port Address cannot be 0");
66:         require(_multicallAddress != address(0), "Multicall Address cannot be 0");
67:
68:         localChainId = _localChainId;
69:         localPortAddress = _localPortAddress;
70:         multicallAddress = _multicallAddress;
71:         _initializeOwner(msg.sender);
72:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L64-L72

File: ulysses-omnichain/RootBridgeAgent.sol

201:     constructor(
202:         WETH9 _wrappedNativeToken,
203:         uint24 _localChainId,
204:         address _daoAddress,
205:         address _localAnyCallAddress,
206:         address _localAnyCallExecutorAddress,
207:         address _localPortAddress,
208:         address _localRouterAddress
209:     ) {
210:         require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");
211:         require(_daoAddress != address(0), "DAO cannot be zero address");
212:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");
213:         require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");
214:         require(_localPortAddress != address(0), "Port Address cannot be zero address");
215:         require(_localRouterAddress != address(0), "Router Address cannot be zero address");
216:
217:         wrappedNativeToken = _wrappedNativeToken;
218:         factoryAddress = msg.sender;
219:         daoAddress = _daoAddress;
220:         localChainId = _localChainId;
221:         localAnyCallAddress = _localAnyCallAddress;
222:         localPortAddress = _localPortAddress;
223:         localRouterAddress = _localRouterAddress;
224:         bridgeAgentExecutorAddress = DeployRootBridgeAgentExecutor.deploy(address(this));
225:         localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
226:         settlementNonce = 1;
227:         accumulatedFees = 1; //Avoid paying 20k gas in first `payExecutionGas` making MIN_EXECUTION_OVERHEAD constant.
228:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L201-L228

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

61:     constructor(address owner) {
62:         _initializeOwner(owner);
63:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L61-L63

File: ulysses-omnichain/RootPort.sol

114:     constructor(uint24 _localChainId, address _wrappedNativeToken) {
115:         require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");
116:
117:         localChainId = _localChainId;
118:         wrappedNativeTokenAddress = _wrappedNativeToken;
119:
120:         isChainId[_localChainId] = true;
121:
122:         _initializeOwner(msg.sender);
123:         _setup = true;
124:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L114-L124

File: ulysses-omnichain/VirtualAccount.sol

25:     constructor(address _userAddress, address _localPortAddress) {
26:         userAddress = _userAddress;
27:         localPortAddress = _localPortAddress;
28:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L25-L28

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

31:     constructor(
32:         uint256 _rootChainId,
33:         address _rootBridgeAgentFactoryAddress,
34:         WETH9 _wrappedNativeToken,
35:         address _localAnyCallAddress,
36:         address _localAnyCallExecutorAddress,
37:         address _localCoreBranchRouterAddress,
38:         address _localPortAddress,
39:         address _owner
40:     )
41:         BranchBridgeAgentFactory(
42:             _rootChainId,
43:             _rootChainId,
44:             _rootBridgeAgentFactoryAddress,
45:             _wrappedNativeToken,
46:             _localAnyCallAddress,
47:             _localAnyCallExecutorAddress,
48:             _localCoreBranchRouterAddress,
49:             _localPortAddress,
50:             _owner
51:         )
52:     {}

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L31-L52

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

53:     constructor(
54:         uint256 _localChainId,
55:         uint256 _rootChainId,
56:         address _rootBridgeAgentFactoryAddress,
57:         WETH9 _wrappedNativeToken,
58:         address _localAnyCallAddress,
59:         address _localAnyCallExecutorAddress,
60:         address _localCoreBranchRouterAddress,
61:         address _localPortAddress,
62:         address _owner
63:     ) {
64:         require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");
65:         require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
66:         require(_localAnyCallAddress != address(0), "Anycall Address cannot be 0");
67:         require(_localAnyCallExecutorAddress != address(0), "Anyexec Address cannot be 0");
68:         require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");
69:         require(_localPortAddress != address(0), "Port Address cannot be 0");
70:         require(_owner != address(0), "Owner cannot be 0");
71:
72:         localChainId = _localChainId;
73:         rootChainId = _rootChainId;
74:         rootBridgeAgentFactoryAddress = _rootBridgeAgentFactoryAddress;
75:         wrappedNativeToken = _wrappedNativeToken;
76:         localAnyCallAddress = _localAnyCallAddress;
77:         localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
78:         localCoreBranchRouterAddress = _localCoreBranchRouterAddress;
79:         localPortAddress = _localPortAddress;
80:         _initializeOwner(_owner);
81:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L53-L81

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

27:     constructor(uint24 _localChainId, address _localPortAddress) {
28:         require(_localPortAddress != address(0), "Port address cannot be 0");
29:
30:         localChainId = _localChainId;
31:         localPortAddress = _localPortAddress;
32:         _initializeOwner(msg.sender);
33:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L27-L33

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

33:     constructor(uint256 _localChainId, address _rootPortAddress) {
34:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
35:         localChainId = _localChainId;
36:         rootPortAddress = _rootPortAddress;
37:         _initializeOwner(msg.sender);
38:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L33-L38

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

48:     constructor(
49:         uint24 _rootChainId,
50:         WETH9 _wrappedNativeToken,
51:         address _localAnyCallAddress,
52:         address _rootPortAddress,
53:         address _daoAddress
54:     ) {
55:         require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
56:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
57:         require(_daoAddress != address(0), "DAO Address cannot be 0");
58:
59:         rootChainId = _rootChainId;
60:         wrappedNativeToken = _wrappedNativeToken;
61:         localAnyCallAddress = _localAnyCallAddress;
62:         localAnyCallExecutorAddress = IAnycallProxy(localAnyCallAddress).executor();
63:         rootPortAddress = _rootPortAddress;
64:         daoAddress = _daoAddress;
65:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L48-L65

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

12:     constructor(string memory _name, string memory _symbol, address _owner)
13:         ERC20(string(string.concat("Hermes - ", _name)), string(string.concat("h-", _symbol)), 18)
14:     {
15:         _initializeOwner(_owner);
16:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L12-L16

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

38:     constructor(
39:         uint256 _localChainId,
40:         address _factoryAddress,
41:         address _rootPortAddress,
42:         string memory _name,
43:         string memory _symbol
44:     ) ERC20(string(string.concat("Hermes ", _name)), string(string.concat("h-", _symbol)), 18) {
45:         require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
46:         require(_factoryAddress != address(0), "Factory Address cannot be 0");
47:         localChainId = _localChainId;
48:         factoryAddress = _factoryAddress;
49:         rootPortAddress = _rootPortAddress;
50:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L38-L50

File: uni-v3-staker/UniswapV3Staker.sol

114:     constructor(
115:         IUniswapV3Factory _factory,
116:         INonfungiblePositionManager _nonfungiblePositionManager,
117:         IUniswapV3GaugeFactory _uniswapV3GaugeFactory,
118:         bHermesBoost _hermesGaugeBoost,
119:         uint256 _maxIncentiveStartLeadTime,
120:         address _minter,
121:         address _hermes
122:     ) {
123:         factory = _factory;
124:         nonfungiblePositionManager = _nonfungiblePositionManager;
125:         maxIncentiveStartLeadTime = _maxIncentiveStartLeadTime;
126:         uniswapV3GaugeFactory = _uniswapV3GaugeFactory;
127:         hermesGaugeBoost = _hermesGaugeBoost;
128:         minter = _minter;
129:         hermes = _hermes;
130:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L114-L130

[G-25] Use unchecked keyword for loop counter

Using unchecked blocks saves just a tiny bit of gas, but in instances where its clearly safe already it’s possible to avoid this unnecessary check.

There are 16 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

328:         for (uint256 i = 0; i < size && (userFreeVotes + totalFreed) < votes; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L328

File: governance/GovernorBravoDelegateMaia.sol

181:         for (uint256 i = 0; i < proposal.targets.length; i++) {

215:         for (uint256 i = 0; i < proposal.targets.length; i++) {

251:         for (uint256 i = 0; i < proposal.targets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L181

File: rewards/rewards/FlywheelGaugeRewards.sol

176:         for (uint256 i = 0; i < size; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L176

File: ulysses-amm/UlyssesPool.sol

130:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

175:         for (uint256 i = 1; i < index; i++) {

211:         for (uint256 i = 1; i <= index; i++) {

232:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

296:         for (uint256 i = 1; i < bandwidthStateList.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130

File: ulysses-amm/UlyssesToken.sol

95:         for (uint256 i = 0; i < assets.length; i++) {

111:         for (uint256 i = 0; i < assets.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95

File: ulysses-omnichain/BranchBridgeAgent.sol

283:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {

719:         for (uint256 i = 0; i < _dParams.hTokens.length; i++) {

1354:         for (uint256 i = 0; i < _deposits.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L283

File: ulysses-omnichain/VirtualAccount.sol

48:         for (uint256 i = 0; i < calls.length; i++) {

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L48

[G-26] Do not reduce approval on transferFrom if current allowance is type(uint256).max

See: OpenZeppelin/ERC20.sol#L336 OpenZeppelin/openzeppelin-contracts#3085

There are 5 instances of this issue:
File: erc-20/ERC20Boost.sol

323:     function transferFrom(address from, address to, uint256 amount)
324:         public
325:         override
326:         notAttached(from, amount)
327:         returns (bool)
328:     {
329:         return super.transferFrom(from, to, amount);
330:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L323-L330

File: erc-20/ERC20Gauges.sol

508:     function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
509:         _decrementWeightUntilFree(from, amount);
510:         return super.transferFrom(from, to, amount);
511:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L508-L511

File: erc-20/ERC20MultiVotes.sol

303:     function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
304:         _decrementVotesUntilFree(from, amount);
305:         return super.transferFrom(from, to, amount);
306:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L303-L306

File: maia/tokens/ERC4626PartnerManager.sol

279:     function transferFrom(address from, address to, uint256 amount)
280:         public
281:         virtual
282:         override
283:         checkTransfer(from, amount)
284:         returns (bool)
285:     {
286:         return super.transferFrom(from, to, amount);
287:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L279-L287

File: talos/TalosStrategyStaked.sol

94:     function transferFrom(address _from, address _to, uint256 _amount) public override returns (bool) {
95:         flywheel.accrue(ERC20(address(this)), _from, _to);
96:         return super.transferFrom(_from, _to, _amount);
97:     }

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L94-L97

[G-27] Bytes constants are more efficient than string constants

If data can fit into 32 bytes, then you should use bytes32 datatype rather than bytes or strings as it is cheaper in solidity.

There are 1 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol

9:     string public constant name = "vMaia Governor Bravo";

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L9

[G-28] Pre-increments and pre-decrements are cheaper than post-increments and post-decrements1

Saves 5 gas per iteration.1

There are 2 instances of this issue:
File: talos/libraries/PoolVariables.sol

98:         if (tick < 0 && tick % tickSpacing != 0) compressed--;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98

File: uni-v3-staker/UniswapV3Staker.sol

428:         incentive.numberOfStakes--;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L428

[G-29] <x> += <y> costs more gas than <x> = <x> + <y> for state variables

The Solidity compiler does not optimize the <x> += <y> operation for state variables. This means that every time the state variable is updated, the entire value is copied to memory, the operation is performed, and then the value is copied back to storage. This is expensive and can be avoided by using <x> = <x> + <y> instead.

There are 6 instances of this issue:
File: hermes/minters/BaseV2Minter.sol

130:             weekly += newWeeklyEmission;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L130

File: rewards/rewards/FlywheelGaugeRewards.sol

134:             nextCycleQueuedRewards += uint112(newRewards); // in case a previous incomplete cycle had rewards, add on

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L134

File: talos/base/TalosBaseStrategy.sol

216:         liquidity += liquidityDifference;

277:             liquidity -= liquidityToDecrease;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L216

File: talos/boost-aggregator/BoostAggregator.sol

121:             protocolRewards += newProtocolRewards;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/boost-aggregator/BoostAggregator.sol#L121

File: ulysses-omnichain/RootBridgeAgent.sol

823:         accumulatedFees += availableGas - minExecCost;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L823

[G-30] Use solidity version 0.8.20 to gain gas boost

There are 142 instances of this issue:
File: erc-20/ERC20Boost.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L3

File: erc-20/ERC20Gauges.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L3

File: erc-20/ERC20MultiVotes.sol

4: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L4

File: erc-20/interfaces/Errors.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/Errors.sol#L2

File: erc-20/interfaces/IERC20Boost.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L2

File: erc-20/interfaces/IERC20Gauges.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Gauges.sol#L3

File: erc-20/interfaces/IERC20MultiVotes.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20MultiVotes.sol#L3

File: erc-4626/interfaces/IERC4626DepositOnly.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626DepositOnly.sol#L2

File: erc-4626/interfaces/IERC4626MultiToken.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626MultiToken.sol#L2

File: erc-4626/interfaces/IUlyssesERC4626.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IUlyssesERC4626.sol#L2

File: gauges/BaseV2Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L2

File: gauges/UniswapV3Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L2

File: gauges/factories/BaseV2GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L3

File: gauges/factories/BaseV2GaugeManager.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L3

File: gauges/factories/BribesFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L2

File: gauges/factories/UniswapV3GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/UniswapV3GaugeFactory.sol#L3

File: gauges/interfaces/IBaseV2Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2Gauge.sol#L2

File: gauges/interfaces/IBaseV2GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeFactory.sol#L3

File: gauges/interfaces/IBaseV2GaugeManager.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2GaugeManager.sol#L3

File: gauges/interfaces/IBribesFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBribesFactory.sol#L2

File: gauges/interfaces/IUniswapV3Gauge.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IUniswapV3Gauge.sol#L2

File: gauges/interfaces/IUniswapV3GaugeFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IUniswapV3GaugeFactory.sol#L3

File: governance/GovernorBravoDelegateMaia.sol

2: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L2

File: governance/GovernorBravoDelegator.sol

2: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L2

File: governance/GovernorBravoInterfaces.sol

2: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L2

File: hermes/UtilityManager.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L3

File: hermes/bHermes.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L2

File: hermes/interfaces/IBaseV2Minter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L2

File: hermes/interfaces/IUtilityManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IUtilityManager.sol#L2

File: hermes/interfaces/IbHermesUnderlying.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IbHermesUnderlying.sol#L2

File: hermes/minters/BaseV2Minter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L2

File: hermes/tokens/HERMES.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L2

File: hermes/tokens/bHermesBoost.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L2

File: hermes/tokens/bHermesGauges.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L2

File: hermes/tokens/bHermesVotes.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L2

File: maia/PartnerUtilityManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L2

File: maia/factories/PartnerManagerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L2

File: maia/interfaces/IBaseVault.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IBaseVault.sol#L3

File: maia/interfaces/IERC4626PartnerManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IERC4626PartnerManager.sol#L2

File: maia/interfaces/IPartnerManagerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IPartnerManagerFactory.sol#L2

File: maia/interfaces/IPartnerUtilityManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IPartnerUtilityManager.sol#L2

File: maia/libraries/DateTimeLib.sol

2: pragma solidity ^0.8.4;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L2

File: maia/tokens/ERC4626PartnerManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L2

File: maia/tokens/Maia.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L2

File: maia/vMaia.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L3

File: rewards/FlywheelCoreInstant.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L2

File: rewards/FlywheelCoreStrategy.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L2

File: rewards/base/BaseFlywheelRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L3

File: rewards/base/FlywheelCore.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L3

File: rewards/booster/FlywheelBoosterGaugeWeight.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/booster/FlywheelBoosterGaugeWeight.sol#L3

File: rewards/depots/MultiRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L2

File: rewards/depots/RewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L2

File: rewards/depots/SingleRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L2

File: rewards/interfaces/IFlywheelAcummulatedRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelAcummulatedRewards.sol#L3

File: rewards/interfaces/IFlywheelBooster.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBooster.sol#L3

File: rewards/interfaces/IFlywheelBribeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBribeRewards.sol#L3

File: rewards/interfaces/IFlywheelCore.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L3

File: rewards/interfaces/IFlywheelGaugeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelGaugeRewards.sol#L3

File: rewards/interfaces/IFlywheelInstantRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelInstantRewards.sol#L3

File: rewards/interfaces/IFlywheelRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L3

File: rewards/interfaces/IMultiRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IMultiRewardsDepot.sol#L2

File: rewards/interfaces/IRewardsDepot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IRewardsDepot.sol#L2

File: rewards/rewards/FlywheelAcummulatedRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelAcummulatedRewards.sol#L3

File: rewards/rewards/FlywheelBribeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L3

File: rewards/rewards/FlywheelGaugeRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L3

File: rewards/rewards/FlywheelInstantRewards.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelInstantRewards.sol#L3

File: talos/TalosManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L2

File: talos/TalosOptimizer.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L3

File: talos/factories/BoostAggregatorFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/BoostAggregatorFactory.sol#L2

File: talos/factories/OptimizerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L2

File: talos/factories/TalosBaseStrategyFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosBaseStrategyFactory.sol#L2

File: talos/factories/TalosStrategyStakedFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyStakedFactory.sol#L2

File: talos/factories/TalosStrategyVanillaFactory.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/TalosStrategyVanillaFactory.sol#L3

File: talos/interfaces/AutomationCompatibleInterface.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/AutomationCompatibleInterface.sol#L2

File: talos/interfaces/IBoostAggregatorFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IBoostAggregatorFactory.sol#L2

File: talos/interfaces/IOptimizerFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IOptimizerFactory.sol#L2

File: talos/interfaces/ITalosBaseStrategy.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L3

File: talos/interfaces/ITalosBaseStrategyFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategyFactory.sol#L2

File: talos/interfaces/ITalosManager.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosManager.sol#L2

File: talos/interfaces/ITalosOptimizer.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosOptimizer.sol#L3

File: talos/interfaces/ITalosStrategyStaked.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosStrategyStaked.sol#L2

File: talos/interfaces/ITalosStrategyStakedFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosStrategyStakedFactory.sol#L2

File: talos/libraries/PoolActions.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L3

File: talos/libraries/PoolVariables.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L3

File: ulysses-amm/UlyssesPool.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L2

File: ulysses-amm/UlyssesRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L2

File: ulysses-amm/UlyssesToken.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L2

File: ulysses-amm/factories/UlyssesFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L2

File: ulysses-amm/interfaces/IUlyssesFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesFactory.sol#L2

File: ulysses-amm/interfaces/IUlyssesPool.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesPool.sol#L2

File: ulysses-amm/interfaces/IUlyssesRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesRouter.sol#L2

File: ulysses-amm/interfaces/IUlyssesToken.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesToken.sol#L2

File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchBridgeAgent.sol#L2

File: ulysses-omnichain/ArbitrumBranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L3

File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumCoreBranchRouter.sol#L2

File: ulysses-omnichain/BaseBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L2

File: ulysses-omnichain/BranchBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L2

File: ulysses-omnichain/BranchBridgeAgentExecutor.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgentExecutor.sol#L2

File: ulysses-omnichain/BranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L3

File: ulysses-omnichain/CoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L2

File: ulysses-omnichain/CoreRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L2

File: ulysses-omnichain/MulticallRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/MulticallRootRouter.sol#L2

File: ulysses-omnichain/RootBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L2

File: ulysses-omnichain/RootBridgeAgentExecutor.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgentExecutor.sol#L2

File: ulysses-omnichain/RootPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L3

File: ulysses-omnichain/VirtualAccount.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L3

File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/BranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol#L2

File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/ERC20hTokenRootFactory.sol#L2

File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/factories/RootBridgeAgentFactory.sol#L2

File: ulysses-omnichain/interfaces/IAnycallConfig.sol

3: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IAnycallConfig.sol#L3

File: ulysses-omnichain/interfaces/IAnycallExecutor.sol

3: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IAnycallExecutor.sol#L3

File: ulysses-omnichain/interfaces/IAnycallProxy.sol

3: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IAnycallProxy.sol#L3

File: ulysses-omnichain/interfaces/IApp.sol

3: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IApp.sol#L3

File: ulysses-omnichain/interfaces/IArbitrumBranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IArbitrumBranchPort.sol#L3

File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchBridgeAgent.sol#L2

File: ulysses-omnichain/interfaces/IBranchBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchBridgeAgentFactory.sol#L2

File: ulysses-omnichain/interfaces/IBranchPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchPort.sol#L3

File: ulysses-omnichain/interfaces/IBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IBranchRouter.sol#L2

File: ulysses-omnichain/interfaces/ICoreBranchRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/ICoreBranchRouter.sol#L2

File: ulysses-omnichain/interfaces/IERC20hTokenBranch.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenBranch.sol#L2

File: ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol#L2

File: ulysses-omnichain/interfaces/IERC20hTokenRoot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenRoot.sol#L2

File: ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol#L2

File: ulysses-omnichain/interfaces/IMulticall2.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IMulticall2.sol#L2

File: ulysses-omnichain/interfaces/IPortStrategy.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IPortStrategy.sol#L3

File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootBridgeAgent.sol#L2

File: ulysses-omnichain/interfaces/IRootBridgeAgentFactory.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootBridgeAgentFactory.sol#L2

File: ulysses-omnichain/interfaces/IRootPort.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootPort.sol#L3

File: ulysses-omnichain/interfaces/IRootRouter.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IRootRouter.sol#L2

File: ulysses-omnichain/interfaces/IVirtualAccount.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IVirtualAccount.sol#L2

File: ulysses-omnichain/interfaces/IWETH9.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IWETH9.sol#L2

File: ulysses-omnichain/lib/AnycallFlags.sol

3: pragma solidity ^0.8.10;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/lib/AnycallFlags.sol#L3

File: ulysses-omnichain/token/ERC20hTokenBranch.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenBranch.sol#L2

File: ulysses-omnichain/token/ERC20hTokenRoot.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/token/ERC20hTokenRoot.sol#L2

File: uni-v3-staker/UniswapV3Staker.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L3

File: uni-v3-staker/interfaces/IUniswapV3Staker.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/interfaces/IUniswapV3Staker.sol#L3

File: uni-v3-staker/libraries/IncentiveId.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L2

File: uni-v3-staker/libraries/IncentiveTime.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveTime.sol#L2

File: uni-v3-staker/libraries/NFTPositionInfo.sol

3: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/NFTPositionInfo.sol#L3

File: uni-v3-staker/libraries/RewardMath.sol

2: pragma solidity ^0.8.0;

https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L2

[G-31] Variable names that consist of all capital letters should be reserved for constant/immutable variables

If the variable needs to be different based on which class it comes from, a view/pure function should be used instead (e.g. like this).

There are 1 instances of this issue:
File: talos/TalosStrategyVanilla.sol

117:         uint24 _GLOBAL_DIVISIONER = GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L117

[G-32] Division by two should use bit shifting

<x> / 2 is the same as <x> >> 1. While the compiler uses the SHR opcode to accomplish both, the version that uses division incurs an overhead of 20 gas due to JUMPs to and from a compiler utility function that introduces checks which can be avoided by using unchecked {} around the division by two.

There are 9 instances of this issue:
File: erc-20/ERC20MultiVotes.sol

82:         return (a & b) + (a ^ b) / 2;

https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L82

File: maia/libraries/DateTimeLib.sol

40:         uint256 epochDay = timestamp / 86400;

57:             uint256 day = timestamp / 86400;

https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L40

File: talos/libraries/PoolVariables.sol

247:             ? int256((cache.amount0Desired - cache.amount0) / 2)

248:             : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2

251:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L247

File: ulysses-amm/UlyssesPool.sol

312:         if (_fees.lambda1 + _fees.lambda2 != DIVISIONER / 2) revert InvalidFee();

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L312

File: ulysses-omnichain/RootBridgeAgent.sol

677:         uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

720:             uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;

https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment