This is the top-ranked automated findings report, from warden favelanky's c4lanky-bot. All findings in this report will be considered known issues for the purposes of your C4 audit.
Number | Issues Details | Count |
---|---|---|
[H-1] | Incorrect comparison implementation | 2 |
[M-1] | The owner is a single point of failure and a centralization risk | 92 |
[L-1] | Contracts are vulnerable to fee-on-transfer token related accounting issues | 91 |
[L-2] | Array does not have a pop function |
44 |
[L-3] | Setters should have initial value check | 14 |
[L-4] | Division by zero not prevented | 21 |
[L-5] | Loss of precision | 23 |
[L-6] | Signature Malleability of EVM's ecrecover | 2 |
[L-7] | Use of floating pragma | 52 |
[L-8] | Solmate's SafeTransferLib doesn't check whether the ERC20 contract exists | 73 |
[L-9] | External calls in an un-bounded for -loop may result in a DOS |
48 |
[L-10] | Unsafe casting may overflow | 106 |
[L-11] | Some ERC20 revert on zero value transfer | 91 |
[L-12] | Zero address check is missing | 59 |
[L-13] | Some ERC20 tokens dust would be remained in the contract | 1 |
[L-14] | Division before multiplication can lead to precision errors | 1 |
[L-15] | Array lengths not checked | 12 |
[L-16] | Use Ownable2Step 's transfer function rather than Ownable 's for transfers of ownership |
32 |
[L-17] | Do not use deprecated library functions | 9 |
[L-18] | No limits when setting min/max amounts | 15 |
[L-19] | Approve type(uint256).max not work with some tokens |
9 |
[L-20] | Owner can renounce Ownership | 29 |
[L-21] | Unsafe ERC20 operations | 15 |
[N-1] | Typos in the code | 98 |
[N-2] | Use a more recent version of solidity | 68 |
[N-3] | Lines are too long | 192 |
[N-4] | Inconsistent spacing in comments | 1283 |
[N-5] | Large numeric literals should use underscores for readability | 20 |
[N-6] | TODO in the code | 2 |
[N-7] | Using named parameters in mapping is best practice | 183 |
[N-8] | Function ordering does not follow the Solidity style guide | 124 |
[N-9] | Private and internal variables must start with an underscore | 231 |
[N-10] | Function parameter name must be in mixedCase | 5 |
[N-11] | Variable name must be in mixedCase | 6 |
[N-12] | It is standard for all external and public functions to be overridden from an interface | 367 |
[N-13] | Constant name must be in capitalized SNAKE_CASE | 23 |
[N-14] | Function must not be longer than 50 lines | 28 |
[N-15] | Function name must be in mixedCase | 2 |
[N-16] | Contract name must be in CamelCase | 5 |
[N-17] | Use scientific notation (e.g. 1e18 ) rather than exponentiation (e.g. 10**18 ) |
2 |
[N-18] | constants should be defined rather than using magic numbers |
102 |
[N-19] | Reverts should use customer errors instead of strings | 283 |
[N-20] | Event missing indexed field | 16 |
[N-21] | Constants in comparisons should appear on the left side | 180 |
[N-22] | Use modifier instead of require/if for special msg.sender | 11 |
[N-23] | Use multiple require() and if statements instead of && |
44 |
[N-24] | else -block not required |
5 |
[N-25] | Unsigned divisions can be marked as unchecked | 7 |
[N-26] | Import only specific files | 2 |
[N-27] | require() /revert() statements should have descriptive reason strings |
35 |
[N-28] | Interfaces should be indicated with an I prefix in the contract name | 6 |
[N-29] | Redundant return statement with named return variable | 22 |
[N-30] | Use safeTransferOwnership instead of transferOwnership function | 3 |
[N-31] | Contract name must be in CamelCase. | 7 |
[N-32] | Critical functions should be a two step procedure | 3 |
[N-33] | Shorthand way to write if / else statement | 1 |
[N-34] | Use require instead of assert |
3 |
[N-35] | Imports could be organized more systematically | 119 |
[N-36] | Constant redefined elsewhere | 37 |
[N-37] | NatSpec @return argument is missing |
75 |
[N-38] | NatSpec @param is missing |
35 |
Number | Issues Details | Count |
---|---|---|
[G-1] | Pre-increments and pre-decrements are cheaper than post-increments and post-decrements | 60 |
[G-2] | Use assembly to check for address(0) | 31 |
[G-3] | Use custom errors instead of require | 108 |
[G-4] | Empty blocks should be removed or emit something | 3 |
[G-5] | Non efficient zero initialization | 56 |
[G-6] | Use assembly to write address storage values | 209 |
[G-7] | Duplicated require /if checks should be refactored to a modifier or function |
2 |
[G-8] | Functions guaranteed to revert when called by normal users can be marked payable |
92 |
[G-9] | State variable read in a loop | 68 |
[G-10] | State variables only set in the constructor should be declared immutable |
18 |
[G-11] | Don’t compare boolean expressions to boolean literals | 1 |
[G-12] | Using storage instead of memory for structs/arrays saves gas | 8 |
[G-13] | Use calldata instead of memory for function parameters | 22 |
[G-14] | Pre-increments and pre-decrements are cheaper than post-increments and post-decrements1 | 2 |
[G-15] | Function calls should be cached | 32 |
[G-16] | Usage of uint /int smaller than 32 bytes (256 bits) incurs overhead |
21 |
[G-17] | Change public to external for functions that are not called internally |
89 |
[G-18] | <array>.length should not be looked up in every loop of a for-loop |
29 |
[G-19] | Multiplication by two should use bit shifting | 3 |
[G-20] | Reduce the size of error messages | 65 |
[G-21] | Internal functions only called once can be inlined to save gas | 38 |
[G-22] | Using bool s for storage incurs overhead |
71 |
[G-23] | Multiple mappings can be replaced with a single struct mapping | 56 |
[G-24] | Setting the constructor to payable |
57 |
[G-25] | Use unchecked keyword for loop counter |
16 |
[G-26] | Do not reduce approval on transferFrom if current allowance is type(uint256).max |
5 |
[G-27] | Bytes constants are more efficient than string constants | 1 |
[G-28] | Pre-increments and pre-decrements are cheaper than post-increments and post-decrements1 | 2 |
[G-29] | <x> += <y> costs more gas than <x> = <x> + <y> for state variables |
6 |
[G-30] | Use solidity version 0.8.20 to gain gas boost | 142 |
[G-31] | Variable names that consist of all capital letters should be reserved for constant/immutable variables | 1 |
[G-32] | Division by two should use bit shifting | 9 |
Use require
or if
to compare values. Otherwise comparison will be ignored.
There are 2 instances of this issue:
File: maia/factories/PartnerManagerFactory.sol
61: partnerIds[newPartnerManager] == id;
70: vaultIds[newVault] == id;
Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Consider changing to a multi-signature setup, or having a role-based authorization model.
There are 92 instances of this issue:
File: erc-20/ERC20Boost.sol
259: function addGauge(address gauge) external onlyOwner {
273: function removeGauge(address gauge) external onlyOwner {
285: function replaceGauge(address oldGauge, address newGauge) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L259
File: erc-20/ERC20Gauges.sol
398: function addGauge(address gauge) external onlyOwner returns (uint112) {
425: function removeGauge(address gauge) external onlyOwner {
449: function replaceGauge(address oldGauge, address newGauge) external onlyOwner {
455: function setMaxGauges(uint256 newMax) external onlyOwner {
463: function setContractExceedMaxGauges(address account, bool canExceedMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L398
File: erc-20/ERC20MultiVotes.sol
96: function setMaxDelegates(uint256 newMax) external onlyOwner {
104: function setContractExceedMaxDelegates(address account, bool canExceedMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L96
File: gauges/BaseV2Gauge.sol
128: function addBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {
144: function removeBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L128
File: gauges/UniswapV3Gauge.sol
62: function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62
File: gauges/factories/BaseV2GaugeFactory.sol
109: function createGauge(address strategy, bytes memory data) external onlyOwner {
130: function removeGauge(BaseV2Gauge gauge) external onlyOwner {
144: function addBribeToGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {
151: function removeBribeFromGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {
File: gauges/factories/BaseV2GaugeManager.sol
110: function addGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {
121: function removeGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {
File: gauges/factories/UniswapV3GaugeFactory.sol
98: function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {
File: hermes/minters/BaseV2Minter.sol
86: function setDao(address _dao) external onlyOwner {
92: function setDaoShare(uint256 _daoShare) external onlyOwner {
98: function setTailEmission(uint256 _tail_emission) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86
File: hermes/tokens/HERMES.sol
62: function mint(address account, uint256 amount) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L62
File: maia/factories/PartnerManagerFactory.sol
58: function addPartner(PartnerManager newPartnerManager) external onlyOwner {
67: function addVault(IBaseVault newVault) external onlyOwner {
80: function removePartner(PartnerManager partnerManager) external onlyOwner {
89: function removeVault(IBaseVault vault) external onlyOwner {
File: maia/tokens/ERC4626PartnerManager.sol
188: function migratePartnerVault(address newPartnerVault) external onlyOwner {
216: function increaseConversionRate(uint256 newRate) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L188
File: maia/tokens/Maia.sol
55: function mint(address account, uint256 amount) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L55
File: rewards/base/FlywheelCore.sol
111: function addStrategyForRewards(ERC20 strategy) external onlyOwner {
125: function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {
137: function setBooster(IFlywheelBooster newBooster) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L111
File: rewards/depots/MultiRewardsDepot.sol
47: function addAsset(address rewardsContract, address asset) external onlyOwner {
57: function removeAsset(address rewardsContract) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L47
File: talos/TalosOptimizer.sol
62: function setMaxTotalSupply(uint256 _maxTotalSupply) external onlyOwner {
68: function setTwapDuration(uint32 _twapDuration) external onlyOwner {
74: function setMaxTwapDeviation(int24 _maxTwapDeviation) external onlyOwner {
80: function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {
85: function setPriceImpact(uint24 _priceImpactPercentage) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L62
File: talos/base/TalosBaseStrategy.sol
394: function collectProtocolFees(uint256 amount0, uint256 amount1) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L394
File: talos/boost-aggregator/BoostAggregator.sol
143: function addWhitelistedAddress(address user) external onlyOwner {
148: function removeWhitelistedAddress(address user) external onlyOwner {
153: function setProtocolFee(uint256 _protocolFee) external onlyOwner {
159: function withdrawProtocolFees(address to) external onlyOwner {
165: function withdrawAllGaugeBoost(address to) external onlyOwner {
172: function withdrawGaugeBoost(address to, uint256 amount) external onlyOwner {
180: function decrementGaugesBoostIndexed(uint256 boost, uint256 offset, uint256 num) external onlyOwner {
File: ulysses-amm/UlyssesPool.sol
159: function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {
223: function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {
308: function setFees(Fees calldata _fees) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L159
File: ulysses-amm/UlyssesToken.sol
44: function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {
60: function removeAsset(address asset) external nonReentrant onlyOwner {
88: function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L44
File: ulysses-amm/factories/UlyssesFactory.sol
65: function renounceOwnership() public payable override onlyOwner {
File: ulysses-omnichain/BaseBranchRouter.sol
37: function initialize(address _localBridgeAgentAddress) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L37
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
70: function executeNoSettlement(address _router, bytes calldata _data)
88: function executeWithSettlement(address _recipient, address _router, bytes calldata _data)
125: function executeWithSettlementMultiple(address _recipient, address _router, bytes calldata _data)
File: ulysses-omnichain/BranchPort.sol
99: function initialize(address _coreBranchRouter, address _bridgeAgentFactory) external virtual onlyOwner {
113: function renounceOwnership() public payable override onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L99
File: ulysses-omnichain/CoreRootRouter.sol
63: function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {
227: function toggleBranchBridgeAgentFactory(
253: function removeBranchBridgeAgent(address _branchBridgeAgent, address _gasReceiver, uint24 _toChain)
275: function manageStrategyToken(
300: function managePortStrategy(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L63
File: ulysses-omnichain/MulticallRootRouter.sol
74: function initialize(address _bridgeAgentAddress) external onlyOwner {
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
78: function executeSystemRequest(address _router, bytes calldata _data, uint24 _fromChainId)
98: function executeNoDeposit(address _router, bytes calldata _data, uint24 _fromChainId)
117: function executeWithDeposit(address _router, bytes calldata _data, uint24 _fromChainId)
154: function executeWithDepositMultiple(address _router, bytes calldata _data, uint24 _fromChainId)
201: function executeSignedNoDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)
221: function executeSignedWithDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)
259: function executeSignedWithDepositMultiple(
308: function executeRetrySettlement(uint32 _settlementNonce)
File: ulysses-omnichain/RootPort.sol
128: function initialize(address _bridgeAgentFactory, address _coreRootRouter) external onlyOwner {
140: function initializeCore(
158: function forefeitOwnership(address _owner) external onlyOwner {
165: function renounceOwnership() public payable override onlyOwner {
399: function toggleBridgeAgent(address _bridgeAgent) external onlyOwner {
406: function addBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {
413: function toggleBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {
420: function addNewChain(
484: function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {
491: function addEcosystemToken(address _ecoTokenGlobalAddress) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L128
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
54: function initialize(address _coreRootBridgeAgent) external override onlyOwner {
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
83: function initialize(address _coreRootBridgeAgent) external virtual onlyOwner {
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
35: function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
40: function initialize(address _coreRouter) external onlyOwner {
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
23: function mint(address account, uint256 amount) external override onlyOwner returns (bool) {
29: function burn(uint256 value) public override onlyOwner {
Without measuring the balance before and after the transfer, there's no way to ensure that enough tokens were transferred, in the cases where the token has a fee-on-transfer mechanic. If there are latent funds in the contract, subsequent transfers will succeed.
There are 91 instances of this issue:
File: erc-20/ERC20Boost.sol
313: return super.transfer(to, amount);
329: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L313
File: erc-20/ERC20Gauges.sol
498: return super.transfer(to, amount);
510: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L498
File: erc-20/ERC20MultiVotes.sol
293: return super.transfer(to, amount);
305: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L293
File: erc-4626/ERC4626.sol
37: address(asset).safeTransferFrom(msg.sender, address(this), assets);
51: address(asset).safeTransferFrom(msg.sender, address(this), assets);
76: address(asset).safeTransfer(receiver, assets);
96: address(asset).safeTransfer(receiver, assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L37
File: erc-4626/ERC4626DepositOnly.sol
37: address(asset).safeTransferFrom(msg.sender, address(this), assets);
51: address(asset).safeTransferFrom(msg.sender, address(this), assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L37
File: erc-4626/ERC4626MultiToken.sol
69: assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);
80: assets[i].safeTransfer(receiver, assetsAmounts[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L69
File: erc-4626/UlyssesERC4626.sol
36: asset.safeTransferFrom(msg.sender, address(this), assets);
52: asset.safeTransferFrom(msg.sender, address(this), assets);
79: asset.safeTransfer(receiver, assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L36
File: hermes/UtilityManager.sol
72: address(gaugeWeight).safeTransferFrom(msg.sender, address(this), amount);
81: address(gaugeBoost).safeTransferFrom(msg.sender, address(this), amount);
90: address(governance).safeTransferFrom(msg.sender, address(this), amount);
113: address(gaugeWeight).safeTransfer(msg.sender, amount);
122: address(gaugeBoost).safeTransfer(msg.sender, amount);
131: address(governance).safeTransfer(msg.sender, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L72
File: hermes/bHermes.sol
148: return super.transfer(to, amount);
166: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L148
File: hermes/minters/BaseV2Minter.sol
143: underlying.safeTransfer(address(vault), _growth);
145: if (dao != address(0)) underlying.safeTransfer(dao, share);
166: underlying.safeTransfer(msg.sender, totalQueuedForCycle);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L143
File: maia/PartnerUtilityManager.sol
104: address(partnerGovernance).safeTransferFrom(msg.sender, address(this), amount);
160: address(partnerGovernance).safeTransfer(msg.sender, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L104
File: maia/tokens/ERC4626PartnerManager.sol
270: return super.transfer(to, amount);
286: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L270
File: rewards/base/FlywheelCore.sol
100: rewardToken.safeTransferFrom(address(flywheelRewards), user, accrued);
128: rewardToken.safeTransferFrom(address(flywheelRewards), address(newFlywheelRewards), oldRewardBalance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L100
File: rewards/depots/RewardsDepot.sol
21: _asset.safeTransfer(_rewardsContract, balance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L21
File: rewards/rewards/FlywheelGaugeRewards.sol
234: if (accruedRewards > 0) rewardToken.safeTransfer(msg.sender, accruedRewards);
File: talos/TalosStrategyStaked.sol
91: return super.transfer(_to, _amount);
96: return super.transferFrom(_from, _to, _amount);
177: try nonfungiblePositionManager.safeTransferFrom(address(this), address(boostAggregator), _tokenId) {
178: stakeFlag = true; // flag to store staking state to avoid failing to unstake when it is not staked
179: } catch {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L91
File: talos/base/TalosBaseStrategy.sol
125: address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);
126: address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);
168: address(_token0).safeTransfer(msg.sender, refund0);
173: address(_token1).safeTransfer(msg.sender, refund1);
196: address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);
197: address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);
228: address(_token0).safeTransfer(msg.sender, refund0);
233: address(_token1).safeTransfer(msg.sender, refund1);
339: if (zeroForOne) address(token0).safeTransfer(msg.sender, uint256(amount0));
340: else address(token1).safeTransfer(msg.sender, uint256(amount1));
409: if (amount0 > 0) _token0.transfer(msg.sender, amount0);
410: if (amount1 > 0) _token1.transfer(msg.sender, amount1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L125
File: talos/boost-aggregator/BoostAggregator.sol
90: nonfungiblePositionManager.safeTransferFrom(address(this), address(uniswapV3Staker), tokenId);
168: address(hermesGaugeBoost).safeTransfer(to, hermesGaugeBoost.balanceOf(address(this)));
176: address(hermesGaugeBoost).safeTransfer(to, amount);
File: ulysses-amm/UlyssesPool.sol
154: asset.safeTransfer(factory.owner(), claimed);
218: asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);
303: asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);
1109: asset.safeTransferFrom(msg.sender, address(this), assets);
1189: asset.safeTransfer(user, output);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L154
File: ulysses-amm/UlyssesRouter.sol
74: address(getUlyssesLP(routes[0].from).asset()).safeTransferFrom(msg.sender, address(this), amount);
92: address(getUlyssesLP(routes[length].to).asset()).safeTransfer(msg.sender, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L74
File: ulysses-amm/UlyssesToken.sol
84: asset.safeTransfer(msg.sender, asset.balanceOf(address(this)));
116: assets[i].safeTransfer(msg.sender, assetBalance - newAssetBalance);
118: assets[i].safeTransferFrom(msg.sender, address(this), newAssetBalance - assetBalance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L84
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
127: address(wrappedNativeToken).safeTransfer(rootBridgeAgentAddress, _gasToBridgeOut);
File: ulysses-omnichain/ArbitrumBranchPort.sol
52: _underlyingAddress.safeTransferFrom(_depositor, address(this), _deposit);
72: underlyingAddress.safeTransfer(_recipient, _denormalizeDecimals(_deposit, ERC20(underlyingAddress).decimals()));
81: _underlyingAddress.safeTransfer(
82: _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
83: );
119: _underlyingAddress.safeTransferFrom(
120: _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
121: );
138: _underlyingAddresses[i].safeTransferFrom(
139: _depositor,
140: address(this),
141: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142: );
File: ulysses-omnichain/BranchBridgeAgent.sol
930: address(wrappedNativeToken).safeTransfer(localPortAddress, _gasToBridgeOut);
File: ulysses-omnichain/BranchPort.sol
166: _token.safeTransfer(msg.sender, _amount);
211: _underlyingAddress.safeTransfer(
212: _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
213: );
249: _localAddress.safeTransferFrom(_depositor, address(this), _amount - _deposit);
253: _underlyingAddress.safeTransferFrom(
254: _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
255: );
269: _underlyingAddresses[i].safeTransferFrom(
270: _depositor,
271: address(this),
272: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273: );
276: _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L166
File: ulysses-omnichain/RootBridgeAgent.sol
454: _globalAddress.safeTransferFrom(_sender, localPortAddress, _amount - _deposit);
651: address(data.tokenIn).safeTransfer(msg.sender, uint256(amount0 > 0 ? amount0 : amount1));
751: address(wrappedNativeToken).safeTransfer(getBranchBridgeAgent[localChainId], userFeeInfo.gasToBridgeOut);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L454
File: ulysses-omnichain/RootPort.sol
282: if (_amount - _deposit > 0) _hToken.safeTransfer(_recipient, _amount - _deposit);
311: _hToken.safeTransferFrom(_from, address(this), _amount);
320: _hToken.safeTransfer(_to, _amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L282
File: ulysses-omnichain/VirtualAccount.sol
32: _token.safeTransfer(msg.sender, _amount);
37: ERC721(_token).transferFrom(address(this), msg.sender, _tokenId);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L32
File: uni-v3-staker/UniswapV3Staker.sol
151: hermes.safeTransferFrom(msg.sender, address(this), reward);
177: hermes.safeTransferFrom(msg.sender, address(this), reward);
204: hermes.safeTransfer(minter, refund);
254: nonfungiblePositionManager.safeTransferFrom(address(this), to, tokenId, data);
271: if (reward > 0) hermes.safeTransfer(to, reward);
281: if (reward > 0) hermes.safeTransfer(to, reward);
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L151
Arrays without the pop operation in Solidity can lead to inefficient memory management and increase the likelihood of out-of-gas errors.
There are 44 instances of this issue:
File: gauges/BaseV2Gauge.sol
50: FlywheelCore[] private bribeFlywheels;
136: bribeFlywheels.push(bribeFlywheel);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L50
File: gauges/factories/BaseV2GaugeFactory.sol
33: BaseV2Gauge[] public override gauges;
116: gauges.push(gauge);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L33
File: gauges/factories/BaseV2GaugeManager.sol
29: BaseV2GaugeFactory[] public gaugeFactories;
114: gaugeFactories.push(gaugeFactory);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L29
File: gauges/factories/BribesFactory.sol
29: FlywheelCore[] public bribeFlywheels;
92: bribeFlywheels.push(flywheel);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L29
File: maia/factories/PartnerManagerFactory.sol
21: PartnerManager[] public override partners;
24: IBaseVault[] public override vaults;
40: partners.push(PartnerManager(address(0)));
60: partners.push(newPartnerManager);
69: vaults.push(newVault);
File: rewards/base/FlywheelCore.sol
27: ERC20[] public override allStrategies;
120: allStrategies.push(strategy);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L27
File: talos/factories/BoostAggregatorFactory.sol
25: BoostAggregator[] public boostAggregators;
38: boostAggregators.push(BoostAggregator(address(0)));
56: boostAggregators.push(boostAggregator);
File: talos/factories/OptimizerFactory.sol
15: TalosOptimizer[] public optimizers;
27: optimizers.push(TalosOptimizer(address(0)));
54: optimizers.push(optimizer);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L15
File: talos/factories/TalosBaseStrategyFactory.sol
29: TalosBaseStrategy[] public strategies;
68: strategies.push(strategy);
File: ulysses-amm/UlyssesPool.sol
31: BandwidthState[] public bandwidthStateList;
94: bandwidthStateList.push(BandwidthState({bandwidth: 0, destination: UlyssesPool(address(0)), weight: 0}));
202: bandwidthStateList.push(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L31
File: ulysses-omnichain/BranchPort.sol
30: address[] public bridgeAgents;
43: address[] public bridgeAgentFactories;
57: address[] public strategyTokens;
74: address[] public portStrategies;
108: bridgeAgentFactories.push(_bridgeAgentFactory);
292: bridgeAgents.push(_bridgeAgent);
310: bridgeAgentFactories.push(_newBridgeAgentFactory);
333: strategyTokens.push(_token);
354: portStrategies.push(_portStrategy);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L30
File: ulysses-omnichain/RootPort.sol
64: address[] public bridgeAgents;
80: address[] public bridgeAgentFactories;
134: bridgeAgentFactories.push(_bridgeAgentFactory);
369: bridgeAgents.push(_bridgeAgent);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L64
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
22: ERC20hTokenBranch[] public hTokens;
44: hTokens.push(newToken);
66: hTokens.push(newToken);
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
24: ERC20hTokenRoot[] public hTokens;
66: hTokens.push(newToken);
Setters should have initial value check to prevent assigning wrong value to the variable. Assginment of wrong value can lead to unexpected behavior of the contract.
There are 14 instances of this issue:
File: erc-20/ERC20Gauges.sol
// @audit Not validated: newMax
455: function setMaxGauges(uint256 newMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L455
File: erc-20/ERC20MultiVotes.sol
// @audit Not validated: newMax
96: function setMaxDelegates(uint256 newMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L96
File: gauges/UniswapV3Gauge.sol
// @audit Not validated: _minimumWidth
62: function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62
File: gauges/factories/UniswapV3GaugeFactory.sol
// @audit Not validated: minimumWidth
98: function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {
File: hermes/minters/BaseV2Minter.sol
// @audit Not validated: _dao
86: function setDao(address _dao) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86
File: rewards/base/FlywheelCore.sol
// @audit Not validated: newFlywheelRewards
125: function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {
// @audit Not validated: newBooster
137: function setBooster(IFlywheelBooster newBooster) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L125
File: rewards/rewards/FlywheelBribeRewards.sol
// @audit Not validated: rewardsDepot
37: function setRewardsDepot(RewardsDepot rewardsDepot) external {
File: talos/TalosOptimizer.sol
// @audit Not validated: _tickRangeMultiplier
80: function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L80
File: talos/boost-aggregator/BoostAggregator.sol
// @audit Not validated: rewardsDepot
100: function setOwnRewardsDepot(address rewardsDepot) external {
File: ulysses-amm/UlyssesPool.sol
// @audit Not validated: poolId
223: function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L223
File: ulysses-omnichain/RootPort.sol
// @audit Not validated: _fromChain
247: function setAddresses(address _globalAddress, address _localAddress, address _underlyingAddress, uint24 _fromChain)
// @audit Not validated: _fromChain
261: function setLocalAddress(address _globalAddress, address _localAddress, uint24 _fromChain)
// @audit Not validated: _chainId
484: function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L247
The divisions below take an input parameter which does not have any zero-value checks, which may lead to the functions reverting when zero is passed.
There are 21 instances of this issue:
File: erc-20/ERC20Gauges.sol
77: return (nowPlusOneCycle / gaugeCycleLength) * gaugeCycleLength; // cannot divide by zero and always <= nowPlusOneCycle so no overflow
180: return (quantity * weight) / total;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L77
File: governance/GovernorBravoDelegateMaia.sol
88: return govToken.totalSupply() * proposalThreshold / DIVISIONER;
92: return govToken.totalSupply() * quorumVotes / DIVISIONER;
File: hermes/minters/BaseV2Minter.sol
119: return (vault.totalAssets() * _minted) / HERMES(underlying).totalSupply();
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L119
File: maia/tokens/ERC4626PartnerManager.sol
162: return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;
168: return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L162
File: rewards/base/FlywheelCore.sol
171: deltaIndex = ((strategyRewardsAccrued * ONE) / supplyTokens).toUint224();
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L171
File: rewards/rewards/FlywheelAcummulatedRewards.sol
50: uint256 newEndCycle = ((timestamp + rewardsCycleLength) / rewardsCycleLength) * rewardsCycleLength;
File: rewards/rewards/FlywheelGaugeRewards.sol
60: gaugeCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;
79: uint32 currentCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;
114: uint32 currentCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;
File: talos/TalosStrategyVanilla.sol
120: uint256 earnedProtocolFees0 = (collect0 * _protocolFee) / _GLOBAL_DIVISIONER;
121: uint256 earnedProtocolFees1 = (collect1 * _protocolFee) / _GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L120
File: talos/base/TalosBaseStrategy.sol
261: uint128 liquidityToDecrease = uint128((liquidity * shares) / totalSupply);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L261
File: talos/libraries/PoolVariables.sol
97: int24 compressed = tick / tickSpacing;
214: return int24((tickCumulatives[1] - tickCumulatives[0]) / int56(int32(_twapDuration)));
251: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L97
File: uni-v3-staker/libraries/IncentiveTime.sol
20: return uint96(((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) * INCENTIVES_DURATION + INCENTIVES_OFFSET);
26: return uint96(
27: (((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) + 1) * INCENTIVES_DURATION + INCENTIVES_OFFSET
28: );
File: uni-v3-staker/libraries/RewardMath.sol
34: boostedSecondsInsideX128 = uint160(
35: ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
36: );
Division by large numbers may result in the result being zero, due to solidity not supporting fractions. Consider requiring a minimum amount for the numerator to ensure that it is always larger than the denominator
There are 23 instances of this issue:
File: erc-20/ERC20Gauges.sol
77: return (nowPlusOneCycle / gaugeCycleLength) * gaugeCycleLength; // cannot divide by zero and always <= nowPlusOneCycle so no overflow
180: return (quantity * weight) / total;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L77
File: governance/GovernorBravoDelegateMaia.sol
88: return govToken.totalSupply() * proposalThreshold / DIVISIONER;
92: return govToken.totalSupply() * quorumVotes / DIVISIONER;
File: hermes/minters/BaseV2Minter.sol
114: return (circulatingSupply() * tailEmission) / base;
119: return (vault.totalAssets() * _minted) / HERMES(underlying).totalSupply();
136: uint256 share = (_required * daoShare) / base;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L114
File: maia/tokens/ERC4626PartnerManager.sol
162: return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;
168: return (address(bHermesToken).balanceOf(address(this))) / bHermesRate - totalSupply;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L162
File: rewards/rewards/FlywheelAcummulatedRewards.sol
50: uint256 newEndCycle = ((timestamp + rewardsCycleLength) / rewardsCycleLength) * rewardsCycleLength;
File: talos/base/TalosBaseStrategy.sol
261: uint128 liquidityToDecrease = uint128((liquidity * shares) / totalSupply);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L261
File: talos/libraries/PoolVariables.sol
97: int24 compressed = tick / tickSpacing;
214: return int24((tickCumulatives[1] - tickCumulatives[0]) / int56(int32(_twapDuration)));
251: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L97
File: ulysses-omnichain/BranchBridgeAgent.sol
1341: return _decimals == 18 ? _amount : _amount * (10 ** _decimals) / 1 ether;
File: ulysses-omnichain/BranchPort.sol
150: return ((_currBalance + getStrategyTokenDebt[_token]) * getMinimumTokenReserveRatio[_token]) / DIVISIONER;
389: return _decimals == 18 ? _amount : _amount * 1 ether / (10 ** _decimals);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L150
File: ulysses-omnichain/RootBridgeAgent.sol
677: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
720: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677
File: uni-v3-staker/libraries/IncentiveTime.sol
20: return uint96(((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) * INCENTIVES_DURATION + INCENTIVES_OFFSET);
26: return uint96(
27: (((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) + 1) * INCENTIVES_DURATION + INCENTIVES_OFFSET
28: );
File: uni-v3-staker/libraries/RewardMath.sol
34: boostedSecondsInsideX128 = uint160(
35: ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
36: );
44: boostedSecondsInsideX128 = (secondsInsideX128 * 4) / 10;
/ The function calls the Solidity ecrecover() function directly to verify the given signatures. However, the ecrecover() EVM opcode allows malleable (non-unique) signatures and thus is susceptible to replay attacks. Consider using the OpenZeppelin ECDSA library instead, which provides a safe ecrecover() wrapper that guarantees unique signatures.
There are 2 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
365: address signer = ecrecover(
366: keccak256(
367: abi.encodePacked(
368: "\x19\x01", DOMAIN_SEPARATOR(), keccak256(abi.encode(DELEGATION_TYPEHASH, delegatee, nonce, expiry))
369: )
370: ),
371: v,
372: r,
373: s
374: );
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L365-L374
File: governance/GovernorBravoDelegateMaia.sol
349: address signatory = ecrecover(digest, v, r, s);
Contracts should be deployed with the same compiler version and flags that they have been tested with thoroughly. Locking the pragma helps to ensure that contracts do not accidentally get deployed using, for example, an outdated compiler version that might introduce bugs that affect the contract system negatively.\n\nhttps://swcregistry.io/docs/SWC-103
There are 52 instances of this issue:
File: gauges/UniswapV3Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L2
File: gauges/factories/BaseV2GaugeManager.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L3
File: gauges/factories/BribesFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L2
File: gauges/factories/UniswapV3GaugeFactory.sol
3: pragma solidity ^0.8.0;
File: governance/GovernorBravoDelegateMaia.sol
2: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L2
File: governance/GovernorBravoDelegator.sol
2: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L2
File: hermes/bHermes.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L2
File: hermes/minters/BaseV2Minter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L2
File: hermes/tokens/HERMES.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L2
File: hermes/tokens/bHermesBoost.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L2
File: hermes/tokens/bHermesGauges.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L2
File: hermes/tokens/bHermesVotes.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L2
File: maia/factories/PartnerManagerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L2
File: maia/tokens/Maia.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L2
File: maia/vMaia.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L3
File: rewards/FlywheelCoreInstant.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L2
File: rewards/FlywheelCoreStrategy.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L2
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
3: pragma solidity ^0.8.0;
File: rewards/depots/MultiRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L2
File: rewards/depots/SingleRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L2
File: rewards/rewards/FlywheelBribeRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L3
File: rewards/rewards/FlywheelGaugeRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L3
File: rewards/rewards/FlywheelInstantRewards.sol
3: pragma solidity ^0.8.0;
File: talos/TalosManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L2
File: talos/TalosOptimizer.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L3
File: talos/factories/BoostAggregatorFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/OptimizerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L2
File: talos/factories/TalosStrategyStakedFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/TalosStrategyVanillaFactory.sol
3: pragma solidity ^0.8.0;
File: talos/libraries/PoolActions.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L3
File: ulysses-amm/UlyssesPool.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L2
File: ulysses-amm/UlyssesRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L2
File: ulysses-amm/UlyssesToken.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L2
File: ulysses-omnichain/ArbitrumBranchPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L3
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/BaseBranchRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L2
File: ulysses-omnichain/BranchPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L3
File: ulysses-omnichain/CoreBranchRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L2
File: ulysses-omnichain/CoreRootRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L2
File: ulysses-omnichain/MulticallRootRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/RootPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L3
File: ulysses-omnichain/VirtualAccount.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L3
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
2: pragma solidity ^0.8.0;
File: uni-v3-staker/UniswapV3Staker.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L3
File: uni-v3-staker/libraries/IncentiveId.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L2
File: uni-v3-staker/libraries/IncentiveTime.sol
2: pragma solidity ^0.8.0;
Solmate's SafeTransferLib, which is often used to interact with non-compliant/unsafe ERC20 tokens, does not check whether the ERC20 contract exists. The following code will not revert in case the token doesn't exist (yet).
This is stated in the Solmate library: https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.sol#L9
Consider using OpenZeppelin's SafeERC20 library instead.
There are 73 instances of this issue:
File: erc-4626/ERC4626.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
14: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L5
File: erc-4626/ERC4626DepositOnly.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
14: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L5
File: erc-4626/ERC4626MultiToken.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
15: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L5
File: erc-4626/UlyssesERC4626.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
15: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L5
File: gauges/UniswapV3Gauge.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
13: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L4
File: hermes/UtilityManager.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
18: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L6
File: hermes/bHermes.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
53: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L4
File: hermes/minters/BaseV2Minter.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
17: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L5
File: maia/PartnerUtilityManager.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
13: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L4
File: maia/tokens/ERC4626PartnerManager.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
23: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L6
File: maia/vMaia.sol
7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
27: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L7
File: rewards/FlywheelCoreInstant.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L6
File: rewards/FlywheelCoreStrategy.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L6
File: rewards/base/BaseFlywheelRewards.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
19: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L5
File: rewards/base/FlywheelCore.sol
7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
16: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L7
File: rewards/depots/RewardsDepot.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
13: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L5
File: rewards/rewards/FlywheelAcummulatedRewards.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
File: rewards/rewards/FlywheelGaugeRewards.sol
7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
19: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L7
File: rewards/rewards/FlywheelInstantRewards.sol
7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
18: using SafeTransferLib for ERC20;
File: talos/base/TalosBaseStrategy.sol
7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
25: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L7
File: talos/boost-aggregator/BoostAggregator.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
20: using SafeTransferLib for address;
File: ulysses-amm/UlyssesPool.sol
7: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
20: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L7
File: ulysses-amm/UlyssesRouter.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
12: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L4
File: ulysses-amm/UlyssesToken.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
16: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L6
File: ulysses-amm/factories/UlyssesFactory.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
39: using SafeTransferLib for ERC20;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L6
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
68: using SafeTransferLib for address;
69: using SafeTransferLib for ERC20;
165: SafeTransferLib.safeTransferETH(_recipient, gasRemaining);
File: ulysses-omnichain/ArbitrumBranchPort.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
19: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L6
File: ulysses-omnichain/BranchBridgeAgent.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
59: using SafeTransferLib for address;
1044: SafeTransferLib.safeTransferETH(_recipient, gasRemaining - minExecCost);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L5
File: ulysses-omnichain/BranchPort.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
17: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L6
File: ulysses-omnichain/MulticallRootRouter.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
48: using SafeTransferLib for address;
File: ulysses-omnichain/RootBridgeAgent.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
91: using SafeTransferLib for address;
1263: SafeTransferLib.safeTransferETH(daoAddress, _accumulatedFees);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L5
File: ulysses-omnichain/RootPort.sol
6: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
21: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L6
File: ulysses-omnichain/VirtualAccount.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
17: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L5
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
13: using SafeTransferLib for address;
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
13: using SafeTransferLib for address;
File: uni-v3-staker/UniswapV3Staker.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
27: using SafeTransferLib for address;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L5
Consider limiting the number of iterations in for-loops that make external calls
There are 48 instances of this issue:
File: erc-20/ERC20Boost.sol
54: values[i] = _gauges.at(offset + i); // will revert if out of bounds
100: values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds
239: require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L54
File: erc-20/ERC20Gauges.sol
116: values[i] = _gauges.at(offset + i); // will revert if out of bounds
157: values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L116
File: erc-4626/ERC4626MultiToken.sol
51: require(ERC20(_assets[i]).decimals() == 18);
69: assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);
80: assets[i].safeTransfer(receiver, assetsAmounts[i]);
202: uint256 share = assetsAmounts[i].mulDiv(_totalWeights, weights[i]);
217: assetsAmounts[i] = shares.mulDiv(weights[i], _totalWeights);
236: assetsAmounts[i] = shares.mulDivUp(weights[i], _totalWeights);
251: uint256 share = assetsAmounts[i].mulDivUp(_totalWeights, weights[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L51
File: gauges/BaseV2Gauge.sol
115: if (isActive[_bribeFlywheels[i]]) _bribeFlywheels[i].accrue(ERC20(address(this)), user);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L115
File: gauges/factories/BaseV2GaugeFactory.sol
78: if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();
94: if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L78
File: gauges/factories/BaseV2GaugeManager.sol
65: if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();
81: if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L65
File: rewards/rewards/FlywheelGaugeRewards.sol
186: uint256 nextRewards = gaugeToken.calculateGaugeAllocation(address(gauge), totalQueuedForCycle);
File: ulysses-amm/UlyssesPool.sol
131: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
176: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
192: bandwidthStateList[i].bandwidth = oldBandwidth.mulDivUp(oldTotalWeights, newTotalWeights).toUint248();
233: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
258: oldBandwidth.mulDivUp(oldTotalWeights, newTotalWeights).toUint248();
281: bandwidthStateList[i].bandwidth += leftOverBandwidth.toUint248();
284: leftOverBandwidth.mulDiv(bandwidthStateList[i].weight, weightsWithoutPool).toUint248();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L131
File: ulysses-amm/UlyssesRouter.sol
79: amount = getUlyssesLP(routes[i].from).swapIn(amount, routes[i].to);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L79
File: ulysses-amm/UlyssesToken.sol
112: uint256 assetBalance = assets[i].balanceOf(address(this));
113: uint256 newAssetBalance = totalSupply.mulDivUp(weights[i], totalWeights);
116: assets[i].safeTransfer(msg.sender, assetBalance - newAssetBalance);
118: assets[i].safeTransferFrom(msg.sender, address(this), newAssetBalance - assetBalance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L112
File: ulysses-amm/factories/UlyssesFactory.sol
111: if (j != i && weights[i][j] > 0) pools[poolIds[i]].addNewBandwidth(poolIds[j], weights[i][j]);
124: pools[poolIds[i]].transferOwnership(owner);
File: ulysses-omnichain/ArbitrumBranchPort.sol
102: IRootPort(rootPortAddress).bridgeToLocalBranchFromRoot(_recipient, _localAddresses[i], _amounts[i]);
138: _underlyingAddresses[i].safeTransferFrom(
141: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
145: IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(
File: ulysses-omnichain/BranchBridgeAgent.sol
624: IPort(localPortAddress).bridgeIn(_recipient, _hTokens[i], _amounts[i] - _deposits[i]);
628: IPort(localPortAddress).withdraw(_recipient, _tokens[i], _deposits[i]);
1355: deposits[i] = _normalizeDecimals(_deposits[i], ERC20(_tokens[i]).decimals());
File: ulysses-omnichain/BranchPort.sol
232: ERC20hTokenBranch(_localAddresses[i]).mint(_recipient, _amounts[i]);
269: _underlyingAddresses[i].safeTransferFrom(
272: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
276: _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
277: ERC20hTokenBranch(_localAddresses[i]).burn(_amounts[i] - _deposits[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L232
File: ulysses-omnichain/MulticallRootRouter.sol
148: ERC20hTokenRoot(outputTokens[i]).approve(bridgeAgentAddress, amountsOut[i]);
File: ulysses-omnichain/RootBridgeAgent.sol
344: hTokens[i] = IPort(localPortAddress).getLocalTokenFromGlobal(_globalAddresses[i], _toChain);
345: tokens[i] = IPort(localPortAddress).getUnderlyingTokenFromLocal(hTokens[i], _toChain);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L344
File: ulysses-omnichain/VirtualAccount.sol
49: (bool success, bytes memory data) = calls[i].target.call(calls[i].callData);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L49
SafeMath and Solidity 0.8.* handles overflows for basic math operations but not for casting. Consider using OpenZeppelin’s SafeCast library to prevent unexpected overflows.
There are 106 instances of this issue:
File: rewards/rewards/FlywheelGaugeRewards.sol
134: nextCycleQueuedRewards += uint112(newRewards); // in case a previous incomplete cycle had rewards, add on
191: cycleRewards: uint112(nextRewards),
File: talos/base/TalosBaseStrategy.sol
261: uint128 liquidityToDecrease = uint128((liquidity * shares) / totalSupply);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L261
File: talos/libraries/PoolVariables.sol
214: return int24((tickCumulatives[1] - tickCumulatives[0]) / int56(int32(_twapDuration)));
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L214
File: ulysses-omnichain/BranchBridgeAgent.sol
435: bytes memory packedData = abi.encodePacked(bytes1(0x08), _depositNonce, msg.value.toUint128(), uint128(0));
File: ulysses-omnichain/RootBridgeAgent.sol
247: userFeeInfo.depositedGas = uint128(msg.value);
362: uint8(hTokens.length),
687: int256(_amount),
731: int256(_amount),
754: return uint128(userFeeInfo.gasToBridgeOut);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L247
File: uni-v3-staker/UniswapV3Staker.sol
318: uint128(boostAmount),
319: uint128(boostTotalSupply),
419: uint128(boostAmount),
420: uint128(boostTotalSupply),
485: if (uint24(tickUpper - tickLower) < poolsMinimumWidth[pool]) revert RangeTooSmallError();
515: stake.liquidityNoOverflow = uint96(liquidity);
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L318
Example: https://github.com/d-xo/weird-erc20#revert-on-zero-value-transfers.
There are 91 instances of this issue:
File: erc-20/ERC20Boost.sol
313: return super.transfer(to, amount);
329: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L313
File: erc-20/ERC20Gauges.sol
498: return super.transfer(to, amount);
510: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L498
File: erc-20/ERC20MultiVotes.sol
293: return super.transfer(to, amount);
305: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L293
File: erc-4626/ERC4626.sol
37: address(asset).safeTransferFrom(msg.sender, address(this), assets);
51: address(asset).safeTransferFrom(msg.sender, address(this), assets);
76: address(asset).safeTransfer(receiver, assets);
96: address(asset).safeTransfer(receiver, assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L37
File: erc-4626/ERC4626DepositOnly.sol
37: address(asset).safeTransferFrom(msg.sender, address(this), assets);
51: address(asset).safeTransferFrom(msg.sender, address(this), assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L37
File: erc-4626/ERC4626MultiToken.sol
69: assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);
80: assets[i].safeTransfer(receiver, assetsAmounts[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L69
File: erc-4626/UlyssesERC4626.sol
36: asset.safeTransferFrom(msg.sender, address(this), assets);
52: asset.safeTransferFrom(msg.sender, address(this), assets);
79: asset.safeTransfer(receiver, assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L36
File: hermes/UtilityManager.sol
72: address(gaugeWeight).safeTransferFrom(msg.sender, address(this), amount);
81: address(gaugeBoost).safeTransferFrom(msg.sender, address(this), amount);
90: address(governance).safeTransferFrom(msg.sender, address(this), amount);
113: address(gaugeWeight).safeTransfer(msg.sender, amount);
122: address(gaugeBoost).safeTransfer(msg.sender, amount);
131: address(governance).safeTransfer(msg.sender, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L72
File: hermes/bHermes.sol
148: return super.transfer(to, amount);
166: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L148
File: hermes/minters/BaseV2Minter.sol
143: underlying.safeTransfer(address(vault), _growth);
145: if (dao != address(0)) underlying.safeTransfer(dao, share);
166: underlying.safeTransfer(msg.sender, totalQueuedForCycle);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L143
File: maia/PartnerUtilityManager.sol
104: address(partnerGovernance).safeTransferFrom(msg.sender, address(this), amount);
160: address(partnerGovernance).safeTransfer(msg.sender, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L104
File: maia/tokens/ERC4626PartnerManager.sol
270: return super.transfer(to, amount);
286: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L270
File: rewards/base/FlywheelCore.sol
100: rewardToken.safeTransferFrom(address(flywheelRewards), user, accrued);
128: rewardToken.safeTransferFrom(address(flywheelRewards), address(newFlywheelRewards), oldRewardBalance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L100
File: rewards/depots/RewardsDepot.sol
21: _asset.safeTransfer(_rewardsContract, balance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L21
File: rewards/rewards/FlywheelGaugeRewards.sol
234: if (accruedRewards > 0) rewardToken.safeTransfer(msg.sender, accruedRewards);
File: talos/TalosStrategyStaked.sol
91: return super.transfer(_to, _amount);
96: return super.transferFrom(_from, _to, _amount);
177: try nonfungiblePositionManager.safeTransferFrom(address(this), address(boostAggregator), _tokenId) {
178: stakeFlag = true; // flag to store staking state to avoid failing to unstake when it is not staked
179: } catch {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L91
File: talos/base/TalosBaseStrategy.sol
125: address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);
126: address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);
168: address(_token0).safeTransfer(msg.sender, refund0);
173: address(_token1).safeTransfer(msg.sender, refund1);
196: address(_token0).safeTransferFrom(msg.sender, address(this), amount0Desired);
197: address(_token1).safeTransferFrom(msg.sender, address(this), amount1Desired);
228: address(_token0).safeTransfer(msg.sender, refund0);
233: address(_token1).safeTransfer(msg.sender, refund1);
339: if (zeroForOne) address(token0).safeTransfer(msg.sender, uint256(amount0));
340: else address(token1).safeTransfer(msg.sender, uint256(amount1));
409: if (amount0 > 0) _token0.transfer(msg.sender, amount0);
410: if (amount1 > 0) _token1.transfer(msg.sender, amount1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L125
File: talos/boost-aggregator/BoostAggregator.sol
90: nonfungiblePositionManager.safeTransferFrom(address(this), address(uniswapV3Staker), tokenId);
168: address(hermesGaugeBoost).safeTransfer(to, hermesGaugeBoost.balanceOf(address(this)));
176: address(hermesGaugeBoost).safeTransfer(to, amount);
File: ulysses-amm/UlyssesPool.sol
154: asset.safeTransfer(factory.owner(), claimed);
218: asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);
303: asset.safeTransferFrom(msg.sender, address(this), newRebalancingFee - oldRebalancingFee);
1109: asset.safeTransferFrom(msg.sender, address(this), assets);
1189: asset.safeTransfer(user, output);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L154
File: ulysses-amm/UlyssesRouter.sol
74: address(getUlyssesLP(routes[0].from).asset()).safeTransferFrom(msg.sender, address(this), amount);
92: address(getUlyssesLP(routes[length].to).asset()).safeTransfer(msg.sender, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L74
File: ulysses-amm/UlyssesToken.sol
84: asset.safeTransfer(msg.sender, asset.balanceOf(address(this)));
116: assets[i].safeTransfer(msg.sender, assetBalance - newAssetBalance);
118: assets[i].safeTransferFrom(msg.sender, address(this), newAssetBalance - assetBalance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L84
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
127: address(wrappedNativeToken).safeTransfer(rootBridgeAgentAddress, _gasToBridgeOut);
File: ulysses-omnichain/ArbitrumBranchPort.sol
52: _underlyingAddress.safeTransferFrom(_depositor, address(this), _deposit);
72: underlyingAddress.safeTransfer(_recipient, _denormalizeDecimals(_deposit, ERC20(underlyingAddress).decimals()));
81: _underlyingAddress.safeTransfer(
82: _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
83: );
119: _underlyingAddress.safeTransferFrom(
120: _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
121: );
138: _underlyingAddresses[i].safeTransferFrom(
139: _depositor,
140: address(this),
141: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142: );
File: ulysses-omnichain/BranchBridgeAgent.sol
930: address(wrappedNativeToken).safeTransfer(localPortAddress, _gasToBridgeOut);
File: ulysses-omnichain/BranchPort.sol
166: _token.safeTransfer(msg.sender, _amount);
211: _underlyingAddress.safeTransfer(
212: _recipient, _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
213: );
249: _localAddress.safeTransferFrom(_depositor, address(this), _amount - _deposit);
253: _underlyingAddress.safeTransferFrom(
254: _depositor, address(this), _denormalizeDecimals(_deposit, ERC20(_underlyingAddress).decimals())
255: );
269: _underlyingAddresses[i].safeTransferFrom(
270: _depositor,
271: address(this),
272: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273: );
276: _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L166
File: ulysses-omnichain/RootBridgeAgent.sol
454: _globalAddress.safeTransferFrom(_sender, localPortAddress, _amount - _deposit);
651: address(data.tokenIn).safeTransfer(msg.sender, uint256(amount0 > 0 ? amount0 : amount1));
751: address(wrappedNativeToken).safeTransfer(getBranchBridgeAgent[localChainId], userFeeInfo.gasToBridgeOut);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L454
File: ulysses-omnichain/RootPort.sol
282: if (_amount - _deposit > 0) _hToken.safeTransfer(_recipient, _amount - _deposit);
311: _hToken.safeTransferFrom(_from, address(this), _amount);
320: _hToken.safeTransfer(_to, _amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L282
File: ulysses-omnichain/VirtualAccount.sol
32: _token.safeTransfer(msg.sender, _amount);
37: ERC721(_token).transferFrom(address(this), msg.sender, _tokenId);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L32
File: uni-v3-staker/UniswapV3Staker.sol
151: hermes.safeTransferFrom(msg.sender, address(this), reward);
177: hermes.safeTransferFrom(msg.sender, address(this), reward);
204: hermes.safeTransfer(minter, refund);
254: nonfungiblePositionManager.safeTransferFrom(address(this), to, tokenId, data);
271: if (reward > 0) hermes.safeTransfer(to, reward);
281: if (reward > 0) hermes.safeTransfer(to, reward);
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L151
Zero-address checks are a best-practise for input validation of critical address parameters. While the codebase applies this to most addresses in setters, there are many places where this is missing in constructors and setters.
There are 59 instances of this issue:
File: erc-20/ERC20Gauges.sol
463: function setContractExceedMaxGauges(address account, bool canExceedMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L463
File: erc-20/ERC20MultiVotes.sol
104: function setContractExceedMaxDelegates(address account, bool canExceedMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L104
File: erc-4626/ERC4626MultiToken.sol
39: constructor(address[] memory _assets, uint256[] memory _weights, string memory _name, string memory _symbol)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L39
File: erc-4626/UlyssesERC4626.sol
24: constructor(address _asset, string memory _name, string memory _symbol) ERC20(_name, _symbol, 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L24
File: gauges/BaseV2Gauge.sol
61: constructor(FlywheelGaugeRewards _flywheelGaugeRewards, address _strategy, address _owner) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L61
File: gauges/UniswapV3Gauge.sol
33: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L33
File: gauges/factories/BaseV2GaugeFactory.sol
51: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L51
File: gauges/factories/BaseV2GaugeManager.sol
43: constructor(bHermes _bHermes, address _owner, address _admin) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L43
File: gauges/factories/BribesFactory.sol
50: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L50
File: gauges/factories/UniswapV3GaugeFactory.sol
50: constructor(
98: function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {
File: governance/GovernorBravoDelegator.sol
8: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L8
File: hermes/UtilityManager.sol
44: constructor(address _gaugeWeight, address _gaugeBoost, address _governance) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L44
File: hermes/bHermes.sol
55: constructor(ERC20 _hermes, address _owner, uint32 _gaugeCycleLength, uint32 _incrementFreezeWindow)
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L55
File: hermes/minters/BaseV2Minter.sol
53: constructor(
86: function setDao(address _dao) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L53
File: hermes/tokens/HERMES.sol
48: constructor(address _owner) ERC20("Hermes", "HERMES", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L48
File: hermes/tokens/bHermesBoost.sol
22: constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L22
File: hermes/tokens/bHermesGauges.sol
26: constructor(address _owner, uint32 _rewardsCycleLength, uint32 _incrementFreezeWindow)
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L26
File: hermes/tokens/bHermesVotes.sol
20: constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L20
File: maia/PartnerUtilityManager.sol
36: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L36
File: maia/factories/PartnerManagerFactory.sol
37: constructor(ERC20 _bHermes, address _owner) {
File: maia/tokens/ERC4626PartnerManager.sol
50: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L50
File: maia/tokens/Maia.sol
41: constructor(address _owner) ERC20("Maia", "MAIA", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L41
File: maia/vMaia.sol
48: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L48
File: rewards/FlywheelCoreInstant.sol
33: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L33
File: rewards/FlywheelCoreStrategy.sol
32: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L32
File: rewards/base/FlywheelCore.sol
45: constructor(address _rewardToken, address _flywheelRewards, IFlywheelBooster _flywheelBooster, address _owner) {
125: function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L45
File: rewards/depots/MultiRewardsDepot.sol
29: constructor(address _owner) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L29
File: rewards/depots/SingleRewardsDepot.sol
22: constructor(address _asset) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L22
File: rewards/rewards/FlywheelGaugeRewards.sol
53: constructor(address _rewardToken, address _owner, ERC20Gauges _gaugeToken, IBaseV2Minter _minter) {
File: talos/TalosManager.sol
44: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L44
File: talos/TalosOptimizer.sol
34: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L34
File: talos/TalosStrategyStaked.sol
63: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L63
File: talos/TalosStrategyVanilla.sol
58: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L58
File: talos/base/TalosBaseStrategy.sol
79: constructor(
102: function init(uint256 amount0Desired, uint256 amount1Desired, address receiver)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L79
File: talos/boost-aggregator/BoostAggregator.sol
64: constructor(UniswapV3Staker _uniswapV3Staker, ERC20 _hermes, address _owner) {
100: function setOwnRewardsDepot(address rewardsDepot) external {
File: talos/strategies/TalosStrategySimple.sol
18: constructor(
File: ulysses-amm/UlyssesPool.sol
80: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L80
File: ulysses-amm/UlyssesToken.sol
21: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L21
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
71: constructor(
File: ulysses-omnichain/ArbitrumBranchPort.sol
33: constructor(uint24 _localChainId, address _rootPortAddress, address _owner) BranchPort(_owner) {
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
38: constructor(address _hTokenFactoryAddress, address _localPortAddress)
File: ulysses-omnichain/CoreBranchRouter.sol
26: constructor(address _hTokenFactoryAddress, address _localPortAddress) BaseBranchRouter() {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L26
File: ulysses-omnichain/CoreRootRouter.sol
56: constructor(uint24 _rootChainId, address _wrappedNativeToken, address _rootPortAddress) {
63: function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L56
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
61: constructor(address owner) {
File: ulysses-omnichain/RootPort.sol
247: function setAddresses(address _globalAddress, address _localAddress, address _underlyingAddress, uint24 _fromChain)
261: function setLocalAddress(address _globalAddress, address _localAddress, uint24 _fromChain)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L247
File: ulysses-omnichain/VirtualAccount.sol
25: constructor(address _userAddress, address _localPortAddress) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L25
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
31: constructor(
54: function initialize(address _coreRootBridgeAgent) external override onlyOwner {
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
35: function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
48: constructor(
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
12: constructor(string memory _name, string memory _symbol, address _owner)
File: uni-v3-staker/UniswapV3Staker.sol
114: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L114
This can lead to wrong balance calculation in some cases. Recommendation is to implement withdraw function to avoid this issue like skim
in the Uniswap.
There are 1 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
145: if (dao != address(0)) underlying.safeTransfer(dao, share);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L145
Because Solidity integer division may truncate, it is often preferable to do multiplication before division to prevent precision loss.
There are 1 instances of this issue:
File: uni-v3-staker/libraries/RewardMath.sol
35: ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L35
If the length of the arrays are not required to be of the same length, user operations may not be fully executed
There are 12 instances of this issue:
File: ulysses-omnichain/ArbitrumBranchPort.sol
// @audit _amounts _deposits
129: function bridgeOutMultiple(
130: address _depositor,
131: address[] memory _localAddresses,
132: address[] memory _underlyingAddresses,
133: uint256[] memory _amounts,
134: uint256[] memory _deposits
135: ) external override(IBranchPort, BranchPort) requiresBridgeAgent {
136: for (uint256 i = 0; i < _localAddresses.length;) {
137: if (_deposits[i] > 0) {
138: _underlyingAddresses[i].safeTransferFrom(
139: _depositor,
140: address(this),
141: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142: );
143: }
144: if (_amounts[i] - _deposits[i] > 0) {
145: IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(
146: _depositor, _localAddresses[i], _amounts[i] - _deposits[i]
147: );
148: }
149:
150: unchecked {
151: ++i;
152: }
153: }
154: }
File: ulysses-omnichain/BranchPort.sol
// @audit _localAddresses _amounts
226: function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
227: external
228: virtual
229: requiresBridgeAgent
230: {
231: for (uint256 i = 0; i < _localAddresses.length;) {
232: ERC20hTokenBranch(_localAddresses[i]).mint(_recipient, _amounts[i]);
233:
234: unchecked {
235: ++i;
236: }
237: }
238: }
// @audit _amounts _deposits
260: function bridgeOutMultiple(
261: address _depositor,
262: address[] memory _localAddresses,
263: address[] memory _underlyingAddresses,
264: uint256[] memory _amounts,
265: uint256[] memory _deposits
266: ) external virtual requiresBridgeAgent {
267: for (uint256 i = 0; i < _localAddresses.length;) {
268: if (_deposits[i] > 0) {
269: _underlyingAddresses[i].safeTransferFrom(
270: _depositor,
271: address(this),
272: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273: );
274: }
275: if (_amounts[i] - _deposits[i] > 0) {
276: _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
277: ERC20hTokenBranch(_localAddresses[i]).burn(_amounts[i] - _deposits[i]);
278: }
279: unchecked {
280: i++;
281: }
282: }
283: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L226-L238
File: ulysses-omnichain/MulticallRootRouter.sol
// @audit amountsOut depositsOut
137: function _approveMultipleAndCallOut(
138: address owner,
139: address recipient,
140: address[] memory outputTokens,
141: uint256[] memory amountsOut,
142: uint256[] memory depositsOut,
143: uint24 toChain
144: ) internal virtual {
145: //For each output token
146: for (uint256 i = 0; i < outputTokens.length;) {
147: //Approve Root Port to spend output hTokens.
148: ERC20hTokenRoot(outputTokens[i]).approve(bridgeAgentAddress, amountsOut[i]);
149: unchecked {
150: ++i;
151: }
152: }
153:
154: //Move output hTokens from Root to Branch and call 'clearTokens'.
155: IBridgeAgent(bridgeAgentAddress).callOutAndBridgeMultiple{value: msg.value}(
156: owner, recipient, "", outputTokens, amountsOut, depositsOut, toChain
157: );
158: }
Ownable2Step and Ownable2StepUpgradeable prevent the contract ownership from mistakenly being transferred to an address that cannot handle it (e.g. due to a typo in the address), by requiring that the recipient of the owner permissions actively accept via a contract call of its own.
There are 32 instances of this issue:
File: erc-20/ERC20Boost.sol
19: abstract contract ERC20Boost is ERC20, Ownable, IERC20Boost {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L19
File: erc-20/ERC20MultiVotes.sol
20: abstract contract ERC20MultiVotes is ERC20, Ownable, IERC20MultiVotes {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L20
File: gauges/BaseV2Gauge.sol
20: abstract contract BaseV2Gauge is Ownable, IBaseV2Gauge {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L20
File: gauges/factories/BaseV2GaugeFactory.sol
18: abstract contract BaseV2GaugeFactory is Ownable, IBaseV2GaugeFactory {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L18
File: gauges/factories/BaseV2GaugeManager.sol
14: contract BaseV2GaugeManager is Ownable, IBaseV2GaugeManager {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L14
File: gauges/factories/BribesFactory.sol
18: contract BribesFactory is Ownable, IBribesFactory {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L18
File: hermes/minters/BaseV2Minter.sol
16: contract BaseV2Minter is Ownable, IBaseV2Minter {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L16
File: hermes/tokens/HERMES.sol
47: contract HERMES is ERC20, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L47
File: maia/factories/PartnerManagerFactory.sol
12: contract PartnerManagerFactory is Ownable, IPartnerManagerFactory {
File: maia/tokens/ERC4626PartnerManager.sol
22: abstract contract ERC4626PartnerManager is PartnerUtilityManager, Ownable, ERC4626, IERC4626PartnerManager {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L22
File: maia/tokens/Maia.sol
40: contract Maia is ERC20, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L40
File: rewards/base/FlywheelCore.sol
15: abstract contract FlywheelCore is Ownable, IFlywheelCore {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L15
File: rewards/depots/MultiRewardsDepot.sol
11: contract MultiRewardsDepot is Ownable, RewardsDepot, IMultiRewardsDepot {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L11
File: rewards/rewards/FlywheelGaugeRewards.sol
18: contract FlywheelGaugeRewards is Ownable, IFlywheelGaugeRewards {
File: talos/TalosOptimizer.sol
10: contract TalosOptimizer is Ownable, ITalosOptimizer {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L10
File: talos/base/TalosBaseStrategy.sol
24: abstract contract TalosBaseStrategy is Ownable, ERC20, ReentrancyGuard, ITalosBaseStrategy {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L24
File: talos/boost-aggregator/BoostAggregator.sol
19: contract BoostAggregator is Ownable, IBoostAggregator {
File: talos/factories/TalosBaseStrategyFactory.sol
17: abstract contract TalosBaseStrategyFactory is Ownable, ITalosBaseStrategyFactory {
File: ulysses-amm/UlyssesPool.sol
19: contract UlyssesPool is UlyssesERC4626, Ownable, IUlyssesPool {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L19
File: ulysses-amm/UlyssesToken.sol
15: contract UlyssesToken is ERC4626MultiToken, Ownable, IUlyssesToken {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L15
File: ulysses-amm/factories/UlyssesFactory.sol
38: contract UlyssesFactory is Ownable, IUlyssesFactory {
File: ulysses-omnichain/BaseBranchRouter.sol
21: contract BaseBranchRouter is IBranchRouter, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L21
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
25: contract BranchBridgeAgentExecutor is Ownable {
File: ulysses-omnichain/BranchPort.sol
16: contract BranchPort is Ownable, IBranchPort {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L16
File: ulysses-omnichain/CoreRootRouter.sol
38: contract CoreRootRouter is IRootRouter, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L38
File: ulysses-omnichain/MulticallRootRouter.sol
47: contract MulticallRootRouter is IRootRouter, Ownable {
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
26: contract RootBridgeAgentExecutor is Ownable {
File: ulysses-omnichain/RootPort.sol
20: contract RootPort is Ownable, IRootPort {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L20
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
16: contract BranchBridgeAgentFactory is Ownable, IBranchBridgeAgentFactory {
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
11: contract ERC20hTokenBranchFactory is Ownable, IERC20hTokenBranchFactory {
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
12: contract ERC20hTokenRootFactory is Ownable, IERC20hTokenRootFactory {
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
11: contract ERC20hTokenBranch is ERC20, Ownable, IERC20hTokenBranch {
safeApprove
is deprecated in favor of increaseAllowance
/decreaseAllowance
. Use it only for initial value approve.
There are 9 instances of this issue:
File: gauges/UniswapV3Gauge.sol
45: rewardToken.safeApprove(_uniswapV3Staker, type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L45
File: maia/tokens/ERC4626PartnerManager.sol
200: address(gaugeWeight).safeApprove(newPartnerVault, type(uint256).max);
201: address(gaugeBoost).safeApprove(newPartnerVault, type(uint256).max);
202: address(governance).safeApprove(newPartnerVault, type(uint256).max);
203: address(partnerGovernance).safeApprove(newPartnerVault, type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L200
File: rewards/base/BaseFlywheelRewards.sol
36: _rewardToken.safeApprove(address(_flywheel), type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L36
File: talos/base/TalosBaseStrategy.sol
130: address(_token0).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);
131: address(_token1).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L130
File: ulysses-amm/UlyssesRouter.sol
40: address(ulysses.asset()).safeApprove(address(ulysses), type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L40
It is important to ensure that the min/max amounts are set to a reasonable value.
There are 15 instances of this issue:
File: erc-20/ERC20Gauges.sol
457: maxGauges = newMax;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L457
File: erc-20/ERC20MultiVotes.sol
98: maxDelegates = newMax;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L98
File: gauges/UniswapV3Gauge.sol
41: minimumWidth = _minimumWidth;
63: minimumWidth = _minimumWidth;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L41
File: gauges/factories/UniswapV3GaugeFactory.sol
77: uint24 minimumWidth = abi.decode(data, (uint24));
File: rewards/rewards/FlywheelGaugeRewards.sol
64: minter = _minter;
File: talos/TalosOptimizer.sol
51: maxTwapDeviation = _maxTwapDeviation;
54: maxTotalSupply = _maxTotalSupply;
64: maxTotalSupply = _maxTotalSupply;
76: maxTwapDeviation = _maxTwapDeviation;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L51
File: ulysses-amm/UlyssesPool.sol
739: maxWidth := sub(upperBound1, upperBound2)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L739
File: ulysses-omnichain/BranchPort.sol
128: uint256 minReserves = _minimumReserves(currBalance, _token);
139: uint256 minReserves = _minimumReserves(currBalance, _token);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L128
File: uni-v3-staker/UniswapV3Staker.sol
125: maxIncentiveStartLeadTime = _maxIncentiveStartLeadTime;
128: minter = _minter;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L125
Source: https://github.com/d-xo/weird-erc20#revert-on-large-approvals--transfers
There are 9 instances of this issue:
File: gauges/UniswapV3Gauge.sol
45: rewardToken.safeApprove(_uniswapV3Staker, type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L45
File: maia/tokens/ERC4626PartnerManager.sol
200: address(gaugeWeight).safeApprove(newPartnerVault, type(uint256).max);
201: address(gaugeBoost).safeApprove(newPartnerVault, type(uint256).max);
202: address(governance).safeApprove(newPartnerVault, type(uint256).max);
203: address(partnerGovernance).safeApprove(newPartnerVault, type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L200
File: rewards/base/BaseFlywheelRewards.sol
36: _rewardToken.safeApprove(address(_flywheel), type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L36
File: talos/base/TalosBaseStrategy.sol
130: address(_token0).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);
131: address(_token1).safeApprove(address(_nonfungiblePositionManager), type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L130
File: ulysses-amm/UlyssesRouter.sol
40: address(ulysses.asset()).safeApprove(address(ulysses), type(uint256).max);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L40
Typically, the contract’s owner is the account that deploys the contract. As a result, the owner is able to perform certain privileged activities. The OpenZeppelin’s Ownable used in this project contract implements renounceOwnership. This can represent a certain risk if the ownership is renounced for any other reason than by design. Renouncing ownership will leave the contract without an owner, thereby removing any functionality that is only available to the owner.
There are 29 instances of this issue:
File: erc-20/ERC20Boost.sol
19: abstract contract ERC20Boost is ERC20, Ownable, IERC20Boost {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L19
File: erc-20/ERC20MultiVotes.sol
20: abstract contract ERC20MultiVotes is ERC20, Ownable, IERC20MultiVotes {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L20
File: gauges/BaseV2Gauge.sol
20: abstract contract BaseV2Gauge is Ownable, IBaseV2Gauge {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L20
File: gauges/factories/BaseV2GaugeFactory.sol
18: abstract contract BaseV2GaugeFactory is Ownable, IBaseV2GaugeFactory {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L18
File: gauges/factories/BaseV2GaugeManager.sol
14: contract BaseV2GaugeManager is Ownable, IBaseV2GaugeManager {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L14
File: hermes/minters/BaseV2Minter.sol
16: contract BaseV2Minter is Ownable, IBaseV2Minter {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L16
File: hermes/tokens/HERMES.sol
47: contract HERMES is ERC20, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L47
File: maia/factories/PartnerManagerFactory.sol
12: contract PartnerManagerFactory is Ownable, IPartnerManagerFactory {
File: maia/tokens/ERC4626PartnerManager.sol
22: abstract contract ERC4626PartnerManager is PartnerUtilityManager, Ownable, ERC4626, IERC4626PartnerManager {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L22
File: maia/tokens/Maia.sol
40: contract Maia is ERC20, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L40
File: rewards/base/FlywheelCore.sol
15: abstract contract FlywheelCore is Ownable, IFlywheelCore {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L15
File: rewards/depots/MultiRewardsDepot.sol
11: contract MultiRewardsDepot is Ownable, RewardsDepot, IMultiRewardsDepot {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L11
File: talos/TalosOptimizer.sol
10: contract TalosOptimizer is Ownable, ITalosOptimizer {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L10
File: talos/base/TalosBaseStrategy.sol
24: abstract contract TalosBaseStrategy is Ownable, ERC20, ReentrancyGuard, ITalosBaseStrategy {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L24
File: talos/boost-aggregator/BoostAggregator.sol
19: contract BoostAggregator is Ownable, IBoostAggregator {
File: ulysses-amm/UlyssesPool.sol
19: contract UlyssesPool is UlyssesERC4626, Ownable, IUlyssesPool {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L19
File: ulysses-amm/UlyssesToken.sol
15: contract UlyssesToken is ERC4626MultiToken, Ownable, IUlyssesToken {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L15
File: ulysses-amm/factories/UlyssesFactory.sol
38: contract UlyssesFactory is Ownable, IUlyssesFactory {
File: ulysses-omnichain/BaseBranchRouter.sol
21: contract BaseBranchRouter is IBranchRouter, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L21
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
25: contract BranchBridgeAgentExecutor is Ownable {
File: ulysses-omnichain/BranchPort.sol
16: contract BranchPort is Ownable, IBranchPort {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L16
File: ulysses-omnichain/CoreRootRouter.sol
38: contract CoreRootRouter is IRootRouter, Ownable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L38
File: ulysses-omnichain/MulticallRootRouter.sol
47: contract MulticallRootRouter is IRootRouter, Ownable {
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
26: contract RootBridgeAgentExecutor is Ownable {
File: ulysses-omnichain/RootPort.sol
20: contract RootPort is Ownable, IRootPort {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L20
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
16: contract BranchBridgeAgentFactory is Ownable, IBranchBridgeAgentFactory {
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
11: contract ERC20hTokenBranchFactory is Ownable, IERC20hTokenBranchFactory {
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
12: contract ERC20hTokenRootFactory is Ownable, IERC20hTokenRootFactory {
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
11: contract ERC20hTokenBranch is ERC20, Ownable, IERC20hTokenBranch {
Use require
or if
to compare values. Otherwise comparison will be ignored.
There are 15 instances of this issue:
File: erc-20/ERC20Boost.sol
313: return super.transfer(to, amount);
329: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L313
File: erc-20/ERC20Gauges.sol
498: return super.transfer(to, amount);
510: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L498
File: erc-20/ERC20MultiVotes.sol
293: return super.transfer(to, amount);
305: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L293
File: hermes/bHermes.sol
148: return super.transfer(to, amount);
166: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L148
File: maia/tokens/ERC4626PartnerManager.sol
270: return super.transfer(to, amount);
286: return super.transferFrom(from, to, amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L270
File: talos/TalosStrategyStaked.sol
91: return super.transfer(_to, _amount);
96: return super.transferFrom(_from, _to, _amount);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L91
File: talos/base/TalosBaseStrategy.sol
409: if (amount0 > 0) _token0.transfer(msg.sender, amount0);
410: if (amount1 > 0) _token1.transfer(msg.sender, amount1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L409
File: ulysses-omnichain/VirtualAccount.sol
37: ERC721(_token).transferFrom(address(this), msg.sender, _tokenId);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L37
There are 98 instances of this issue:
File: ulysses-amm/UlyssesPool.sol
387: // @audit transferred
388: let transfered
389: // @audit transferred
390: let transferedChange
445: // @audit transferred
446: transfered := totalDiff
447: // @audit transferred
448: transferedChange := sub(amount, totalDiff)
452: // @audit transferred
453: transfered := amount
460: // @audit transferred
461: if gt(transfered, 0) {
465: // @audit transferred
466: if mul(diff, gt(transfered, div(not(0), diff))) {
474: // @audit transferred
475: // If round up then do mulDivUp(transfered, diff, totalDiff)
478: // @audit transferred
479: iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)
478: // @audit transferred
479: iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)
481: // @audit transferred
482: // If round down then do mulDiv(transfered, diff, totalDiff)
482: // @audit transferred
483: default { bandwidthUpdate := div(mul(transfered, diff), totalDiff) }
486: // @audit transferred
487: if gt(transferedChange, 0) {
491: // @audit transferred
492: if mul(weight, gt(transferedChange, div(not(0), weight))) {
500: // @audit transferred
501: // If round up then do mulDivUp(transferedChange, weight, _totalWeights)
506: // @audit transferred
507: iszero(iszero(mod(mul(transferedChange, weight), _totalWeights))),
507: // @audit transferred
508: div(mul(transferedChange, weight), _totalWeights)
511: // @audit transferred
512: // If round down then do mulDiv(transferedChange, weight, _totalWeights)
513: // @audit transferred
514: bandwidthUpdate := add(bandwidthUpdate, div(mul(transferedChange, weight), _totalWeights))
877: // @audit transferred
878: // If round down then do mulDiv(transfered, diff, totalDiff)
879: // @audit transferred
880: // If round up then do mulDivUp(transfered, diff, totalDiff)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L387-L388
File: ulysses-amm/interfaces/IUlyssesToken.sol
7: // @audit existing
8: * @dev Allows to add/remove new tokens and change exisiting weights
File: ulysses-amm/interfaces/IUlyssesPool.sol
7: // @audit implementation
8: * @notice This contract is stableswap AMM that uses it's implemention of
148: // @audit existing
149: * @notice Changes the weight of a exisiting Ulysses LP with the given ID
173: // @audit transferred
174: * @return output The output amount transfered to user from the destination Ulysses LP
183: // @audit transferred
184: * @param user The user to be transfered the output
184: // @audit transferred
185: * @return output The output amount transfered to user
207: // @audit setting
208: /// @notice Throw when settng an invalid fee
File: ulysses-omnichain/RootPort.sol
65: // @audit Length
66: uint256 public bridgeAgentsLenght;
81: // @audit Length
82: uint256 public bridgeAgentFactoriesLenght;
155: // @audit transferring
156: /// @notice Function for transfering ownership of the contract to another address.
162: // @audit overridden
163: /// @notice Function being overrriden to prevent mistakenly renouncing ownership.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L65-L66
File: ulysses-omnichain/BranchPort.sol
31: // @audit Length
32: uint256 public bridgeAgentsLenght;
44: // @audit Length
45: uint256 public bridgeAgentFactoriesLenght;
58: // @audit Length
59: uint256 public strategyTokensLenght;
68: // @audit Strategy
69: /// @notice Mapping returns true if Port Startegy is allowed to manage a given Strategy Token. Strategy => Token => bool.
75: // @audit Length
76: uint256 public portStrategiesLenght;
77: // @audit Strategy
78: /// @notice Mapping returns the amount of Strategy Token debt a given Port Startegy has. Strategy => Token => uint256.
110: // @audit overridden
111: /// @notice Function being overrriden to prevent mistakenly renouncing ownership.
332: // @audit Length
333: strategyTokensLenght++;
353: // @audit Length
354: portStrategiesLenght++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L31-L32
File: ulysses-omnichain/MulticallRootRouter.sol
85: // @audit Account
86: * @notice Function to perform a set of actions on the omnichian environment without using the user's Virtual Acccount.
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
24: // @audit Length
25: uint256 public hTokensLenght;
65: // @audit Length
66: hTokensLenght++;
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
23: // @audit Length
24: uint256 public hTokensLenght;
43: // @audit Length
44: hTokensLenght++;
65: // @audit Length
66: hTokensLenght++;
File: ulysses-omnichain/BranchBridgeAgent.sol
644: // @audit encoded
645: * @param _params RLP enconded parameters to execute on the root chain.
664: // @audit encoded
665: * @param _params RLP enconded parameters to execute on the root chain.
700: // @audit encoded
701: * @param _params RLP enconded parameters to execute on the root chain.
968: // @audit addresses
969: * @param _hToken local hToken addresse to clear balance for.
969: // @audit addresses
970: * @param _token native / underlying token addresse to clear balance for.
1056: // @audit attached
1057: * @param _depositNonce Identifier for user deposit attatched to interaction being fallback.
File: ulysses-omnichain/CoreBranchRouter.sol
196: // @audit environment
197: * @notice Function to deploy/add a token already active in the global enviornment in the Root Chain. Must be called from another chain.
File: ulysses-omnichain/interfaces/IRootPort.sol
132: // @audit ACCOUNTING
133: hTOKEN ACCOUTING FUNCTIONS
File: ulysses-omnichain/interfaces/IPortStrategy.sol
6: // @audit Branch
7: * @notice Base Contract for interfacing with Brach Port Strategy contracts
File: ulysses-omnichain/interfaces/IBranchRouter.sol
35: // @audit encoded
36: * @param params RLP enconded parameters to execute on the root chain.
44: // @audit encoded
45: * @param params RLP enconded parameters to execute on the root chain.
56: // @audit encoded
57: * @param params RLP enconded parameters to execute on the root chain.
File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol
87: // @audit responsible
88: * @notice Contract for deployment in Branch Chains of Omnichain System, responible for
104: // @audit invalid
105: * as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change
161: // @audit encoded
162: * @param params enconded parameters to execute on the root chain router.
170: // @audit encoded
171: * @param params enconded parameters to execute on the root chain router.
182: // @audit encoded
183: * @param params enconded parameters to execute on the root chain router.
196: // @audit encoded
197: * @param params enconded parameters to execute on the root chain router.
205: // @audit encoded
206: * @param params enconded parameters to execute on the root chain router.
217: // @audit encoded
218: * @param params enconded parameters to execute on the root chain router.
272: // @audit addresses
273: * @param _hToken local hToken addresse to clear balance for.
273: // @audit addresses
274: * @param _token native / underlying token addresse to clear balance for.
328: // @audit encoded
329: * @param params enconded parameters to execute on the root chain router.
346: // @audit encoded
347: * @param params enconded parameters to execute on the root chain router.
File: ulysses-omnichain/interfaces/IVirtualAccount.sol
13: // @audit performed
14: * @dev This contract is based off Maker's `Multicall2` contract, executes a set of `Call` objects if any of the perfomed call is invalid the whole batch should revert.
File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol
101: // @audit invalid
102: * as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change
162: // @audit initial
163: * @notice External function to get the intial gas available for remote request execution.
File: ulysses-omnichain/RootBridgeAgent.sol
472: // @audit receiver
473: * @param _recipient destination chain reciever address.
508: // @audit receiver
509: * @param _recipient destination chain reciever address.
574: // @audit Status
575: //Update Settlement Staus
File: talos/interfaces/ITalosBaseStrategy.sol
116: // @audit transferred
117: * @param receiver address that tlp should be transfered
131: // @audit transferred
132: * @param receiver address that tokens should be transfered
163: // @audit swapping
164: /// @notice Called to `msg.sender` after minting swaping from IUniswapV3Pool#swap.
229: // @audit position
230: /// @param tickLower Lower price tick of the positon
File: talos/TalosStrategyVanilla.sol
125: // @audit perspective
126: /// @notice Compounds fees from the pool from a user prespective
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L125-L126
File: talos/libraries/PoolVariables.sol
246: // @audit conversion
247: : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L246-L247
File: uni-v3-staker/UniswapV3Staker.sol
50: // @audit Attachments
51: mapping(address => mapping(IUniswapV3Pool => uint256)) private _userAttachements;
74: // @audit Attachments
75: function userAttachements(address user, IUniswapV3Pool pool) external view override returns (uint256) {
75: // @audit Attachments
76: return hermesGaugeBoost.isUserGauge(user, address(gauges[pool])) ? _userAttachements[user][pool] : 0;
302: // @audit Attachments
303: if (_userAttachements[owner][key.pool] == tokenId) {
400: // @audit Attachments
401: if (hermesGaugeBoost.isUserGauge(owner, address(gauge)) && _userAttachements[owner][key.pool] == tokenId) {
404: // @audit Attachments
405: _userAttachements[owner][key.pool] = 0;
495: // @audit Attachments
496: _userAttachements[tokenOwner][pool] = tokenId;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L50-L51
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
139: // @audit Attachments
140: function userAttachements(address user, IUniswapV3Pool pool) external view returns (uint256);
File: hermes/interfaces/IBaseV2Minter.sol
116: // @audit initialize
117: /// @dev Throws when the caller of `intialize()` is not the initializer contract.
File: erc-20/interfaces/IERC20Boost.sol
14: // @audit calculated
15: * Then liquidity per user should be caculated by using this formula, from curve finance:
213: // @audit emitted
214: /// @notice emmitted when a user attaches boost to a gauge.
216: // @audit emitted
217: /// @notice emmitted when a user detaches boost from a gauge.
219: // @audit emitted
220: /// @notice emmitted when a user updates their boost.
222: // @audit emitted
223: /// @notice emmitted when a user decrements their gauge boost.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L14-L15
File: rewards/rewards/FlywheelInstantRewards.sol
32: // @audit existing
33: return rewardsDepot.getRewards(); // get exisiting rewards
Solidity 0.8.10 has a useful change that reduced gas costs of external calls which expect a return value.
In 0.8.15 the conditions necessary for inlining are relaxed. Benchmarks show that the change significantly decreases the bytecode size (which impacts the deployment cost) while the effect on the runtime gas usage is smaller.
In 0.8.17 prevent the incorrect removal of storage writes before calls to Yul functions that conditionally terminate the external EVM call; Simplify the starting offset of zero-length operations to zero. More efficient overflow checks for multiplication.
There are 68 instances of this issue:
File: rewards/FlywheelCoreStrategy.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L2
File: rewards/FlywheelCoreInstant.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L2
File: rewards/rewards/FlywheelAcummulatedRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/rewards/FlywheelInstantRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/rewards/FlywheelGaugeRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L3
File: rewards/rewards/FlywheelBribeRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L3
File: rewards/base/BaseFlywheelRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L3
File: rewards/base/FlywheelCore.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L3
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
3: pragma solidity ^0.8.0;
File: rewards/depots/RewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L2
File: rewards/depots/SingleRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L2
File: rewards/depots/MultiRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L2
File: hermes/UtilityManager.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L3
File: hermes/bHermes.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L2
File: hermes/tokens/bHermesVotes.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L2
File: hermes/tokens/bHermesBoost.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L2
File: hermes/tokens/bHermesGauges.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L2
File: hermes/minters/BaseV2Minter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L2
File: erc-20/ERC20Boost.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L3
File: erc-20/ERC20Gauges.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L3
File: erc-20/ERC20MultiVotes.sol
4: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L4
File: gauges/UniswapV3Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L2
File: gauges/BaseV2Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L2
File: gauges/factories/BribesFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L2
File: gauges/factories/BaseV2GaugeManager.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L3
File: gauges/factories/BaseV2GaugeFactory.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L3
File: gauges/factories/UniswapV3GaugeFactory.sol
3: pragma solidity ^0.8.0;
File: uni-v3-staker/UniswapV3Staker.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L3
File: uni-v3-staker/libraries/IncentiveTime.sol
2: pragma solidity ^0.8.0;
File: uni-v3-staker/libraries/NFTPositionInfo.sol
3: pragma solidity ^0.8.0;
File: uni-v3-staker/libraries/IncentiveId.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L2
File: uni-v3-staker/libraries/RewardMath.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L2
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
3: pragma solidity ^0.8.0;
File: talos/TalosManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L2
File: talos/TalosOptimizer.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L3
File: talos/factories/OptimizerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L2
File: talos/factories/TalosStrategyVanillaFactory.sol
3: pragma solidity ^0.8.0;
File: talos/factories/BoostAggregatorFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/TalosBaseStrategyFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/TalosStrategyStakedFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/RootBridgeAgent.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L2
File: ulysses-omnichain/ArbitrumBranchPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L3
File: ulysses-omnichain/CoreBranchRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L2
File: ulysses-omnichain/BaseBranchRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L2
File: ulysses-omnichain/BranchBridgeAgent.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L2
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/MulticallRootRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/VirtualAccount.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L3
File: ulysses-omnichain/CoreRootRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L2
File: ulysses-omnichain/BranchPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L3
File: ulysses-omnichain/RootPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L3
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
2: pragma solidity ^0.8.0;
File: ulysses-amm/UlyssesToken.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L2
File: ulysses-amm/UlyssesRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L2
File: ulysses-amm/UlyssesPool.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L2
File: maia/PartnerUtilityManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L2
File: maia/vMaia.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L3
File: maia/factories/PartnerManagerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L2
File: maia/tokens/ERC4626PartnerManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L2
File: maia/tokens/Maia.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L2
The solidity style guide recommends a maximumum line length of 120 characters, so the lines below should be split when they reach that length.
There are 192 instances of this issue:
File: rewards/FlywheelCoreStrategy.sol
19: * It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.
22: * the rewards index which determines how many rewards are owed per token per strategy. User indexes track how far behind the strategy they are to lazily calculate all catch-up rewards.
26: * Core does not manage any tokens directly. The rewards module maintains token balances, and approves core to pull transfer them to users when they claim.
28: * SECURITY NOTE: For maximum accuracy and to avoid exploits, rewards accrual should be notified atomically through the accrue hook.
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L19
File: rewards/FlywheelCoreInstant.sol
19: * It takes a single reward stream to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.
22: * the rewards index which determines how many rewards are owed per token per strategy. User indexes track how far behind the strategy they are to lazily calculate all catch-up rewards.
26: * Core does not manage any tokens directly. The rewards module maintains token balances, and approves core to pull transfer them to users when they claim.
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L19
File: rewards/rewards/FlywheelGaugeRewards.sol
74: /// This will make this call fail if it is a new epoch, because the minter calls this function, the first call would fail with "CycleError()".
109: /// This will make this call fail if it is a new epoch, because the minter calls this function, the first call would fail with "CycleError()".
141: // Important to do non-strict inequality to include the case where the numRewards is just enough to complete the cycle
File: rewards/interfaces/IFlywheelAcummulatedRewards.sol
11: * Once every cycle all the rewards can be accrued from the strategy's corresponding rewards depot for subsequent distribution.
13: * The getNextCycleRewards() hook should also transfer the next cycle's rewards to this contract to ensure proper accounting.
File: rewards/interfaces/IFlywheelBooster.sol
11: * It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.
18: * SECURITY NOTE: similar to how Core needs to be notified any time the strategy user composition changes, the booster would need to be notified of any conditions which change the boosted balances atomically.
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBooster.sol#L11
File: rewards/interfaces/IFlywheelRewards.sol
13: * It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.
16: * - determining the ongoing reward amounts to entire strategies (core handles the logic for dividing among users)
19: * The reward stream can follow arbitrary logic as long as the reward amount passed to flywheel core has been sent to this contract.
27: * SECURITY NOTE: The rewards strategy should be smooth and continuous, to prevent gaming the reward distribution by frontrunning.
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L13
File: rewards/interfaces/IFlywheelGaugeRewards.sol
22: * The contract assumes an arbitrary stream of rewards `S` of the rewardToken. It chunks the rewards into cycles of length `l`.
24: * The allocation function for each cycle A(g, S) proportions the stream to each gauge such that SUM(A(g, S)) over all gauges <= S.
27: * Rewards are accumulated every time a new rewards cycle begins, and all prior rewards are cached in the previous cycle.
95: /// @notice emitted when a single gauge is queued. May be emitted before the cycle starts if the queue is done via pagination.
File: rewards/interfaces/IFlywheelCore.sol
13: * It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.
16: * the rewards index which determines how many rewards are owed per token per strategy. User indexes track how far behind the strategy they are to lazily calculate all catch-up rewards.
20: * Core does not manage any tokens directly. The rewards module maintains token balances, and approves core to pull transfer them to users when they claim.
22: * SECURITY NOTE: For maximum accuracy and to avoid exploits, rewards accrual should be notified atomically through the accrue hook.
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L13
File: rewards/base/BaseFlywheelRewards.sol
16: * @dev approves the flywheel core for the reward token to allow balances to be managed by the module but claimed from core.
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L16
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
14: * It takes reward streams to various *strategies* such as staking LP tokens and divides them among *users* of those strategies.
21: * SECURITY NOTE: similar to how Core needs to be notified any time the strategy user composition changes, the booster would need to be notified of any conditions which change the boosted balances atomically.
File: hermes/interfaces/IBaseV2Minter.sol
25: /// @notice ERC4626 vault that receives emissions via rebases, which later will be distributed throughout the depositors.
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L25
File: erc-20/ERC20Gauges.sol
77: return (nowPlusOneCycle / gaugeCycleLength) * gaugeCycleLength; // cannot divide by zero and always <= nowPlusOneCycle so no overflow
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L77
File: erc-20/ERC20MultiVotes.sol
217: * If delegatee does not have any free votes and doesn't change their vote delegator won't be able to undelegate.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L217
File: erc-20/interfaces/IERC20Gauges.sol
8: * @notice This contract is meant to be used to support gauge style votes with weights associated with resource allocation.
16: * The contract's Ownable <https://github.com/Vectorized/solady/blob/main/src/auth/Ownable.sol> manages the gauge set and cap.
72: * @notice returns the end of the current cycle. This is the next unix timestamp which evenly divides `gaugeCycleLength`
83: * @notice returns the stored weight of a given gauge. This is the snapshotted weight as-of the end of the last cycle.
156: * @return the proportion of `quantity` allocated to `gauge`. Returns 0 if a gauge is not live, even if it has weight.
206: * @dev if this number is ever lowered, or a contract has an override, then existing addresses MAY have more gauges allocated to. Use `numUserGauges` to check this.
232: * @dev if this is set to a lower number than the current max, users MAY have more gauges active than the max. Use `numUserGauges` to check this.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Gauges.sol#L8
File: erc-20/interfaces/IERC20MultiVotes.sol
135: * @notice Delegate all votes `newDelegatee`. First undelegates from an existing delegate. If `newDelegatee` is zero, only undelegates.
138: * NOTE This is meant for backward compatibility with the `ERC20Votes` and `ERC20VotesComp` interfaces from OpenZeppelin.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20MultiVotes.sol#L135
File: erc-20/interfaces/IERC20Boost.sol
8: * Holders can have their boost attached to gauges and cannot transfer their bHermes until they remove their boost.
9: * Only gauges can attach and detach boost from a user. The current user's boost and total supply are stored when attaching.
26: * After having the boost attached, getUserBoost() will return the maximum boost a user had allocated to all gauges.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L8
File: uni-v3-staker/libraries/IncentiveTime.sol
13: uint256 private constant INCENTIVES_DURATION = 1 weeks; // Incentives are 1 week long and start at THURSDAY 12:00:00 UTC (00:00:00 UTC + 12 hours (INCENTIVE_OFFSET))
20: return uint96(((timestamp - INCENTIVES_OFFSET) / INCENTIVES_DURATION) * INCENTIVES_DURATION + INCENTIVES_OFFSET);
File: uni-v3-staker/libraries/RewardMath.sol
14: /// @param liquidity The amount of liquidity, assumed to be constant over the period over which the snapshots are measured
17: /// @param secondsPerLiquidityInsideInitialX128 The seconds per liquidity of the liquidity tick range as of the beginning of the period
18: /// @param secondsPerLiquidityInsideX128 The seconds per liquidity of the liquidity tick range as of the current block timestamp
19: /// @return boostedSecondsInsideX128 The total liquidity seconds inside the position's range for the duration of the stake, adjusted to account for boost
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L14
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
153: /// @notice Returns amounts of reward tokens owed to a given address according to the last time all stakes were updated
File: governance/GovernorBravoDelegateMaia.sol
29: /// @notice The number of votes in support of a proposal required in order for a quorum to be reached and for a vote to succeed
120: targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,
443: * @notice Admin function for setting the whitelist expiration as a timestamp for an account. Whitelist status allows accounts to propose without meeting threshold
458: * @notice Admin function for setting the whitelistGuardian. WhitelistGuardian can cancel proposals from whitelisted addresses
484: * @dev Admin function to begin change of admin. The newPendingAdmin must call `_acceptAdmin` to finalize the transfer.
File: talos/TalosStrategyStaked.sol
82: _boostAggregator.setOwnRewardsDepot(address(FlywheelInstantRewards(_flywheel.flywheelRewards()).rewardsDepot()));
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L82
File: talos/TalosStrategyVanilla.sol
2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/PopsicleV3Optimizer.sol)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L2
File: talos/TalosOptimizer.sol
2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/OptimizerStrategy.sol)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L2
File: talos/libraries/PoolVariables.sol
128: bool zeroGreaterOne = amountsDirection(cache.amount0Desired, cache.amount1Desired, cache.amount0, cache.amount1);
190: // From: amount0Desired.sub(amount0).mul(amount1Desired) > amount1Desired.sub(amount1).mul(amount0Desired) ? true : false
245: // Calculate the amount of imbalanced token that should be swapped. Calculations strive to achieve one to one ratio
248: : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L128
File: talos/libraries/PoolActions.sol
45: //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L45
File: talos/interfaces/ITalosOptimizer.sol
2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/OptimizerStrategy.sol)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosOptimizer.sol#L2
File: talos/interfaces/ITalosBaseStrategy.sol
2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/PopsicleV3Optimizer.sol)
83: /// @notice A Uniswap pool facilitates swapping and automated market-making between any two assets that strictly conform
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L2
File: talos/base/TalosBaseStrategy.sol
2: // Logic inspired by Popsicle Finance Contracts (PopsicleV3Optimizer/contracts/popsicle-v3-optimizer/PopsicleV3Optimizer.sol)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L2
File: talos/factories/TalosStrategyVanillaFactory.sol
39: return DeployVanilla.createTalosV3Vanilla(pool, optimizer, nonfungiblePositionManager, strategyManager, owner());
File: ulysses-omnichain/RootBridgeAgent.sol
47: * @dev Local hToken must be recognized and address must match underlying if exists otherwise only local hToken is checked.
57: || (_dParams.amount > 0 && !IPort(_localPortAddress).isLocalToken(_dParams.hToken, _fromChain)) //Check local exists.
58: || (_dParams.deposit > 0 && !IPort(_localPortAddress).isUnderlyingToken(_dParams.token, _fromChain)) //Check underlying exists.
153: /// @notice Chain -> Branch Bridge Agent Address. For N chains, each Root Bridge Agent Address has M =< N Branch Bridge Agent Address.
173: /// @notice If true, bridge agent has already served a request with this nonce from a given chain. Chain -> Nonce -> Bool
181: uint256 internal constant MIN_EXECUTION_OVERHEAD = 155_000; // 100_000 for anycall + 30_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Execution
433: * @notice Updates the token balance state by moving assets from root omnichain environment to branch chain, when a user wants to bridge out tokens from the root bridge agent chain.
546: * @notice Function to retry a user's Settlement balance with a new amount of gas to bridge out of Root Bridge Agent's Omnichain Environment.
619: * @notice Function to reopen a user's Settlement balance as pending and thus retryable by users. Called upon anyFallback of triggered by Branch Bridge Agent.
683: //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit
727: //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit
751: address(wrappedNativeToken).safeTransfer(getBranchBridgeAgent[localChainId], userFeeInfo.gasToBridgeOut);
792: * @notice Pays for the remote call execution gas. Demands that the user has enough gas to replenish gas for the anycall config contract or forces reversion.
854: /// @notice Internal function that return 'from' address and 'fromChain' Id by performing an external call to AnycallExecutor Context.
1286: /// @notice Verifies the caller is the Anycall Executor or Local Branch Bridge Agent. Internal function used in modifier to reduce contract bytesize.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L47
File: ulysses-omnichain/ArbitrumBranchPort.sol
24: /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.
66: address underlyingAddress = IRootPort(rootPortAddress).getUnderlyingTokenFromLocal(_globalAddress, localChainId);
File: ulysses-omnichain/CoreBranchRouter.sol
86: * @notice Function to deploy/add a token already active in the global environment in the Root Chain. Must be called from another chain.
115: * @notice Function to deploy/add a token already active in the global environment in the Root Chain. Must be called from another chain.
198: * @notice Function to deploy/add a token already active in the global enviornment in the Root Chain. Must be called from another chain.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L86
File: ulysses-omnichain/BaseBranchRouter.sol
88: IBridgeAgent(localBridgeAgentAddress).retrySettlement{value: msg.value}(_settlementNonce, _gasToBoostSettlement);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L88
File: ulysses-omnichain/BranchBridgeAgent.sol
97: /// @notice Address for Bridge Agent who processes requests submitted for the Root Router Address where cross-chain requests are executed in the Root Chain.
103: /// @notice Address for Local Anyexec Address where cross-chain requests from the Root Chain Router are received locally.
109: /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.
128: /// @notice If true, bridge agent has already served a request with this nonce from a given chain. Chain -> Nonce -> Bool
137: uint256 internal constant MIN_FALLBACK_RESERVE = 185_000; // 100_000 for anycall + 85_000 fallback execution overhead
138: uint256 internal constant MIN_EXECUTION_OVERHEAD = 160_000; // 100_000 for anycall + 35_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Executions
616: PARAMS_TKN_START + PARAMS_DEPOSIT_OFFSET * uint16(numOfAssets) + (PARAMS_ENTRY_SIZE * uint16(i)):
751: * @notice Internal function to move assets from branch chain to root omnichain environment. Naive assets are deposited and hTokens are bridgedOut.
766: * @notice Internal function to move assets from branch chain to root omnichain environment. Naive assets are deposited and hTokens are bridgedOut.
793: * @dev Internal function to move assets from branch chain to root omnichain environment. Naive assets are deposited and hTokens are bridgedOut.
1107: * @notice Internal function that returns 'from' address and 'fromChain' Id by performing an external call to AnycallExecutor Context.
1385: /// @notice Verifies the caller is the Anycall Executor. Internal function used in modifier to reduce contract bytesize.
1398: /// @notice Internal function that verifies caller is Branch Bridge Agent's Router. Reuse to reduce contract bytesize.
1409: /// @notice Verifies enough gas is deposited to pay for an eventual fallback call. Reuse to reduce contract bytesize.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L97
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
208: IRouter(_router).anyExecuteSigned(_data[25], _data[26:_data.length - PARAMS_GAS_IN], _account, _fromChainId);
403: PARAMS_TKN_START + PARAMS_DEPOSIT_OFFSET * uint16(numOfAssets) + (PARAMS_ENTRY_SIZE * uint16(i)):
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
110: (success, result) = IRouter(_router).anyExecuteSettlement(_data[129:_data.length - PARAMS_GAS_OUT], sParams);
File: ulysses-omnichain/MulticallRootRouter.sol
50: /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.
53: /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.
87: * @notice Function to perform a set of actions on the omnichian environment without using the user's Virtual Acccount.
507: /// @notice Verifies the caller is the Bridge Agent Executor. Internal function used in modifier to reduce contract bytesize.
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
154: * @notice Internal function to pay for execution gas. Overwritten Gas is processed by Root Bridge Agent contract - `depositedGas` is used to pay for execution and `gasToBridgeOut`is cleared to recipient.
172: * @notice Internal function to pay for fallback gas. Overwritten no cross-chain messaging fallback between Arbitrum Branch Bridge Agent and Root Bridge Agent.
179: * @notice Internal function to deposit gas to the AnycallProxy. Cross-chain messaging + Gas is managed by the Root Bridge Agent
183: /// @notice Verifies the caller is the Anycall Executor. Internal function used in modifier to reduce contract bytesize.
188: /// @notice Verifies enough gas is deposited to pay for an eventual fallback call. Reuse to reduce contract bytesize.
File: ulysses-omnichain/VirtualAccount.sol
68: /// @notice Modifier that verifies msg sender is the approved to use the virtual account. Either the owner or an approved router.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L68
File: ulysses-omnichain/CoreRootRouter.sol
42: /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.
45: /// @notice Address for Local Port Address where funds deposited from this chain are kept, managed and supplied to different Port Strategies.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L42
File: ulysses-omnichain/BranchPort.sol
70: /// @notice Mapping returns true if Port Startegy is allowed to manage a given Strategy Token. Strategy => Token => bool.
79: /// @notice Mapping returns the amount of Strategy Token debt a given Port Startegy has. Strategy => Token => uint256.
82: /// @notice Mapping returns the last time a given Port Strategy managed a given Strategy Token. Strategy => Token => uint256.
85: /// @notice Mapping returns the time limit a given Port Strategy must wait before managing a Strategy Token. Strategy => Token => uint256.
144: * @notice Internal function to return the minimum amount of reserves of a given Strategy Token the Port should hold.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L70
File: ulysses-omnichain/RootPort.sol
232: /// @notice Internal function that returns True if Local Token and is also already added in another branch chain, false otherwise.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L232
File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol
100: * Router interaction the userDepositedGas < executionGasSpent. This is done by calling the `_forceRevert()`
101: * internal function clearing all executionBudget from the AnycallConfig contract forcing the error `no enough budget`.
102: * - 3: The `RootBridgeAgentExecutor` is in charge of requesting token deposits for each remote interaction as well
103: * as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change
104: * both the token deposit clearances as well as the external interactions will be reverted. Yet executionGas
120: * 0x07 | Call to `retrySettlement()´. (retries sending a settlement + calldata for branch execution with new gas)
121: * 0x08 | Call to `clearDeposit()´. (clears a deposit that has not been executed yet triggering `anyFallback`)
133: * ___________________________________________________________________________________________________________________________
134: * | Flag | Deposit Info | Token Info | DATA | Gas Info |
135: * | 1 byte | 4-25 bytes | 3 + (105 or 128) * n bytes | --- | 32 bytes |
136: * | | | hT - t - A - D - C | | |
137: * |_______________________________|____________________________|____________________________________|__________|_____________|
138: * | callOutSystem = 0x0 | 4b(nonce) | ------------- | --- | dep + bOut |
139: * | callOut = 0x1 | 4b(nonce) | ------------- | --- | dep + bOut |
140: * | callOutSingle = 0x2 | 4b(nonce) | 20b + 20b + 32b + 32b + 3b | --- | 16b + 16b |
141: * | callOutMulti = 0x3 | 1b(n) + 4b(nonce) | 32b + 32b + 32b + 32b + 3b | --- | 16b + 16b |
142: * | callOutSigned = 0x4 | 20b(recip) + 4b(nonce) | ------------- | --- | 16b + 16b |
143: * | callOutSignedSingle = 0x5 | 20b + 4b(nonce) | 20b + 20b + 32b + 32b + 3b | --- | 16b + 16b |
144: * | callOutSignedMultiple = 0x6 | 20b + 1b(n) + 4b(nonce) | 32b + 32b + 32b + 32b + 3b | --- | 16b + 16b |
145: * |_______________________________|____________________________|____________________________________|__________|_____________|
150: * RootBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted) -> RootBridgeAgent (replenishedGas)
153: * RootBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted) -> RootBridgeAgent (replenishedGas)
156: * RootBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted)
196: * @notice External function to verify a given chain has been allowed by the Root Bridge Agent's Manager for new Branch Bridge Agent creation.
217: * @param _owner address allowed for redeeming assets after a failed settlement fallback. This address' Virtual Account is also allowed.
238: * @param _owner address allowed for redeeming assets after a failed settlement fallback. This address' Virtual Account is also allowed.
263: * @notice Function to move assets from branch chain to root omnichain environment. Called in response to Bridge Agent Executor.
271: * @notice Function to move assets from branch chain to root omnichain environment. Called in response to Bridge Agent Executor.
349: * @notice Function to force revert when a remote action does not have enough gas or is being retried after having been previously executed.
File: ulysses-omnichain/interfaces/IRootRouter.sol
44: * @notice Function responsible of executing a crosschain request which contains cross-chain deposit information attached.
59: * @notice Function responsible of executing a crosschain request which contains cross-chain deposit information for multiple assets attached.
86: * @notice Function responsible of executing a crosschain request which contains cross-chain deposit information and msg.sender attached.
102: * @notice Function responsible of executing a crosschain request which contains cross-chain deposit information for multiple assets and msg.sender attached.
File: ulysses-omnichain/interfaces/IVirtualAccount.sol
14: * @notice A Virtual Account allows users to manage assets and perform interactions remotely while allowing dApps to keep encapsulated user balance for accounting purposes.
15: * @dev This contract is based off Maker's `Multicall2` contract, executes a set of `Call` objects if any of the perfomed call is invalid the whole batch should revert.
File: ulysses-omnichain/interfaces/IApp.sol
8: * @notice anyExecute is the function that will be called on the destination chain to execute interaction (required).
16: * @notice anyFallback is the function that will be called on the originating chain if the cross chain interaction fails (optional, advised).
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IApp.sol#L8
File: ulysses-omnichain/interfaces/IBranchPort.sol
151: * @notice Reverts the toggle on the given bridge agent factory. If it's active, it will de-activate it and vice-versa.
File: ulysses-omnichain/interfaces/IBranchRouter.sol
112: * @dev Function responsible of executing a crosschain request which contains cross-chain deposit information attached.
File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol
102: * - 2: The `BranchBridgeAgent` will trigger a revert all state changes if by the end of the remote initiated call
103: * Router interaction the userDepositedGas < executionGasSpent. This is done by calling the `_forceRevert()`
104: * internal function clearing all executionBudget from the AnycallConfig contract forcing the error `no enough budget`.
105: * - 3: The `BranchBridgeAgentExecutor` is in charge of requesting token deposits for each remote interaction as well
106: * as performing the Router calls, if any of the calls initiated by the Router lead to an invlaid state change
107: * both the token deposit clearances as well as the external interactions will be reverted. Yet executionGas
128: * ________________________________________________________________________________________________________________________________
129: * | Flag | Deposit Info | Token Info | DATA | Gas Info |
130: * | 1 byte | 4-25 bytes | (105 or 128) * n bytes | --- | 16 bytes |
131: * | | | hT - t - A - D | | |
132: * |_______________________________|__________________________________|____________________________________|__________|_____________|
133: * | callOut = 0x0 | 20b(recipient) + 4b(nonce) | ------------- | --- | dep |
134: * | callOutSingle = 0x1 | 20b(recipient) + 4b(nonce) | 20b + 20b + 32b + 32b | --- | 16b |
135: * | callOutMulti = 0x2 | 1b(n) + 20b(recipient) + 4b | 32b + 32b + 32b + 32b | --- | 16b |
136: * |_______________________________|__________________________________|____________________________________|__________|_____________|
140: * BranchBridgeAgent.anyExecute**() -> BridgeAgentExecutor.execute**() -> Router.anyExecute**() -> BridgeAgentExecutor (txExecuted) -> BranchBridgeAgent (replenishedGas)
197: * @notice Function to perform a call to the Root Omnichain Router without token deposit with msg.sender information.
218: * @notice Function to perform a call to the Root Omnichain Router while depositing two or more assets with msg.sender.
232: * @notice Function to perform a call to the Root Omnichain Environment retrying a failed deposit that hasn't been executed yet.
257: * @notice External function to request tokens back to branch chain after a failed omnichain environment interaction.
368: * @notice Function to force revert when a remote action does not have enough gas or is being retried after having been previously executed.
File: ulysses-omnichain/interfaces/IRootPort.sol
13: /// @title Struct that contains the information of the Gas Pool - used for swapping in and out of a given Branch Chain's Gas Token.
107: /// @notice View Function returns True if Local Token and is also already added in another branch chain, false otherwise.
221: * @notice Toggles the approval of a router for a virtual account. Allows for a router to spend a user's virtual account.
278: * @param _newUnderlyingBranchWrappedNativeTokenAddress address of the underlying wrapped native token of the new branch
File: ulysses-amm/UlyssesPool.sol
480: iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)
867: add(add(iszero(iszero(mod(mul(height, feeTier), maxWidth))), div(mul(height, feeTier), maxWidth)), offset)
1126: add(iszero(iszero(mod(mul(assets, _protocolFee), DIVISIONER))), div(mul(assets, _protocolFee), DIVISIONER))
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L480
Using // x
, * x
is more preferable than //x
, *x
. It is easier to read and also easier to search for.
There are 1283 instances of this issue:
File: talos/TalosManager.sol
67: //Calculate base ticks.
79: //Calculate base ticks.
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L17
File: talos/TalosStrategyVanilla.sol
47: uint24 private constant protocolFee = 2 * 1e5; //20%
135: //Get Liquidity for Optimizer's balances
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L47
File: talos/libraries/PoolVariables.sol
52: //Get current price from the pool
73: //Get current price from the pool
120: //Calc base ticks
122: //Calc amounts of token0 and token1 that can be stored in base range
125: //Liquidity that can be stored in base range
127: //Get imbalanced token
129: //Calc new tick(upper or lower) for imbalanced token
231: //Calc base ticks
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L52
File: talos/libraries/PoolActions.sol
25: //Any data passed through by the caller via the IUniswapV3PoolActions#swap call
45: //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit
101: //Get exact ticks depending on Optimizer's balances
File: ulysses-omnichain/RootBridgeAgent.sol
56: (_dParams.amount < _dParams.deposit) //Deposit can't be greater than amount.
57: || (_dParams.amount > 0 && !IPort(_localPortAddress).isLocalToken(_dParams.hToken, _fromChain)) //Check local exists.
58: || (_dParams.deposit > 0 && !IPort(_localPortAddress).isUnderlyingToken(_dParams.token, _fromChain)) //Check underlying exists.
227: accumulatedFees = 1; //Avoid paying 20k gas in first `payExecutionGas` making MIN_EXECUTION_OVERHEAD constant.
245: //Update User Gas available.
250: //Clear Settlement with updated gas.
256: //Get deposit owner.
259: //Update Deposit
276: //Encode Data for call.
280: //Perform Call to clear hToken balance on destination branch chain.
294: //Get destination Local Address from Global Address.
297: //Get destination Underlying Address from Local Address.
300: //Check if valid assets
305: //Prepare data for call
318: //Update State to reflect bridgeOut
323: //Create Settlement
326: //Perform Call to clear hToken balance on destination branch chain and perform call.
343: //Populate Addresses for Settlement
358: //Prepare data for call with settlement of multiple assets
372: //Create Settlement Balance
375: //Perform Call to destination Branch Chain.
388: //Check Deposit info from Cross Chain Parameters.
393: //Get global address
396: //Check if valid asset
399: //Move hTokens from Branch to Root + Mint Sufficient hTokens to match new port deposit
452: //Move output hTokens from Root to Branch
458: //Verify there is enough balance to clear native tokens if needed
493: //Cast to Dynamic
503: //Call createSettlement
551: //Get Settlement
554: //Check if Settlement hasn't been redeemed.
557: //abi encodePacked
560: //overwrite last 16bytes of callData
570: //Update Gas To Bridge Out
573: //Set Settlement Calldata to send to Branch Chain
576: //Update Settlement Staus
579: //Retry call with additional gas
582: //Retry Success
595: //Clear Global hTokens To Recipient on Root Chain cancelling Settlement to Branch
597: //Check if asset
599: //Move hTokens from Branch to Root + Mint Sufficient hTokens to match new port deposit
624: //Update Deposit
642: //Local mapping of valid gas pools
660: //Get fromChain's Gas Pool Info
664: //Check if valid addresses
667: //Move Gas hTokens from Branch to Root / Mint Sufficient hTokens to match new port deposit
670: //Save Gas Pool for future use
673: //Get sqrtPriceX96
679: //Get limit
683: //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit
704: //Get fromChain's Gas Pool Info
708: //Check if valid addresses
711: //Save Gas Pool for future use
716: //Get sqrtPriceX96
722: //Get limit
727: //Swap imbalanced token as long as we haven't used the entire amountSpecified and haven't reached the price limit
749: //Transfer gasToBridgeOut Local Branch Bridge Agent if remote initiated call.
781: //Sends message to AnycallProxy
786: //Execute locally
801: //reset initial remote execution gas and remote execution fee information
807: //Get Available Gas
810: //Get Root Environment Execution Cost
813: //Check if sufficient balance
819: //Replenish Gas
822: //Account for excess gas
832: //Save gasleft
835: //Get Branch Environment Execution Cost
838: //Check if sufficient balance
844: //Update user deposit reverts if not enough gas
849: //Unwrap Gas
866: //Get Initial Gas Checkpoint
874: //Save initial gas
877: //Get fromChainId from AnyExecutor Context
880: //Save fromChainId
883: //Swap in all deposited Gas
888: //Save Gas to Swap out to destination chain
891: //Local Chain initiated call
894: //Save depositedGas
897: //Save Gas to Swap out to destination chain
903: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
907: //Store User Fee Info
910: //Read Bridge Agent Action Flag attached from cross-chain message header.
913: //DEPOSIT FLAG: 0 (System request / response)
915: //Get nonce
918: //Check if tx has already been executed
921: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
925: //Try to execute remote request
931: //Interaction failure trigger fallback
935: //Update tx state as executed
938: //DEPOSIT FLAG: 1 (Call without Deposit)
940: //Get Deposit Nonce
943: //Check if tx has already been executed
946: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
950: //Try to execute remote request
956: //No new asset deposit no need to trigger fallback
960: //Update tx state as executed
963: //DEPOSIT FLAG: 2 (Call with Deposit)
965: //Get Deposit Nonce
968: //Check if tx has already been executed
971: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
975: //Try to execute remote request
984: //Update tx state as executed
987: //DEPOSIT FLAG: 3 (Call with multiple asset Deposit)
989: //Get deposit nonce
992: //Check if tx has already been executed
995: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
999: //Try to execute remote request
1008: //Update tx state as executed
1011: //DEPOSIT FLAG: 4 (Call without Deposit + msg.sender)
1013: //Get deposit nonce associated with request being processed
1016: //Check if tx has already been executed
1019: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1023: //Get User Virtual Account
1028: //Toggle Router Virtual Account use for tx execution
1031: //Try to execute remote request
1037: //No new asset deposit no need to trigger fallback
1041: //Toggle Router Virtual Account use for tx execution
1044: //Update tx state as executed
1047: //DEPOSIT FLAG: 5 (Call with Deposit + msg.sender)
1049: //Get deposit nonce associated with request being processed
1052: //Check if tx has already been executed
1055: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1059: //Get User Virtual Account
1064: //Toggle Router Virtual Account use for tx execution
1067: //Try to execute remote request
1076: //Toggle Router Virtual Account use for tx execution
1079: //Update tx state as executed
1082: //DEPOSIT FLAG: 6 (Call with multiple asset Deposit + msg.sender)
1084: //Get nonce
1087: //Check if tx has already been executed
1090: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1094: //Get User Virtual Account
1099: //Toggle Router Virtual Account use for tx execution
1102: //Try to execute remote request
1111: //Toggle Router Virtual Account use for tx execution
1114: //Update tx state as executed
1119: //Get nonce
1122: //Check if tx has already been executed
1125: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1129: //Try to execute remote request
1137: //Update tx state as executed
1142: //Get nonce
1145: //Check if tx has already been executed
1147: //Toggle Nonce as executed
1150: //Retry failed fallback
1154: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1158: //Unrecognized Function Selector
1160: //Zero out gas after use if remote call
1170: //Zero out gas after use if remote call
1183: //Get Initial Gas Checkpoint
1186: //Get fromChain
1190: //Save Flag
1193: //Deposit nonce
1220: //Deposit Gas
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L56
File: ulysses-omnichain/ArbitrumBranchPort.sol
44: ///@inheritdoc IArbitrumBranchPort
57: ///@inheritdoc IArbitrumBranchPort
File: ulysses-omnichain/CoreBranchRouter.sol
47: //Encode Call Data
50: //Pack FuncId
53: //Send Cross-Chain request (System Response/Request)
64: //Get Token Info
68: //Create Token
71: //Encode Data
74: //Pack FuncId
77: //Send Cross-Chain request (System Response/Request)
101: //Create Token
104: //Encode Data
107: //Pack FuncId
110: //Send Cross-Chain request
132: //Check if msg.sender is a valid BridgeAgentFactory
137: //Create Token
142: //Check BridgeAgent Address
147: //Encode Data
150: //Pack FuncId
153: //Send Cross-Chain request
213: //Add new Port Strategy if new.
216: //Or Update daily limit.
219: //Or Toggle Port Strategy.
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L31
File: ulysses-omnichain/BranchBridgeAgent.sol
184: //Wrap the gas allocated for omnichain execution.
187: //Perform Call without deposit
198: //Wrap the gas allocated for omnichain execution.
201: //Perform Call with deposit
211: //Wrap the gas allocated for omnichain execution.
214: //Perform Call with multiple deposits
225: //Encode Data for cross-chain call.
230: //Wrap the gas allocated for omnichain execution.
233: //Perform Signed Call without deposit
244: //Encode Data for cross-chain call.
259: //Wrap the gas allocated for omnichain execution.
262: //Create Deposit and Send Cross-Chain request
280: //Normalize Deposits
287: //Encode Data for cross-chain call.
303: //Wrap the gas allocated for omnichain execution.
306: //Create Deposit and Send Cross-Chain request
326: //Check if deposit belongs to message sender
329: //Encode Data for cross-chain call.
366: //Nonce
401: //Wrap the gas allocated for omnichain execution.
404: //Deposit Gas to Port
407: //Ensure success Status
410: //Update Deposited Gas
413: //Perform Call
424: //Encode Data for cross-chain call.
428: //Update State and Perform Call
434: //Encode Data for cross-chain call.
437: //Update State and Perform Call
442: //Deposit Gas for call.
445: //Perform Call
451: //Update Deposit
469: //Get remote call execution deposited gas.
473: //Wrap the gas allocated for omnichain execution.
476: //Check Fallback Gas
479: //Encode Data for cross-chain call.
483: //Perform Call
494: //Get remote call execution deposited gas.
498: //Wrap the gas allocated for omnichain execution.
501: //Check Fallback Gas
504: //Perform Call
516: //Get remote call execution deposited gas.
520: //Wrap the gas allocated for omnichain execution.
523: //Check Fallback Gas
526: //Perform Call
538: //Get remote call execution deposited gas.
542: //Wrap the gas allocated for omnichain execution.
545: //Check Fallback Gas
548: //Perform Call
570: //Parse Params
579: //Transfer token to recipient
581: //Parse Params
622: //Clear Tokens to destination
655: //Encode Data for cross-chain call.
659: //Perform Call
680: //Encode Data for cross-chain call.
694: //Create Deposit and Send Cross-Chain request
716: //Normalize Deposits
723: //Encode Data for cross-chain call.
738: //Create Deposit and Send Cross-Chain request
758: //Deposit Gas for call.
761: //Perform Call
785: //Deposit and Store Info
788: //Perform Call
812: //Validate Input
818: //Deposit and Store Info
821: //Perform Call
832: //Deposit Gas to Port
865: //Deposit / Lock Tokens into Port
868: //Deposit Gas to Port
911: //Deposit / Lock Tokens into Port
914: //Deposit Gas to Port
947: //Get Deposit
950: //Transfer token to depositor / user
959: //Delete Failed Deposit Token Info
994: //Update and return Deposit
1007: //Sends message to AnycallProxy
1019: //Gas remaining
1022: //Unwrap Gas
1025: //Delete Remote Initiated Action State
1028: ///Save gas left
1031: //Get Branch Environment Execution Cost
1034: //Check if sufficient balance
1040: //Replenish Gas
1043: //Transfer gas remaining to recipient
1046: //Save Gas
1049: //Check if sufficient balance
1062: //Save gas
1065: //Get Branch Environment Execution Cost
1068: //Check if sufficient balance
1074: //Update user deposit reverts if not enough gas => user must boost deposit with gas
1077: //Withdraw Gas
1080: //Unwrap Gas
1083: //Replenish Gas
1092: //Deposit Gas
1100: //Cast to uint256
1102: //Move Gas hTokens from Branch to Root / Mint Sufficient hTokens to match new port deposit
1113: /*///////////////////////////////////////////////////////////////
1115: //////////////////////////////////////////////////////////////*/
1124: //Get Initial Gas Checkpoint
1127: //Save Length
1130: //Save deposited gas
1133: //Store deposited gas for router interactions
1136: //Action Recipient
1139: //Get Action Flag
1142: //DEPOSIT FLAG: 0 (No settlement)
1144: //Get Settlement Nonce
1147: //Check if tx has already been executed
1150: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1161: //Update tx state as executed
1164: //DEPOSIT FLAG: 1 (Single Asset Settlement)
1166: //Get Settlement Nonce
1169: //Check if tx has already been executed
1172: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1176: //Try to execute remote request
1185: //Update tx state as executed
1188: //DEPOSIT FLAG: 2 (Multiple Settlement)
1190: //Get deposit nonce
1193: //Check if tx has already been executed
1196: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1200: //Try to execute remote request
1209: //Update tx state as executed
1212: //Unrecognized Function Selector
1215: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1222: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1233: //Get Initial Gas Checkpoint
1236: //Save Flag
1239: //Save memory for Deposit Nonce
1244: //Check nonce calldata slice.
1247: //Make tokens available to depositor.
1252: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1261: //Make tokens available to depositor.
1266: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1273: //Save nonce
1276: //Make tokens available to depositor.
1281: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1288: //Save nonce
1293: //Make tokens available to depositor.
1298: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1303: //Unrecognized Function Selector
There are 20 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
24: uint256 internal constant week = 86400 * 7;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L24
File: governance/GovernorBravoDelegateMaia.sol
18: uint256 public constant MIN_VOTING_PERIOD = 80640; // About 2 weeks
21: uint256 public constant MAX_VOTING_PERIOD = 161280; // About 4 weeks
24: uint256 public constant MIN_VOTING_DELAY = 40320; // About 1 weeks
27: uint256 public constant MAX_VOTING_DELAY = 80640; // About 2 weeks
File: talos/boost-aggregator/BoostAggregator.sol
56: uint256 private constant DIVISIONER = 10000;
File: ulysses-amm/UlyssesPool.sol
360: mstore(0x00, 0x87138d5c)
591: mstore(0x00, 0x35278d12)
647: mstore(0x00, 0x35278d12)
663: mstore(0x00, 0x35278d12)
1102: mstore(0x00, 0x3c930918)
1156: mstore(0x00, 0x3c930918)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L360
File: maia/libraries/DateTimeLib.sol
12: /// timestamp | 0..0x1e18549868c76ff | Unix timestamp. |
13: /// epochDay | 0..0x16d3e098039 | Days since 1970-01-01. |
40: uint256 epochDay = timestamp / 86400;
44: epochDay := add(epochDay, 719468)
45: let doe := mod(epochDay, 146097)
46: let yoe := div(sub(sub(add(doe, div(doe, 36524)), div(doe, 1460)), eq(doe, 146096)), 365)
57: uint256 day = timestamp / 86400;
58: startOfDay = day * 86400;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L12
TODOs may signal that a feature is missing or not ready for audit, consider resolving the issue and removing the TODO comment.
There are 2 instances of this issue:
File: uni-v3-staker/libraries/NFTPositionInfo.sol
9: // TODO: The INIT_CODE_HASH needs to be updated to the values that are live on the chain of it's deployment.
File: erc-4626/ERC4626DepositOnly.sol
74: /// TODO: @inheritdoc IERC4626DepositOnly
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L74
There are 183 instances of this issue:
File: erc-20/ERC20Boost.sol
27: mapping(address => mapping(address => GaugeState)) public override getUserGaugeBoost;
30: mapping(address => uint256) public override getUserBoost;
30: mapping(address => uint256) public override getUserBoost;
32: mapping(address => EnumerableSet.AddressSet) internal _userGauges;
32: mapping(address => EnumerableSet.AddressSet) internal _userGauges;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L27
File: erc-20/ERC20Gauges.sol
44: mapping(address => mapping(address => uint112)) public override getUserGaugeWeight;
48: mapping(address => uint112) public override getUserWeight;
48: mapping(address => uint112) public override getUserWeight;
52: mapping(address => Weight) internal _getGaugeWeight;
52: mapping(address => Weight) internal _getGaugeWeight;
57: mapping(address => EnumerableSet.AddressSet) internal _userGauges;
57: mapping(address => EnumerableSet.AddressSet) internal _userGauges;
394: mapping(address => bool) public override canContractExceedMaxGauges;
394: mapping(address => bool) public override canContractExceedMaxGauges;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L44
File: erc-20/ERC20MultiVotes.sol
28: mapping(address => Checkpoint[]) private _checkpoints;
28: mapping(address => Checkpoint[]) private _checkpoints;
92: mapping(address => bool) public override canContractExceedMaxDelegates;
92: mapping(address => bool) public override canContractExceedMaxDelegates;
116: mapping(address => mapping(address => uint256)) private _delegatesVotesCount;
119: mapping(address => uint256) public userDelegatedVotes;
119: mapping(address => uint256) public userDelegatedVotes;
122: mapping(address => EnumerableSet.AddressSet) private _delegates;
122: mapping(address => EnumerableSet.AddressSet) private _delegates;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L28
File: erc-4626/ERC4626MultiToken.sol
28: mapping(address => uint256) public assetId;
28: mapping(address => uint256) public assetId;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L28
File: gauges/BaseV2Gauge.sol
34: mapping(FlywheelCore => bool) public override isActive;
34: mapping(FlywheelCore => bool) public override isActive;
37: mapping(FlywheelCore => bool) public override added;
37: mapping(FlywheelCore => bool) public override added;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L34
File: gauges/factories/BaseV2GaugeFactory.sol
35: mapping(BaseV2Gauge => uint256) public override gaugeIds;
35: mapping(BaseV2Gauge => uint256) public override gaugeIds;
38: mapping(BaseV2Gauge => bool) public override activeGauges;
38: mapping(BaseV2Gauge => bool) public override activeGauges;
41: mapping(address => BaseV2Gauge) public override strategyGauges;
41: mapping(address => BaseV2Gauge) public override strategyGauges;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L35
File: gauges/factories/BaseV2GaugeManager.sol
31: mapping(BaseV2GaugeFactory => uint256) public gaugeFactoryIds;
31: mapping(BaseV2GaugeFactory => uint256) public gaugeFactoryIds;
34: mapping(BaseV2GaugeFactory => bool) public activeGaugeFactories;
34: mapping(BaseV2GaugeFactory => bool) public activeGaugeFactories;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L31
File: gauges/factories/BribesFactory.sol
31: mapping(FlywheelCore => uint256) public bribeFlywheelIds;
31: mapping(FlywheelCore => uint256) public bribeFlywheelIds;
34: mapping(FlywheelCore => bool) public activeBribeFlywheels;
34: mapping(FlywheelCore => bool) public activeBribeFlywheels;
37: mapping(address => FlywheelCore) public flywheelTokens;
37: mapping(address => FlywheelCore) public flywheelTokens;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L31
File: governance/GovernorBravoInterfaces.sol
99: mapping(uint256 => Proposal) public proposals;
99: mapping(uint256 => Proposal) public proposals;
102: mapping(address => uint256) public latestProposalIds;
102: mapping(address => uint256) public latestProposalIds;
162: mapping(address => uint256) public whitelistAccountExpirations;
162: mapping(address => uint256) public whitelistAccountExpirations;
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L99
File: hermes/UtilityManager.sol
31: mapping(address => uint256) public userClaimedWeight;
31: mapping(address => uint256) public userClaimedWeight;
33: mapping(address => uint256) public userClaimedBoost;
33: mapping(address => uint256) public userClaimedBoost;
35: mapping(address => uint256) public userClaimedGovernance;
35: mapping(address => uint256) public userClaimedGovernance;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L31
File: maia/factories/PartnerManagerFactory.sol
26: mapping(PartnerManager => uint256) public override partnerIds;
26: mapping(PartnerManager => uint256) public override partnerIds;
29: mapping(IBaseVault => uint256) public override vaultIds;
29: mapping(IBaseVault => uint256) public override vaultIds;
File: maia/PartnerUtilityManager.sol
25: mapping(address => uint256) public userClaimedPartnerGovernance;
25: mapping(address => uint256) public userClaimedPartnerGovernance;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L25
File: out-of-scope/governance/GovernorBravoInterfaces.sol
99: mapping(uint256 => Proposal) public proposals;
99: mapping(uint256 => Proposal) public proposals;
102: mapping(address => uint256) public latestProposalIds;
102: mapping(address => uint256) public latestProposalIds;
162: mapping(address => uint256) public whitelistAccountExpirations;
162: mapping(address => uint256) public whitelistAccountExpirations;
File: rewards/base/FlywheelCore.sol
29: mapping(ERC20 => uint256) public override strategyIds;
29: mapping(ERC20 => uint256) public override strategyIds;
61: mapping(address => uint256) public override rewardsAccrued;
61: mapping(address => uint256) public override rewardsAccrued;
150: mapping(ERC20 => uint256) public strategyIndex;
150: mapping(ERC20 => uint256) public strategyIndex;
153: mapping(ERC20 => mapping(address => uint256)) public userIndex;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L29
File: rewards/depots/MultiRewardsDepot.sol
16: mapping(address => address) private _assets;
16: mapping(address => address) private _assets;
19: mapping(address => bool) private _isRewardsContract;
19: mapping(address => bool) private _isRewardsContract;
22: mapping(address => bool) private _isAsset;
22: mapping(address => bool) private _isAsset;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L16
File: rewards/rewards/FlywheelBribeRewards.sol
19: mapping(ERC20 => RewardsDepot) public override rewardsDepots;
19: mapping(ERC20 => RewardsDepot) public override rewardsDepots;
File: rewards/rewards/FlywheelGaugeRewards.sol
41: mapping(ERC20 => QueuedRewards) public override gaugeQueuedRewards;
41: mapping(ERC20 => QueuedRewards) public override gaugeQueuedRewards;
File: talos/boost-aggregator/BoostAggregator.sol
38: mapping(address => address) public userToRewardsDepot;
38: mapping(address => address) public userToRewardsDepot;
41: mapping(uint256 => address) public tokenIdToUser;
41: mapping(uint256 => address) public tokenIdToUser;
44: mapping(uint256 => uint256) public tokenIdRewards;
44: mapping(uint256 => uint256) public tokenIdRewards;
47: mapping(address => bool) public whitelistedAddresses;
47: mapping(address => bool) public whitelistedAddresses;
File: talos/factories/BoostAggregatorFactory.sol
27: mapping(BoostAggregator => uint256) public boostAggregatorIds;
27: mapping(BoostAggregator => uint256) public boostAggregatorIds;
File: talos/factories/OptimizerFactory.sol
16: mapping(TalosOptimizer => uint256) public optimizerIds;
16: mapping(TalosOptimizer => uint256) public optimizerIds;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L16
File: talos/factories/TalosBaseStrategyFactory.sol
31: mapping(TalosBaseStrategy => uint256) public strategyIds;
31: mapping(TalosBaseStrategy => uint256) public strategyIds;
File: ulysses-amm/factories/UlyssesFactory.sol
54: mapping(uint256 => UlyssesPool) public pools;
54: mapping(uint256 => UlyssesPool) public pools;
57: mapping(uint256 => UlyssesToken) public tokens;
57: mapping(uint256 => UlyssesToken) public tokens;
File: ulysses-amm/UlyssesPool.sol
33: mapping(uint256 => uint256) public destinations;
33: mapping(uint256 => uint256) public destinations;
36: mapping(address => uint256) public destinationIds;
36: mapping(address => uint256) public destinationIds;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L33
File: ulysses-amm/UlyssesRouter.sol
14: mapping(uint256 => UlyssesPool) private pools;
14: mapping(uint256 => UlyssesPool) private pools;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L14
File: ulysses-omnichain/BranchBridgeAgent.sol
121: mapping(uint32 => Deposit) public getDeposit;
121: mapping(uint32 => Deposit) public getDeposit;
128: mapping(uint32 => bool) public executionHistory;
128: mapping(uint32 => bool) public executionHistory;
File: ulysses-omnichain/BranchPort.sol
26: mapping(address => bool) public isBridgeAgent;
26: mapping(address => bool) public isBridgeAgent;
39: mapping(address => bool) public isBridgeAgentFactory;
39: mapping(address => bool) public isBridgeAgentFactory;
53: mapping(address => bool) public isStrategyToken;
53: mapping(address => bool) public isStrategyToken;
62: mapping(address => uint256) public getStrategyTokenDebt;
62: mapping(address => uint256) public getStrategyTokenDebt;
65: mapping(address => uint256) public getMinimumTokenReserveRatio;
65: mapping(address => uint256) public getMinimumTokenReserveRatio;
70: mapping(address => mapping(address => bool)) public isPortStrategy;
79: mapping(address => mapping(address => uint256)) public getPortStrategyTokenDebt;
82: mapping(address => mapping(address => uint256)) public lastManaged;
85: mapping(address => mapping(address => uint256)) public strategyDailyLimitAmount;
88: mapping(address => mapping(address => uint256)) public strategyDailyLimitRemaining;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L26
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
37: mapping(address => address) public getBridgeAgentManager;
37: mapping(address => address) public getBridgeAgentManager;
File: ulysses-omnichain/RootBridgeAgent.sol
153: mapping(uint256 => address) public getBranchBridgeAgent;
153: mapping(uint256 => address) public getBranchBridgeAgent;
156: mapping(uint256 => bool) public isBranchBridgeAgentAllowed;
156: mapping(uint256 => bool) public isBranchBridgeAgentAllowed;
166: mapping(uint32 => Settlement) public getSettlement;
166: mapping(uint32 => Settlement) public getSettlement;
173: mapping(uint256 => mapping(uint32 => bool)) public executionHistory;
642: mapping(address => bool) private approvedGasPool;
642: mapping(address => bool) private approvedGasPool;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L153
File: ulysses-omnichain/RootPort.sol
46: mapping(address => VirtualAccount) public getUserAccount;
46: mapping(address => VirtualAccount) public getUserAccount;
50: mapping(VirtualAccount => mapping(address => bool)) public isRouterApproved;
57: mapping(uint256 => bool) public isChainId;
57: mapping(uint256 => bool) public isChainId;
60: mapping(address => bool) public isBridgeAgent;
60: mapping(address => bool) public isBridgeAgent;
69: mapping(address => address) public getBridgeAgentManager;
69: mapping(address => address) public getBridgeAgentManager;
76: mapping(address => bool) public isBridgeAgentFactory;
76: mapping(address => bool) public isBridgeAgentFactory;
89: mapping(address => bool) public isGlobalAddress;
89: mapping(address => bool) public isGlobalAddress;
92: mapping(address => mapping(uint256 => address)) public getGlobalTokenFromLocal;
95: mapping(address => mapping(uint256 => address)) public getLocalTokenFromGlobal;
98: mapping(address => mapping(uint256 => address)) public getLocalTokenFromUnder;
101: mapping(address => mapping(uint256 => address)) public getUnderlyingTokenFromLocal;
108: mapping(uint256 => address) public getWrappedNativeToken;
108: mapping(uint256 => address) public getWrappedNativeToken;
111: mapping(uint256 => GasPoolInfo) public getGasPoolInfo;
111: mapping(uint256 => GasPoolInfo) public getGasPoolInfo;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L46
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
27: mapping(uint256 => uint256) public getTokenBalance;
27: mapping(uint256 => uint256) public getTokenBalance;
File: uni-v3-staker/UniswapV3Staker.sol
33: mapping(address => IUniswapV3Pool) public gaugePool;
33: mapping(address => IUniswapV3Pool) public gaugePool;
36: mapping(IUniswapV3Pool => UniswapV3Gauge) public gauges;
36: mapping(IUniswapV3Pool => UniswapV3Gauge) public gauges;
39: mapping(IUniswapV3Pool => address) public bribeDepots;
39: mapping(IUniswapV3Pool => address) public bribeDepots;
42: mapping(IUniswapV3Pool => uint24) public poolsMinimumWidth;
42: mapping(IUniswapV3Pool => uint24) public poolsMinimumWidth;
45: mapping(bytes32 => Incentive) public override incentives;
45: mapping(bytes32 => Incentive) public override incentives;
48: mapping(uint256 => Deposit) public override deposits;
48: mapping(uint256 => Deposit) public override deposits;
51: mapping(address => mapping(IUniswapV3Pool => uint256)) private _userAttachements;
54: mapping(uint256 => mapping(bytes32 => Stake)) private _stakes;
57: mapping(uint256 => IncentiveKey) private stakedIncentiveKey;
57: mapping(uint256 => IncentiveKey) private stakedIncentiveKey;
80: mapping(address => uint256) public override rewards;
80: mapping(address => uint256) public override rewards;
83: mapping(uint256 => uint256) public tokenIdRewards;
83: mapping(uint256 => uint256) public tokenIdRewards;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L33
Source: https://docs.soliditylang.org/en/v0.8.17/style-guide.html#order-of-layout
There are 124 instances of this issue:
File: erc-20/ERC20Boost.sol
86: // @audit Function order is incorrect, external view function can not go after public view function (line 81)
87: function userGauges(address user) external view returns (address[] memory) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L86-L87
File: erc-20/ERC20Gauges.sol
39: // @audit Function order is incorrect, state variable declaration can not go after constructor (line 28)
40: uint32 public immutable override gaugeCycleLength;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L39-L40
File: erc-20/ERC20MultiVotes.sol
80: // @audit Function order is incorrect, internal pure function can not go after private view function (line 64)
81: function average(uint256 a, uint256 b) internal pure returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L80-L81
File: erc-20/interfaces/IERC20Boost.sol
140: // @audit Function order is incorrect, external function can not go after external view function (line 130)
141: function attach(address user) external;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L140-L141
File: erc-20/interfaces/IERC20Gauges.sol
170: // @audit Function order is incorrect, external function can not go after external view function (line 158)
171: function incrementGauge(address gauge, uint112 weight) external returns (uint112 newUserWeight);
File: erc-20/interfaces/IERC20MultiVotes.sol
81: // @audit Function order is incorrect, external function can not go after external view function (line 76)
82: function setMaxDelegates(uint256 newMax) external;
File: erc-4626/ERC4626MultiToken.sol
39: // @audit Function order is incorrect, constructor can not go after external view function (line 35)
40: constructor(address[] memory _assets, uint256[] memory _weights, string memory _name, string memory _symbol)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L39-L40
File: erc-4626/interfaces/IERC4626.sol
93: // @audit Function order is incorrect, event definition can not go after external view function (line 87)
94: event Deposit(address indexed caller, address indexed owner, uint256 assets, uint256 shares);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IERC4626.sol#L93-L94
File: erc-4626/interfaces/IERC4626DepositOnly.sol
16: // @audit Function order is incorrect, external function can not go after external view function (line 9)
17: function deposit(uint256 assets, address receiver) external returns (uint256 shares);
File: erc-4626/interfaces/IERC4626MultiToken.sol
50: // @audit Function order is incorrect, external function can not go after external view function (line 43)
51: function deposit(uint256[] calldata assetsAmounts, address receiver) external returns (uint256 shares);
File: erc-4626/interfaces/IUlyssesERC4626.sol
80: // @audit Function order is incorrect, custom error definition can not go after external view function (line 73)
81: error InvalidAssetDecimals();
File: gauges/BaseV2Gauge.sol
83: // @audit Function order is incorrect, external function can not go after external view function (line 74)
84: function newEpoch() external {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L83-L84
File: gauges/factories/BaseV2GaugeFactory.sol
73: // @audit Function order is incorrect, external function can not go after external view function (line 64)
74: function newEpoch() external {
File: gauges/factories/BaseV2GaugeManager.sol
60: // @audit Function order is incorrect, external function can not go after external view function (line 51)
61: function newEpoch() external {
File: gauges/factories/BribesFactory.sol
72: // @audit Function order is incorrect, external function can not go after external view function (line 63)
73: function addGaugetoFlywheel(address gauge, address bribeToken) external onlyGaugeFactory {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L72-L73
File: gauges/factories/UniswapV3GaugeFactory.sol
98: // @audit Function order is incorrect, external function can not go after internal function (line 89)
99: function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {
File: gauges/interfaces/IBaseV2Gauge.sol
82: // @audit Function order is incorrect, external function can not go after external view function (line 74)
83: function newEpoch() external;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2Gauge.sol#L82-L83
File: gauges/interfaces/IBaseV2GaugeFactory.sol
79: // @audit Function order is incorrect, external function can not go after external view function (line 72)
80: function newEpoch() external;
File: gauges/interfaces/IBaseV2GaugeManager.sol
49: // @audit Function order is incorrect, external function can not go after external view function (line 42)
50: function newEpoch() external;
File: gauges/interfaces/IBribesFactory.sol
49: // @audit Function order is incorrect, external function can not go after external view function (line 37)
50: function addGaugetoFlywheel(address gauge, address bribeToken) external;
File: gauges/interfaces/IUniswapV3Gauge.sol
68: // @audit Function order is incorrect, event definition can not go after external view function (line 61)
69: event NewMinimumWidth(uint24 minimumWidth);
File: gauges/interfaces/IUniswapV3GaugeFactory.sol
60: // @audit Function order is incorrect, external function can not go after external view function (line 53)
61: function setMinimumWidth(address gauge, uint24 minimumWidth) external;
File: gauges/UniswapV3Gauge.sol
62: // @audit Function order is incorrect, external function can not go after internal function (line 53)
63: function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62-L63
File: governance/GovernorBravoDelegateMaia.sol
104: // @audit Function order is incorrect, public function can not go after public view function (line 91)
105: function propose(
File: governance/GovernorBravoDelegator.sol
71: // @audit Function order is incorrect, fallback function can not go after internal function (line 59)
72: fallback() external payable {
File: governance/GovernorBravoInterfaces.sol
105: // @audit Function order is incorrect, struct definition can not go after state variable declaration (line 103)
106: struct Proposal {
169: // @audit Function order is incorrect, interface can not go after contract definition (line 161)
170: interface TimelockInterface {
172: // @audit Function order is incorrect, external function can not go after external view function (line 171)
173: function acceptAdmin() external;
File: hermes/bHermes.sol
69: // @audit Function order is incorrect, modifier definition can not go after constructor (line 55)
70: modifier checkWeight(uint256 amount) override {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L69-L70
File: hermes/interfaces/IBaseV2Minter.sol
52: // @audit Function order is incorrect, external function can not go after external view function (line 45)
53: function initialize(FlywheelGaugeRewards _flywheelGaugeRewards) external;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L52-L53
File: hermes/interfaces/IbHermesUnderlying.sol
54: // @audit Function order is incorrect, external function can not go after external view function (line 47)
55: function mint(address to, uint256 amount) external;
File: hermes/interfaces/IUtilityManager.sol
42: // @audit Function order is incorrect, external function can not go after external view function (line 35)
43: function forfeitMultiple(uint256 amount) external;
File: hermes/minters/BaseV2Minter.sol
123: // @audit Function order is incorrect, public function can not go after public view function (line 118)
124: function updatePeriod() public returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L123-L124
File: hermes/tokens/bHermesBoost.sol
32: // @audit Function order is incorrect, modifier definition can not go after external function (line 28)
33: modifier onlybHermes() {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L32-L33
File: hermes/tokens/bHermesGauges.sol
39: // @audit Function order is incorrect, modifier definition can not go after external function (line 35)
40: modifier onlybHermes() {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L39-L40
File: hermes/tokens/bHermesVotes.sol
39: // @audit Function order is incorrect, modifier definition can not go after external function (line 35)
40: modifier onlybHermes() {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L39-L40
File: hermes/UtilityManager.sol
141: // @audit Function order is incorrect, modifier definition can not go after public function (line 128)
142: modifier checkWeight(uint256 amount) virtual;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L141-L142
File: maia/factories/PartnerManagerFactory.sol
58: // @audit Function order is incorrect, external function can not go after external view function (line 49)
59: function addPartner(PartnerManager newPartnerManager) external onlyOwner {
File: maia/interfaces/IERC4626PartnerManager.sol
36: // @audit Function order is incorrect, external function can not go after external view function (line 28)
37: function updateUnderlyingBalance() external;
File: maia/interfaces/IPartnerManagerFactory.sol
44: // @audit Function order is incorrect, external function can not go after external view function (line 37)
45: function addPartner(PartnerManager newPartnerManager) external;
File: maia/interfaces/IPartnerUtilityManager.sol
31: // @audit Function order is incorrect, external function can not go after external view function (line 24)
32: function forfeitMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance, uint256 partnerGovernance)
File: maia/PartnerUtilityManager.sol
168: // @audit Function order is incorrect, modifier definition can not go after public function (line 158)
169: modifier checkPartnerGovernance(uint256 amount) virtual;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L168-L169
File: maia/tokens/ERC4626PartnerManager.sol
188: // @audit Function order is incorrect, external function can not go after public view function (line 179)
189: function migratePartnerVault(address newPartnerVault) external onlyOwner {
File: maia/vMaia.sol
67: // @audit Function order is incorrect, modifier definition can not go after constructor (line 48)
68: modifier checkWeight(uint256 amount) virtual override {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L67-L68
File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol
106: // @audit Function order is incorrect, public function can not go after public view function (line 93)
107: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol
106: // @audit Function order is incorrect, public function can not go after public view function (line 93)
107: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol
106: // @audit Function order is incorrect, public function can not go after public view function (line 93)
107: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol
106: // @audit Function order is incorrect, public function can not go after public view function (line 93)
107: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol
106: // @audit Function order is incorrect, public function can not go after public view function (line 93)
107: function propose(
File: out-of-scope/governance/GovernorBravoDelegator.sol
70: // @audit Function order is incorrect, fallback function can not go after internal function (line 58)
71: fallback() external payable {
File: out-of-scope/governance/GovernorBravoInterfaces.sol
105: // @audit Function order is incorrect, struct definition can not go after state variable declaration (line 103)
106: struct Proposal {
169: // @audit Function order is incorrect, interface can not go after contract definition (line 161)
170: interface TimelockInterface {
172: // @audit Function order is incorrect, external function can not go after external view function (line 171)
173: function acceptAdmin() external;
File: rewards/base/BaseFlywheelRewards.sol
43: // @audit Function order is incorrect, modifier definition can not go after constructor (line 31)
44: modifier onlyFlywheel() {
File: rewards/base/FlywheelCore.sol
62: // @audit Function order is incorrect, state variable declaration can not go after external view function (line 53)
63: mapping(address => uint256) public override rewardsAccrued;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L62-L63
File: rewards/depots/MultiRewardsDepot.sol
72: // @audit Function order is incorrect, modifier definition can not go after external function (line 57)
73: modifier onlyFlywheelRewards() override {
File: rewards/depots/RewardsDepot.sol
24: // @audit Function order is incorrect, modifier definition can not go after internal function (line 19)
25: modifier onlyFlywheelRewards() virtual;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L24-L25
File: rewards/depots/SingleRewardsDepot.sol
40: // @audit Function order is incorrect, modifier definition can not go after external function (line 32)
41: modifier onlyFlywheelRewards() override {
File: rewards/interfaces/IFlywheelAcummulatedRewards.sol
35: // @audit Function order is incorrect, external function can not go after external view function (line 24)
36: function getAccruedRewards(ERC20 strategy) external returns (uint256 amount);
File: rewards/interfaces/IFlywheelBribeRewards.sol
28: // @audit Function order is incorrect, external function can not go after external view function (line 22)
29: function setRewardsDepot(RewardsDepot rewardsDepot) external;
File: rewards/interfaces/IFlywheelCore.sol
57: // @audit Function order is incorrect, external function can not go after external view function (line 46)
58: function accrue(address user) external returns (uint256);
File: rewards/interfaces/IFlywheelGaugeRewards.sol
72: // @audit Function order is incorrect, external function can not go after external view function (line 59)
73: function queueRewardsForCycle() external returns (uint256 totalQueuedForCycle);
File: rewards/interfaces/IFlywheelRewards.sol
45: // @audit Function order is incorrect, custom error definition can not go after external view function (line 38)
46: error FlywheelError();
File: rewards/interfaces/IMultiRewardsDepot.sol
85: // @audit Function order is incorrect, event definition can not go after external function (line 74)
86: event AssetAdded(address indexed rewardsContract, address indexed asset);
File: rewards/interfaces/IRewardsDepot.sol
58: // @audit Function order is incorrect, custom error definition can not go after external function (line 51)
59: error FlywheelRewardsError();
File: rewards/rewards/FlywheelBribeRewards.sol
37: // @audit Function order is incorrect, external function can not go after internal function (line 32)
38: function setRewardsDepot(RewardsDepot rewardsDepot) external {
File: rewards/rewards/FlywheelGaugeRewards.sol
200: // @audit Function order is incorrect, external function can not go after internal function (line 169)
201: function getAccruedRewards() external returns (uint256 accruedRewards) {
File: talos/base/TalosBaseStrategy.sol
298: // @audit Function order is incorrect, external function can not go after public function (line 238)
299: function rerange() external virtual override nonReentrant checkDeviation onlyStrategyManager {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L298-L299
File: talos/boost-aggregator/BoostAggregator.sol
190: // @audit Function order is incorrect, modifier definition can not go after external function (line 180)
191: modifier onlyWhitelisted(address from) {
File: talos/factories/BoostAggregatorFactory.sol
51: // @audit Function order is incorrect, external function can not go after external view function (line 42)
52: function createBoostAggregator(address owner) external {
File: talos/factories/OptimizerFactory.sol
26: // @audit Function order is incorrect, constructor can not go after external view function (line 19)
27: constructor() {
File: talos/factories/TalosBaseStrategyFactory.sol
55: // @audit Function order is incorrect, external function can not go after external view function (line 46)
56: function createTalosBaseStrategy(
File: talos/interfaces/IBoostAggregator.sol
64: // @audit Function order is incorrect, external function can not go after external view function (line 54)
65: function setOwnRewardsDepot(address rewardsDepot) external;
File: talos/interfaces/IBoostAggregatorFactory.sol
53: // @audit Function order is incorrect, external function can not go after external view function (line 43)
54: function createBoostAggregator(address owner) external;
File: talos/interfaces/IOptimizerFactory.sol
38: // @audit Function order is incorrect, external function can not go after external view function (line 23)
39: function createTalosOptimizer(
File: talos/interfaces/ITalosBaseStrategy.sol
106: // @audit Function order is incorrect, external function can not go after external view function (line 98)
107: function init(uint256 amount0Desired, uint256 amount1Desired, address receiver)
File: talos/interfaces/ITalosBaseStrategyFactory.sol
58: // @audit Function order is incorrect, external function can not go after external view function (line 45)
59: function createTalosBaseStrategy(
File: talos/interfaces/ITalosOptimizer.sol
36: // @audit Function order is incorrect, external function can not go after external view function (line 26)
37: function setMaxTotalSupply(uint256 _maxTotalSupply) external;
File: talos/interfaces/ITalosStrategyStakedFactory.sol
38: // @audit Function order is incorrect, custom error definition can not go after external view function (line 31)
39: error InvalidNFTManager();
File: talos/libraries/PoolActions.sol
26: // @audit Function order is incorrect, struct definition can not go after event definition (line 23)
27: struct SwapCallbackData {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L26-L27
File: talos/libraries/PoolVariables.sol
31: // @audit Function order is incorrect, struct definition can not go after event definition (line 28)
32: struct Info {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L31-L32
File: talos/TalosManager.sol
91: // @audit Function order is incorrect, external view function can not go after private view function (line 78)
92: function checkUpkeep(bytes calldata) external view override returns (bool upkeepNeeded, bytes memory performData) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L91-L92
File: talos/TalosStrategyVanilla.sol
165: // @audit Function order is incorrect, event definition can not go after internal function (line 129)
166: event CollectFees(uint256 feesFromPool0, uint256 feesFromPool1, uint256 usersFees0, uint256 usersFees1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L165-L166
File: ulysses-amm/factories/UlyssesFactory.sol
49: // @audit Function order is incorrect, state variable declaration can not go after custom error definition (line 46)
50: uint256 public poolId = 1;
File: ulysses-amm/interfaces/IUlyssesPool.sol
138: // @audit Function order is incorrect, external function can not go after external view function (line 128)
139: function claimProtocolFees() external returns (uint256 claimed);
File: ulysses-amm/interfaces/IUlyssesRouter.sol
77: // @audit Function order is incorrect, external function can not go after external view function (line 68)
78: function addLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256);
File: ulysses-amm/interfaces/IUlyssesToken.sol
69: // @audit Function order is incorrect, custom error definition can not go after external function (line 62)
70: error AssetAlreadyAdded();
File: ulysses-amm/UlyssesPool.sol
112: // @audit Function order is incorrect, external view function can not go after public view function (line 107)
113: function getBandwidth(uint256 destinationId) external view returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L112-L113
File: ulysses-amm/UlyssesRouter.sol
49: // @audit Function order is incorrect, external function can not go after private function (line 31)
50: function addLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L49-L50
File: ulysses-amm/UlyssesToken.sol
44: // @audit Function order is incorrect, external function can not go after public view function (line 39)
45: function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L44-L45
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
142: // @audit Function order is incorrect, internal function can not go after internal pure function (line 134)
143: function _performCall(bytes memory _callData) internal override {
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
112: // @audit Function order is incorrect, external function can not go after internal function (line 75)
113: function anyExecuteNoSettlement(bytes calldata _data)
File: ulysses-omnichain/BaseBranchRouter.sol
58: // @audit Function order is incorrect, external payable function can not go after external view function (line 49)
59: function callOut(bytes calldata params, uint128 remoteExecutionGas) external payable lock {
File: ulysses-omnichain/BranchBridgeAgent.sol
183: // @audit Function order is incorrect, external payable function can not go after external view function (line 174)
184: function callOut(bytes calldata _params, uint128 _remoteExecutionGas) external payable lock requiresFallbackGas {
File: ulysses-omnichain/BranchPort.sol
158: // @audit Function order is incorrect, external function can not go after internal view function (line 149)
159: function manage(address _token, uint256 _amount) external requiresPortStrategy(_token) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L158-L159
File: ulysses-omnichain/CoreBranchRouter.sol
229: // @audit Function order is incorrect, external function can not go after internal function (line 206)
230: function anyExecuteNoSettlement(bytes calldata _data)
File: ulysses-omnichain/CoreRootRouter.sol
227: // @audit Function order is incorrect, external payable function can not go after internal function (line 208)
228: function toggleBranchBridgeAgentFactory(
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
75: // @audit Function order is incorrect, modifier definition can not go after external function (line 60)
76: modifier requiresCoreRouter() {
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
74: // @audit Function order is incorrect, modifier definition can not go after external function (line 54)
75: modifier requiresCoreRouter() {
File: ulysses-omnichain/interfaces/IAnycallConfig.sol
11: // @audit Function order is incorrect, external payable function can not go after external view function (line 9)
12: function deposit(address _account) external payable;
File: ulysses-omnichain/interfaces/IAnycallExecutor.sol
9: // @audit Function order is incorrect, external function can not go after external view function (line 7)
10: function execute(
File: ulysses-omnichain/interfaces/IAnycallProxy.sol
11: // @audit Function order is incorrect, external payable function can not go after external view function (line 9)
12: function anyCall(address _to, bytes calldata _data, uint256 _toChainID, uint256 _flags, bytes calldata _extdata)
File: ulysses-omnichain/interfaces/IArbitrumBranchPort.sol
45: // @audit Function order is incorrect, custom error definition can not go after external function (line 38)
46: error UnknownToken();
File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol
168: // @audit Function order is incorrect, external payable function can not go after external view function (line 155)
169: function callOut(bytes calldata params, uint128 remoteExecutionGas) external payable;
File: ulysses-omnichain/interfaces/IBranchPort.sol
56: // @audit Function order is incorrect, external function can not go after external view function (line 45)
57: function manage(address _token, uint256 _amount) external;
File: ulysses-omnichain/interfaces/IBranchRouter.sol
42: // @audit Function order is incorrect, external payable function can not go after external view function (line 29)
43: function callOut(bytes calldata params, uint128 rootExecutionGas) external payable;
File: ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol
28: // @audit Function order is incorrect, custom error definition can not go after external function (line 22)
29: error UnrecognizedCoreRouter();
File: ulysses-omnichain/interfaces/IERC20hTokenRoot.sol
47: // @audit Function order is incorrect, external function can not go after external view function (line 34)
48: function mint(address to, uint256 amount, uint256 chainId) external returns (bool);
File: ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol
28: // @audit Function order is incorrect, custom error definition can not go after external function (line 22)
29: error UnrecognizedCoreRouter();
File: ulysses-omnichain/interfaces/IPortStrategy.sol
29: // @audit Function order is incorrect, custom error definition can not go after external function (line 23)
30: error UnrecognizedPort();
File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol
213: // @audit Function order is incorrect, external payable function can not go after external view function (line 200)
214: function callOut(address _recipient, bytes memory _calldata, uint24 _toChain) external payable;
File: ulysses-omnichain/interfaces/IRootPort.sol
14: // @audit Function order is incorrect, type definition can not go after interface (line 8)
15: struct GasPoolInfo {
48: // @audit Function order is incorrect, external function can not go after external view function (line 45)
49: function isRouterApproved(VirtualAccount _userAccount, address _router) external returns (bool);
File: ulysses-omnichain/interfaces/IRootRouter.sol
121: // @audit Function order is incorrect, custom error definition can not go after external payable function (line 109)
122: error UnrecognizedBridgeAgentExecutor();
File: ulysses-omnichain/interfaces/IVirtualAccount.sol
35: // @audit Function order is incorrect, external function can not go after external view function (line 28)
36: function withdrawERC20(address _token, uint256 _amount) external;
File: ulysses-omnichain/interfaces/IWETH9.sol
11: // @audit Function order is incorrect, external function can not go after external view function (line 9)
12: function transfer(address dst, uint256 wad) external;
File: ulysses-omnichain/MulticallRootRouter.sol
166: // @audit Function order is incorrect, external payable function can not go after internal function (line 137)
167: function anyExecuteResponse(bytes1, bytes calldata, uint24)
File: ulysses-omnichain/RootBridgeAgent.sol
244: // @audit Function order is incorrect, external payable function can not go after external view function (line 235)
245: function retrySettlement(uint32 _settlementNonce, uint128 _remoteExecutionGas) external payable {
File: ulysses-omnichain/RootPort.sol
126: // @audit Function order is incorrect, state variable declaration can not go after constructor (line 114)
127: bool internal _setup;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L126-L127
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
57: // @audit Function order is incorrect, modifier definition can not go after constructor (line 38)
58: modifier requiresPort() {
File: ulysses-omnichain/VirtualAccount.sol
69: // @audit Function order is incorrect, modifier definition can not go after external pure function (line 60)
70: modifier requiresApprovedCaller() {
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
171: // @audit Function order is incorrect, external function can not go after external view function (line 162)
172: function createIncentiveFromGauge(uint256 reward) external;
File: uni-v3-staker/libraries/IncentiveTime.sol
13: // @audit Function order is incorrect, state variable declaration can not go after custom error definition (line 11)
14: uint256 private constant INCENTIVES_DURATION = 1 weeks; // Incentives are 1 week long and start at THURSDAY 12:00:00 UTC (00:00:00 UTC + 12 hours (INCENTIVE_OFFSET))
File: uni-v3-staker/UniswapV3Staker.sol
76: // @audit Function order is incorrect, external view function can not go after public view function (line 61)
77: function userAttachements(address user, IUniswapV3Pool pool) external view override returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L76-L77
There are 231 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
79: function average(uint256 a, uint256 b) internal pure returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L79
File: erc-4626/ERC4626.sol
170: function beforeWithdraw(uint256 assets, uint256 shares) internal virtual {}
172: function afterDeposit(uint256 assets, uint256 shares) internal virtual {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L170
File: erc-4626/ERC4626DepositOnly.sol
110: function afterDeposit(uint256 assets, uint256 shares) internal virtual {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L110
File: erc-4626/ERC4626MultiToken.sol
65: function receiveAssets(uint256[] memory assetsAmounts) private {
76: function sendAssets(uint256[] memory assetsAmounts, address receiver) private {
291: function beforeWithdraw(uint256[] memory assetsAmounts, uint256 shares) internal virtual {}
293: function afterDeposit(uint256[] memory assetsAmounts, uint256 shares) internal virtual {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L65
File: erc-4626/UlyssesERC4626.sol
128: function beforeDeposit(uint256 assets) internal virtual returns (uint256 shares);
131: function beforeMint(uint256 shares) internal virtual returns (uint256 assets);
134: function afterRedeem(uint256 shares) internal virtual returns (uint256 assets);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L128
File: gauges/BaseV2Gauge.sol
49: FlywheelCore[] private bribeFlywheels;
52: uint256 internal constant WEEK = 1 weeks;
97: function distribute(uint256 amount) internal virtual;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L49
File: gauges/factories/BaseV2GaugeFactory.sol
124: function afterCreateGauge(address strategy, bytes memory data) internal virtual;
126: function newGauge(address strategy, bytes memory data) internal virtual returns (BaseV2Gauge gauge);
File: gauges/factories/BribesFactory.sol
25: FlywheelBoosterGaugeWeight private immutable flywheelGaugeWeightBooster;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L25
File: gauges/factories/UniswapV3GaugeFactory.sol
75: function newGauge(address strategy, bytes memory data) internal override returns (BaseV2Gauge) {
88: function afterCreateGauge(address strategy, bytes memory) internal override {
File: gauges/UniswapV3Gauge.sol
52: function distribute(uint256 amount) internal override {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L52
File: governance/GovernorBravoDelegateMaia.sol
189: function queueOrRevertInternal(
360: function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {
396: function _setVotingDelay(uint256 newVotingDelay) external {
412: function _setVotingPeriod(uint256 newVotingPeriod) external {
429: function _setProposalThreshold(uint256 newProposalThreshold) external {
446: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
460: function _setWhitelistGuardian(address account) external {
473: function _initiate(address governorAlpha) external {
486: function _setPendingAdmin(address newPendingAdmin) external {
504: function _acceptAdmin() external {
524: function add256(uint256 a, uint256 b) internal pure returns (uint256) {
530: function sub256(uint256 a, uint256 b) internal pure returns (uint256) {
535: function getChainIdInternal() internal view returns (uint256) {
File: governance/GovernorBravoDelegator.sol
40: function _setImplementation(address implementation_) public {
58: function delegateTo(address callee, bytes memory data) internal {
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L40
File: hermes/minters/BaseV2Minter.sol
23: uint256 internal constant week = 86400 * 7;
25: uint256 internal constant base = 1000;
27: uint256 internal constant max_tail_emission = 100;
28: uint256 internal constant max_dao_share = 300;
50: address internal initializer;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L23
File: maia/vMaia.sol
33: uint256 private currentMonth;
34: uint256 private unstakePeriodEnd;
101: function beforeWithdraw(uint256, uint256) internal override {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L33
File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol
191: function queueOrRevertInternal(
362: function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
526: function add256(uint256 a, uint256 b) internal pure returns (uint256) {
532: function sub256(uint256 a, uint256 b) internal pure returns (uint256) {
537: function getChainIdInternal() internal view returns (uint256) {
File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol
191: function queueOrRevertInternal(
362: function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
526: function add256(uint256 a, uint256 b) internal pure returns (uint256) {
532: function sub256(uint256 a, uint256 b) internal pure returns (uint256) {
537: function getChainIdInternal() internal view returns (uint256) {
File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol
191: function queueOrRevertInternal(
362: function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
526: function add256(uint256 a, uint256 b) internal pure returns (uint256) {
532: function sub256(uint256 a, uint256 b) internal pure returns (uint256) {
537: function getChainIdInternal() internal view returns (uint256) {
File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol
191: function queueOrRevertInternal(
362: function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
526: function add256(uint256 a, uint256 b) internal pure returns (uint256) {
532: function sub256(uint256 a, uint256 b) internal pure returns (uint256) {
537: function getChainIdInternal() internal view returns (uint256) {
File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol
191: function queueOrRevertInternal(
362: function castVoteInternal(address voter, uint256 proposalId, uint8 support) internal returns (uint96) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
526: function add256(uint256 a, uint256 b) internal pure returns (uint256) {
532: function sub256(uint256 a, uint256 b) internal pure returns (uint256) {
537: function getChainIdInternal() internal view returns (uint256) {
File: out-of-scope/governance/GovernorBravoDelegator.sol
39: function _setImplementation(address implementation_) public {
57: function delegateTo(address callee, bytes memory data) internal {
File: rewards/base/FlywheelCore.sol
147: uint256 private constant ONE = 1e18;
156: function accrueStrategy(ERC20 strategy, uint256 state) private returns (uint256 rewardsIndex) {
180: function accrueUser(ERC20 strategy, address user, uint256 index) private returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L147
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
41: bHermesGauges private immutable bhermes;
File: rewards/depots/RewardsDepot.sol
18: function transferRewards(address _asset, address _rewardsContract) internal returns (uint256 balance) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L18
File: rewards/depots/SingleRewardsDepot.sol
12: address private immutable asset;
15: address private immutable rewardsContract;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L12
File: rewards/rewards/FlywheelAcummulatedRewards.sol
59: function getNextCycleRewards(ERC20 strategy) internal virtual returns (uint256);
File: rewards/rewards/FlywheelBribeRewards.sol
31: function getNextCycleRewards(ERC20 strategy) internal override returns (uint256) {
File: rewards/rewards/FlywheelGaugeRewards.sol
44: uint32 internal nextCycle;
47: uint112 internal nextCycleQueuedRewards;
50: uint32 internal paginationOffset;
File: talos/base/TalosBaseStrategy.sol
76: uint24 internal constant MULTIPLIER = 1e6;
372: function beforeDeposit(uint256 _tokenId, address _receiver) internal virtual;
374: function afterDeposit(uint256 _tokenId) internal virtual;
376: function beforeRedeem(uint256 _tokenId, address _owner) internal virtual;
378: function afterRedeem(uint256 _tokenId) internal virtual;
380: function beforeRerange(uint256 _tokenId) internal virtual;
382: function afterRerange(uint256 _tokenId) internal virtual;
384: function doRerange() internal virtual returns (uint256 amount0, uint256 amount1);
386: function doRebalance() internal virtual returns (uint256 amount0, uint256 amount1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L76
File: talos/boost-aggregator/BoostAggregator.sol
55: uint256 private constant DIVISIONER = 10000;
File: talos/factories/TalosBaseStrategyFactory.sol
71: function createTalosV3Strategy(
File: talos/factories/TalosStrategyStakedFactory.sol
61: function createTalosV3Strategy(
File: talos/factories/TalosStrategyVanillaFactory.sol
32: function createTalosV3Strategy(
File: talos/libraries/PoolActions.sol
89: function getThisPositionTicks(
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L89
File: talos/libraries/PoolVariables.sol
22: uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)
167: function baseTicks(int24 currentTick, int24 baseThreshold, int24 tickSpacing)
206: function getTwap(IUniswapV3Pool pool, uint32 twapDuration) private view returns (int24) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L22
File: talos/strategies/TalosStrategySimple.sol
29: function doRerange() internal override returns (uint256 amount0, uint256 amount1) {
35: function doRebalance() internal override returns (uint256 amount0, uint256 amount1) {
File: talos/TalosManager.sol
65: function getRebalance(ITalosBaseStrategy position) private view returns (bool) {
77: function getRerange(ITalosBaseStrategy position) private view returns (bool) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L65
File: talos/TalosStrategyStaked.sol
51: bool private stakeFlag = false;
100: function beforeRedeem(uint256 _tokenId, address _owner) internal override {
107: function afterRedeem(uint256 _tokenId) internal override {
113: function beforeDeposit(uint256 _tokenId, address _receiver) internal override {
120: function afterDeposit(uint256 _tokenId) internal override {
126: function beforeRerange(uint256 _tokenId) internal override {
133: function afterRerange(uint256 _tokenId) internal override {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L51
File: talos/TalosStrategyVanilla.sol
46: uint24 private constant protocolFee = 2 * 1e5; //20%
47: uint24 private constant GLOBAL_DIVISIONER = 1e6;
71: function beforeRedeem(uint256 _tokenId, address) internal override {
78: function afterRedeem(uint256 _tokenId) internal override {}
82: function beforeDeposit(uint256 _tokenId, address) internal override {
89: function afterDeposit(uint256 _tokenId) internal override {}
93: function beforeRerange(uint256 _tokenId) internal override {
99: function afterRerange(uint256 _tokenId) internal override {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L46
File: ulysses-amm/UlyssesPool.sol
42: uint256 private constant MIN_SWAP_AMOUNT = 1e4;
45: uint256 private constant MAX_TOTAL_WEIGHT = 256;
48: uint256 private constant MAX_DESTINATIONS = 15;
51: uint256 private constant MAX_PROTOCOL_FEE = 1e16;
54: uint256 private constant MAX_LAMBDA1 = 1e17;
57: uint256 private constant MIN_SIGMA2 = 1e16;
64: uint256 private constant DIVISIONER = 1 ether;
344: function getBandwidthUpdateAmounts(
538: function updateBandwidth(
841: function calcFee(
892: function ulyssesSwap(uint256 assets) private returns (uint256 output) {
941: function ulyssesAddLP(uint256 amount, bool depositFees) private returns (uint256 output) {
1025: function ulyssesRemoveLP(uint256 shares) private returns (uint256 assets) {
1199: function beforeDeposit(uint256 assets) internal override returns (uint256 shares) {
1208: function beforeMint(uint256 shares) internal override returns (uint256 assets) {
1217: function afterRedeem(uint256 shares) internal override returns (uint256 assets) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L42
File: ulysses-amm/UlyssesRouter.sol
14: mapping(uint256 => UlyssesPool) private pools;
30: function getUlyssesLP(uint256 id) private returns (UlyssesPool ulysses) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L14
File: ulysses-amm/UlyssesToken.sol
109: function updateAssetBalances() internal {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L109
File: ulysses-omnichain/BranchBridgeAgent.sol
67: uint8 internal constant PARAMS_START = 1;
69: uint8 internal constant PARAMS_START_SIGNED = 21;
71: uint8 internal constant PARAMS_ENTRY_SIZE = 32;
73: uint8 internal constant PARAMS_GAS_OUT = 16;
77: uint8 internal constant PARAMS_TKN_START = 5;
79: uint8 internal constant PARAMS_AMT_OFFSET = 64;
81: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
136: uint256 internal constant MIN_FALLBACK_RESERVE = 185_000; // 100_000 for anycall + 85_000 fallback execution overhead
137: uint256 internal constant MIN_EXECUTION_OVERHEAD = 160_000; // 100_000 for anycall + 35_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Executions
138: uint256 internal constant TRANSFER_OVERHEAD = 24_000;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L67
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
31: uint8 internal constant PARAMS_START = 1;
33: uint8 internal constant PARAMS_START_SIGNED = 21;
35: uint8 internal constant PARAMS_END_SIGNED_OFFSET = 26;
37: uint8 internal constant PARAMS_ENTRY_SIZE = 32;
39: uint8 internal constant PARAMS_ADDRESS_SIZE = 20;
41: uint8 internal constant PARAMS_TKN_SET_SIZE = 128;
43: uint8 internal constant PARAMS_GAS_OUT = 16;
47: uint8 internal constant PARAMS_TKN_START = 5;
49: uint8 internal constant PARAMS_AMT_OFFSET = 64;
51: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
File: ulysses-omnichain/BranchPort.sol
90: uint256 internal constant DIVISIONER = 1e4;
91: uint256 internal constant MIN_RESERVE_RATIO = 3e3;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L90
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
15: address immutable localPortAddress;
18: address localCoreRouterAddress;
File: ulysses-omnichain/RootBridgeAgent.sol
99: uint8 internal constant PARAMS_START = 1;
101: uint8 internal constant PARAMS_START_SIGNED = 21;
103: uint8 internal constant PARAMS_ADDRESS_SIZE = 20;
105: uint8 internal constant PARAMS_GAS_IN = 32;
107: uint8 internal constant PARAMS_GAS_OUT = 16;
111: uint8 internal constant PARAMS_TKN_START = 5;
113: uint8 internal constant PARAMS_AMT_OFFSET = 64;
115: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
179: uint256 internal constant MIN_FALLBACK_RESERVE = 155_000; // 100_000 for anycall + 55_000 for fallback
180: uint256 internal constant MIN_EXECUTION_OVERHEAD = 155_000; // 100_000 for anycall + 30_000 Pre 1st Gas Checkpoint Execution + 25_000 Post last Gas Checkpoint Execution
639: uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)
642: mapping(address => bool) private approvedGasPool;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L99
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
32: uint8 internal constant PARAMS_START = 1;
34: uint8 internal constant PARAMS_START_SIGNED = 21;
36: uint8 internal constant PARAMS_END_OFFSET = 9;
38: uint8 internal constant PARAMS_END_SIGNED_OFFSET = 29;
40: uint8 internal constant PARAMS_ENTRY_SIZE = 32;
42: uint8 internal constant PARAMS_ADDRESS_SIZE = 20;
44: uint8 internal constant PARAMS_TKN_SET_SIZE = 104;
46: uint8 internal constant PARAMS_TKN_SET_SIZE_MULTIPLE = 128;
48: uint8 internal constant PARAMS_GAS_IN = 32;
50: uint8 internal constant PARAMS_GAS_OUT = 16;
54: uint8 internal constant PARAMS_TKN_START = 5;
56: uint8 internal constant PARAMS_AMT_OFFSET = 64;
58: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
File: ulysses-omnichain/RootPort.sol
292: function mint(address _to, address _hToken, uint256 _amount, uint24 _fromChain) internal {
348: function addVirtualAccount(address _user) internal returns (VirtualAccount newAccount) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L292
File: uni-v3-staker/libraries/IncentiveTime.sol
12: uint256 private constant INCENTIVES_DURATION = 1 weeks; // Incentives are 1 week long and start at THURSDAY 12:00:00 UTC (00:00:00 UTC + 12 hours (INCENTIVE_OFFSET))
14: uint256 private constant INCENTIVES_OFFSET = 12 hours;
File: uni-v3-staker/UniswapV3Staker.sol
57: mapping(uint256 => IncentiveKey) private stakedIncentiveKey;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L57
There are 5 instances of this issue:
File: erc-20/interfaces/IERC20Boost.sol
224: event DecrementUserGaugeBoost(address indexed user, address indexed gauge, uint256 UpdatedBoost);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L224
File: hermes/interfaces/IBaseV2Minter.sol
61: function setTailEmission(uint256 _tail_emission) external;
73: function setDaoShare(uint256 _dao_share) external;
108: event Mint(address indexed sender, uint256 weekly, uint256 circulatingSupply, uint256 growth, uint256 dao_share);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L61
File: hermes/minters/BaseV2Minter.sol
97: function setTailEmission(uint256 _tail_emission) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L97
There are 6 instances of this issue:
File: erc-20/interfaces/IERC20Boost.sol
224: event DecrementUserGaugeBoost(address indexed user, address indexed gauge, uint256 UpdatedBoost);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L224
File: hermes/interfaces/IBaseV2Minter.sol
61: function setTailEmission(uint256 _tail_emission) external;
73: function setDaoShare(uint256 _dao_share) external;
108: event Mint(address indexed sender, uint256 weekly, uint256 circulatingSupply, uint256 growth, uint256 dao_share);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L61
File: hermes/minters/BaseV2Minter.sol
97: function setTailEmission(uint256 _tail_emission) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L97
File: talos/TalosStrategyVanilla.sol
116: uint24 _GLOBAL_DIVISIONER = GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L116
Check that all public or external functions are override. This is iseful to make sure that the whole API is extracted in an interface.
There are 367 instances of this issue:
File: gauges/factories/BaseV2GaugeManager.sol
50: function getGaugeFactories() external view returns (BaseV2GaugeFactory[] memory) {
59: function newEpoch() external {
73: function newEpoch(uint256 start, uint256 end) external {
93: function addGauge(address gauge) external onlyActiveGaugeFactory {
99: function removeGauge(address gauge) external onlyActiveGaugeFactory {
109: function addGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {
120: function removeGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {
136: function changebHermesGaugeOwner(address newOwner) external onlyAdmin {
144: function changeAdmin(address newAdmin) external onlyAdmin {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L50
File: gauges/factories/BribesFactory.sol
62: function getBribeFlywheels() external view returns (FlywheelCore[] memory) {
71: function addGaugetoFlywheel(address gauge, address bribeToken) external onlyGaugeFactory {
78: function createBribeFlywheel(address bribeToken) public {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L62
File: gauges/factories/UniswapV3GaugeFactory.sol
97: function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {
File: gauges/UniswapV3Gauge.sol
61: function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L61
File: governance/GovernorBravoDelegateMaia.sol
55: function initialize(
86: function getProposalThresholdAmount() public view returns (uint256) {
90: function getQuorumVotesAmount() public view returns (uint256) {
103: function propose(
173: function queue(uint256 proposalId) external {
207: function execute(uint256 proposalId) external payable {
226: function cancel(uint256 proposalId) external {
267: function getActions(uint256 proposalId)
287: function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {
296: function state(uint256 proposalId) public view returns (ProposalState) {
325: function castVote(uint256 proposalId, uint8 support) external {
335: function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {
343: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {
388: function isWhitelisted(address account) public view returns (bool) {
396: function _setVotingDelay(uint256 newVotingDelay) external {
412: function _setVotingPeriod(uint256 newVotingPeriod) external {
429: function _setProposalThreshold(uint256 newProposalThreshold) external {
446: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
460: function _setWhitelistGuardian(address account) external {
473: function _initiate(address governorAlpha) external {
486: function _setPendingAdmin(address newPendingAdmin) external {
504: function _acceptAdmin() external {
File: governance/GovernorBravoDelegator.sol
7: constructor(
40: function _setImplementation(address implementation_) public {
70: fallback() external payable {
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L7
File: hermes/bHermes.sol
95: function claimOutstanding() public virtual {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L95
File: hermes/minters/BaseV2Minter.sol
68: fallback() external {
77: function initialize(FlywheelGaugeRewards _flywheelGaugeRewards) external {
85: function setDao(address _dao) external onlyOwner {
91: function setDaoShare(uint256 _daoShare) external onlyOwner {
97: function setTailEmission(uint256 _tail_emission) external onlyOwner {
107: function circulatingSupply() public view returns (uint256) {
112: function weeklyEmission() public view returns (uint256) {
117: function calculateGrowth(uint256 _minted) public view returns (uint256) {
122: function updatePeriod() public returns (uint256) {
161: function getRewards() external returns (uint256 totalQueuedForCycle) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L68
File: hermes/tokens/bHermesBoost.sol
27: function mint(address to, uint256 amount) external onlybHermes {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L27
File: hermes/tokens/bHermesGauges.sol
34: function mint(address to, uint256 amount) external onlybHermes {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L34
File: hermes/tokens/bHermesVotes.sol
25: function mint(address to, uint256 amount) external onlybHermes {
34: function burn(address from, uint256 amount) external onlybHermes {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L25
File: hermes/tokens/HERMES.sol
61: function mint(address account, uint256 amount) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L61
File: maia/factories/PartnerManagerFactory.sol
43: function getPartners() external view returns (PartnerManager[] memory) {
48: function getVaults() external view returns (IBaseVault[] memory) {
57: function addPartner(PartnerManager newPartnerManager) external onlyOwner {
66: function addVault(IBaseVault newVault) external onlyOwner {
79: function removePartner(PartnerManager partnerManager) external onlyOwner {
88: function removeVault(IBaseVault vault) external onlyOwner {
File: maia/tokens/Maia.sol
54: function mint(address account, uint256 amount) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L54
File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol
57: function initialize(
88: function getProposalThresholdAmount() public view returns (uint256) {
92: function getQuorumVotesAmount() public view returns (uint256) {
105: function propose(
175: function queue(uint256 proposalId) external {
209: function execute(uint256 proposalId) external payable {
228: function cancel(uint256 proposalId) external {
269: function getActions(uint256 proposalId)
289: function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {
298: function state(uint256 proposalId) public view returns (ProposalState) {
327: function castVote(uint256 proposalId, uint8 support) external {
337: function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {
345: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {
390: function isWhitelisted(address account) public view returns (bool) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol
57: function initialize(
88: function getProposalThresholdAmount() public view returns (uint256) {
92: function getQuorumVotesAmount() public view returns (uint256) {
105: function propose(
175: function queue(uint256 proposalId) external {
209: function execute(uint256 proposalId) external payable {
228: function cancel(uint256 proposalId) external {
269: function getActions(uint256 proposalId)
289: function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {
298: function state(uint256 proposalId) public view returns (ProposalState) {
327: function castVote(uint256 proposalId, uint8 support) external {
337: function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {
345: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {
390: function isWhitelisted(address account) public view returns (bool) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol
57: function initialize(
88: function getProposalThresholdAmount() public view returns (uint256) {
92: function getQuorumVotesAmount() public view returns (uint256) {
105: function propose(
175: function queue(uint256 proposalId) external {
209: function execute(uint256 proposalId) external payable {
228: function cancel(uint256 proposalId) external {
269: function getActions(uint256 proposalId)
289: function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {
298: function state(uint256 proposalId) public view returns (ProposalState) {
327: function castVote(uint256 proposalId, uint8 support) external {
337: function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {
345: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {
390: function isWhitelisted(address account) public view returns (bool) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol
57: function initialize(
88: function getProposalThresholdAmount() public view returns (uint256) {
92: function getQuorumVotesAmount() public view returns (uint256) {
105: function propose(
175: function queue(uint256 proposalId) external {
209: function execute(uint256 proposalId) external payable {
228: function cancel(uint256 proposalId) external {
269: function getActions(uint256 proposalId)
289: function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {
298: function state(uint256 proposalId) public view returns (ProposalState) {
327: function castVote(uint256 proposalId, uint8 support) external {
337: function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {
345: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {
390: function isWhitelisted(address account) public view returns (bool) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol
57: function initialize(
88: function getProposalThresholdAmount() public view returns (uint256) {
92: function getQuorumVotesAmount() public view returns (uint256) {
105: function propose(
175: function queue(uint256 proposalId) external {
209: function execute(uint256 proposalId) external payable {
228: function cancel(uint256 proposalId) external {
269: function getActions(uint256 proposalId)
289: function getReceipt(uint256 proposalId, address voter) external view returns (Receipt memory) {
298: function state(uint256 proposalId) public view returns (ProposalState) {
327: function castVote(uint256 proposalId, uint8 support) external {
337: function castVoteWithReason(uint256 proposalId, uint8 support, string calldata reason) external {
345: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external {
390: function isWhitelisted(address account) public view returns (bool) {
398: function _setVotingDelay(uint256 newVotingDelay) external {
414: function _setVotingPeriod(uint256 newVotingPeriod) external {
431: function _setProposalThreshold(uint256 newProposalThreshold) external {
448: function _setWhitelistAccountExpiration(address account, uint256 expiration) external {
462: function _setWhitelistGuardian(address account) external {
475: function _initiate(address governorAlpha) external {
488: function _setPendingAdmin(address newPendingAdmin) external {
506: function _acceptAdmin() external {
File: out-of-scope/governance/GovernorBravoDelegator.sol
6: constructor(
39: function _setImplementation(address implementation_) public {
69: fallback() external payable {
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
53: function boostedTotalSupply(ERC20 strategy) external view returns (uint256) {
59: function boostedBalanceOf(ERC20 strategy, address user) external view returns (uint256) {
File: rewards/depots/MultiRewardsDepot.sol
46: function addAsset(address rewardsContract, address asset) external onlyOwner {
56: function removeAsset(address rewardsContract) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L46
File: rewards/rewards/FlywheelBribeRewards.sol
36: function setRewardsDepot(RewardsDepot rewardsDepot) external {
File: rewards/rewards/FlywheelGaugeRewards.sol
71: function queueRewardsForCycle() external returns (uint256 totalQueuedForCycle) {
106: function queueRewardsForCyclePaginated(uint256 numRewards) external {
199: function getAccruedRewards() external returns (uint256 accruedRewards) {
File: talos/boost-aggregator/BoostAggregator.sol
99: function setOwnRewardsDepot(address rewardsDepot) external {
108: function unstakeAndWithdraw(uint256 tokenId) external {
142: function addWhitelistedAddress(address user) external onlyOwner {
147: function removeWhitelistedAddress(address user) external onlyOwner {
152: function setProtocolFee(uint256 _protocolFee) external onlyOwner {
158: function withdrawProtocolFees(address to) external onlyOwner {
164: function withdrawAllGaugeBoost(address to) external onlyOwner {
171: function withdrawGaugeBoost(address to, uint256 amount) external onlyOwner {
179: function decrementGaugesBoostIndexed(uint256 boost, uint256 offset, uint256 num) external onlyOwner {
File: talos/factories/BoostAggregatorFactory.sol
41: function getBoostAggregators() external view returns (BoostAggregator[] memory) {
50: function createBoostAggregator(address owner) external {
File: talos/factories/OptimizerFactory.sol
18: function getOptimizers() external view returns (TalosOptimizer[] memory) {
35: function createTalosOptimizer(
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L18
File: talos/TalosOptimizer.sol
61: function setMaxTotalSupply(uint256 _maxTotalSupply) external onlyOwner {
67: function setTwapDuration(uint32 _twapDuration) external onlyOwner {
73: function setMaxTwapDeviation(int24 _maxTwapDeviation) external onlyOwner {
79: function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {
84: function setPriceImpact(uint24 _priceImpactPercentage) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L61
File: ulysses-amm/factories/UlyssesFactory.sol
73: function createPool(ERC20 asset, address owner) external returns (uint256) {
90: function createPools(ERC20[] calldata assets, uint8[][] calldata weights, address owner)
136: function createToken(uint256[] calldata poolIds, uint256[] calldata weights, address owner)
File: ulysses-amm/UlyssesPool.sol
111: function getBandwidth(uint256 destinationId) external view returns (uint256) {
120: function getBandwidthStateList() external view returns (BandwidthState[] memory) {
125: function getProtocolFees() public view returns (uint256) {
149: function claimProtocolFees() external nonReentrant returns (uint256 claimed) {
158: function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {
222: function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {
307: function setFees(Fees calldata _fees) external nonReentrant onlyOwner {
322: function setProtocolFee(uint256 _protocolFee) external nonReentrant {
1092: function swapIn(uint256 assets, uint256 poolId) external nonReentrant returns (uint256 output) {
1146: function swapFromPool(uint256 assets, address user) external nonReentrant returns (uint256 output) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L111
File: ulysses-amm/UlyssesRouter.sol
48: function addLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256) {
58: function removeLiquidity(uint256 amount, uint256 minOutput, uint256 poolId) external returns (uint256) {
72: function swap(uint256 amount, uint256 minOutput, Route[] calldata routes) external returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L48
File: ulysses-amm/UlyssesToken.sol
43: function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {
59: function removeAsset(address asset) external nonReentrant onlyOwner {
87: function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L43
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
101: function depositToPort(address underlyingAddress, uint256 amount) external payable lock {
113: function withdrawFromPort(address localAddress, uint256 amount) external payable lock {
File: ulysses-omnichain/ArbitrumBranchPort.sol
44: function depositToPort(address _depositor, address _recipient, address _underlyingAddress, uint256 _deposit)
57: function withdrawFromPort(address _depositor, address _recipient, address _globalAddress, uint256 _deposit)
File: ulysses-omnichain/BaseBranchRouter.sol
36: function initialize(address _localBridgeAgentAddress) external onlyOwner {
48: function getDepositEntry(uint32 _depositNonce) external view returns (Deposit memory) {
57: function callOut(bytes calldata params, uint128 remoteExecutionGas) external payable lock {
64: function callOutAndBridge(bytes calldata params, DepositInput memory dParams, uint128 remoteExecutionGas)
75: function callOutAndBridgeMultiple(
86: function retrySettlement(uint32 _settlementNonce, uint128 _gasToBoostSettlement) external payable lock {
91: function redeemDeposit(uint32 _depositNonce) external lock {
100: function anyExecuteNoSettlement(bytes calldata)
111: function anyExecuteSettlement(bytes calldata, SettlementParams memory)
122: function anyExecuteSettlementMultiple(bytes calldata, SettlementMultipleParams memory)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L36
File: ulysses-omnichain/BranchBridgeAgent.sol
173: function getDepositEntry(uint32 _depositNonce) external view returns (Deposit memory) {
182: function callOut(bytes calldata _params, uint128 _remoteExecutionGas) external payable lock requiresFallbackGas {
191: function callOutAndBridge(bytes calldata _params, DepositInput memory _dParams, uint128 _remoteExecutionGas)
205: function callOutAndBridgeMultiple(
218: function callOutSigned(bytes calldata _params, uint128 _remoteExecutionGas)
237: function callOutSignedAndBridge(bytes calldata _params, DepositInput memory _dParams, uint128 _remoteExecutionGas)
274: function callOutSignedAndBridgeMultiple(
318: function retryDeposit(
417: function retrySettlement(uint32 _settlementNonce, uint128 _gasToBoostSettlement)
432: function retrieveDeposit(uint32 _depositNonce) external payable lock requiresFallbackGas {
449: function redeemDeposit(uint32 _depositNonce) external lock {
462: function performSystemCallOut(
487: function performCallOut(
508: function performCallOutAndBridge(
530: function performCallOutAndBridgeMultiple(
556: function clearToken(address _recipient, address _hToken, address _token, uint256 _amount, uint256 _deposit)
564: function clearTokens(bytes calldata _sParams, address _recipient)
1117: function anyExecute(bytes calldata data)
1226: function anyFallback(bytes calldata data)
1309: function depositGasAnycallConfig() external payable {
1314: function forceRevert() external requiresAgentExecutor {
1418: fallback() external payable {}
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
69: function executeNoSettlement(address _router, bytes calldata _data)
87: function executeWithSettlement(address _recipient, address _router, bytes calldata _data)
124: function executeWithSettlementMultiple(address _recipient, address _router, bytes calldata _data)
File: ulysses-omnichain/BranchPort.sol
98: function initialize(address _coreBranchRouter, address _bridgeAgentFactory) external virtual onlyOwner {
157: function manage(address _token, uint256 _amount) external requiresPortStrategy(_token) {
171: function replenishReserves(address _strategy, address _token, uint256 _amount) external lock {
205: function withdraw(address _recipient, address _underlyingAddress, uint256 _deposit)
216: function bridgeIn(address _recipient, address _localAddress, uint256 _amount)
225: function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
240: function bridgeOut(
259: function bridgeOutMultiple(
289: function addBridgeAgent(address _bridgeAgent) external requiresBridgeAgentFactory {
300: function setCoreRouter(address _newCoreRouter) external requiresCoreRouter {
307: function addBridgeAgentFactory(address _newBridgeAgentFactory) external requiresCoreRouter {
316: function toggleBridgeAgentFactory(address _newBridgeAgentFactory) external requiresCoreRouter {
323: function toggleBridgeAgent(address _bridgeAgent) external requiresCoreRouter {
330: function addStrategyToken(address _token, uint256 _minimumReservesRatio) external requiresCoreRouter {
341: function toggleStrategyToken(address _token) external requiresCoreRouter {
348: function addPortStrategy(address _portStrategy, address _token, uint256 _dailyManagementLimit)
362: function togglePortStrategy(address _portStrategy, address _token) external requiresCoreRouter {
369: function updatePortStrategy(address _portStrategy, address _token, uint256 _dailyManagementLimit)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L98
File: ulysses-omnichain/CoreBranchRouter.sol
40: function addGlobalToken(
62: function addLocalToken(address _underlyingAddress) external payable virtual {
283: fallback() external payable {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L40
File: ulysses-omnichain/CoreRootRouter.sol
62: function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {
80: function addBranchToBridgeAgent(
226: function toggleBranchBridgeAgentFactory(
252: function removeBranchBridgeAgent(address _branchBridgeAgent, address _gasReceiver, uint24 _toChain)
274: function manageStrategyToken(
299: function managePortStrategy(
389: function anyExecuteDepositMultiple(bytes1, bytes calldata, DepositMultipleParams memory, uint24)
421: function anyExecuteSignedDepositMultiple(bytes1, bytes memory, DepositMultipleParams memory, address, uint24)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L62
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
82: function initialize(address _coreRootBridgeAgent) external virtual onlyOwner {
112: function createBridgeAgent(
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
34: function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {
59: function createToken(string memory _name, string memory _symbol)
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
39: function initialize(address _coreRouter) external onlyOwner {
53: function createToken(string memory _name, string memory _symbol)
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
74: function createBridgeAgent(address _newRootRouterAddress) external returns (address newBridgeAgent) {
File: ulysses-omnichain/MulticallRootRouter.sol
73: function initialize(address _bridgeAgentAddress) external onlyOwner {
249: function anyExecuteDepositMultiple(bytes1, bytes calldata, DepositMultipleParams calldata, uint24)
420: function anyExecuteSignedDepositMultiple(
File: ulysses-omnichain/RootBridgeAgent.sol
234: function getSettlementEntry(uint32 _settlementNonce) external view returns (Settlement memory) {
243: function retrySettlement(uint32 _settlementNonce, uint128 _remoteExecutionGas) external payable {
254: function redeemSettlement(uint32 _depositNonce) external lock {
274: function callOut(address _recipient, bytes memory _data, uint24 _toChain) external payable lock requiresRouter {
284: function callOutAndBridge(
330: function callOutAndBridgeMultiple(
383: function bridgeIn(address _recipient, DepositParams memory _dParams, uint24 _fromChain)
403: function bridgeInMultiple(address _recipient, DepositMultipleParams memory _dParams, uint24 _fromChain)
645: function uniswapV3SwapCallback(int256 amount0, int256 amount1, bytes calldata _data) external {
859: function anyExecute(bytes calldata data)
1176: function anyFallback(bytes calldata data)
1218: function depositGasAnycallConfig() external payable {
1224: function forceRevert() external requiresLocalBranchBridgeAgent {
1247: function approveBranchBridgeAgent(uint256 _branchChainId) external requiresManager {
1253: function syncBranchBridgeAgent(address _newBranchBridgeAgent, uint24 _branchChainId) external requiresPort {
1258: function sweep() external {
1333: fallback() external payable {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L234
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
77: function executeSystemRequest(address _router, bytes calldata _data, uint24 _fromChainId)
97: function executeNoDeposit(address _router, bytes calldata _data, uint24 _fromChainId)
116: function executeWithDeposit(address _router, bytes calldata _data, uint24 _fromChainId)
153: function executeWithDepositMultiple(address _router, bytes calldata _data, uint24 _fromChainId)
200: function executeSignedNoDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)
220: function executeSignedWithDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)
258: function executeSignedWithDepositMultiple(
307: function executeRetrySettlement(uint32 _settlementNonce)
File: ulysses-omnichain/RootPort.sol
127: function initialize(address _bridgeAgentFactory, address _coreRootRouter) external onlyOwner {
139: function initializeCore(
157: function forefeitOwnership(address _owner) external onlyOwner {
173: function getLocalToken(address _localAddress, uint24 _fromChain, uint24 _toChain) external view returns (address) {
193: function getUnderlyingTokenFromGlobal(address _globalAddress, uint24 _fromChain) external view returns (address) {
208: function isGlobalToken(address _globalAddress, uint24 _fromChain) external view returns (bool) {
222: function isLocalToken(address _localAddress, uint24 _fromChain) external view returns (bool) {
227: function isLocalToken(address _localAddress, uint24 _fromChain, uint24 _toChain) external view returns (bool) {
237: function isUnderlyingToken(address _underlyingToken, uint24 _fromChain) external view returns (bool) {
246: function setAddresses(address _globalAddress, address _localAddress, address _underlyingAddress, uint24 _fromChain)
260: function setLocalAddress(address _globalAddress, address _localAddress, uint24 _fromChain)
275: function bridgeToRoot(address _recipient, address _hToken, uint256 _amount, uint256 _deposit, uint24 _fromChainId)
298: function burn(address _from, address _hToken, uint256 _amount, uint24 _fromChain) external requiresBridgeAgent {
304: function bridgeToRootFromLocalBranch(address _from, address _hToken, uint256 _amount)
313: function bridgeToLocalBranchFromRoot(address _to, address _hToken, uint256 _amount)
323: function mintToLocalBranch(address _to, address _hToken, uint256 _amount) external requiresLocalBranchPort {
328: function burnFromLocalBranch(address _from, address _hToken, uint256 _amount) external requiresLocalBranchPort {
339: function fetchVirtualAccount(address _user) external requiresBridgeAgent returns (VirtualAccount account) {
356: function toggleVirtualAccountApproved(VirtualAccount _userAccount, address _router) external requiresBridgeAgent {
365: function addBridgeAgent(address _manager, address _bridgeAgent) external requiresBridgeAgentFactory {
377: function syncBranchBridgeAgentWithRoot(
398: function toggleBridgeAgent(address _bridgeAgent) external onlyOwner {
405: function addBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {
412: function toggleBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {
419: function addNewChain(
483: function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {
490: function addEcosystemToken(address _ecoTokenGlobalAddress) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L127
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
71: function mint(address to, uint256 amount, uint256 chainId) external requiresPort returns (bool) {
83: function burn(address from, uint256 value, uint256 chainId) external requiresPort {
File: ulysses-omnichain/VirtualAccount.sol
30: function withdrawERC20(address _token, uint256 _amount) external requiresApprovedCaller {
35: function withdrawERC721(address _token, uint256 _tokenId) external requiresApprovedCaller {
40: function call(Call[] calldata calls)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L30
File: uni-v3-staker/UniswapV3Staker.sol
136: function createIncentiveFromGauge(uint256 reward) external {
156: function createIncentive(IncentiveKey memory key, uint256 reward) external {
186: function endIncentive(IncentiveKey memory key) external returns (uint256 refund) {
242: function withdrawToken(uint256 tokenId, address to, bytes memory data) external {
261: function claimReward(address to, uint256 amountRequested) external returns (uint256 reward) {
276: function claimAllRewards(address to) external returns (uint256 reward) {
339: function restakeToken(uint256 tokenId) external {
354: function unstakeToken(uint256 tokenId) external {
360: function unstakeToken(IncentiveKey memory key, uint256 tokenId) external {
525: function updateGauges(IUniswapV3Pool uniswapV3Pool) external {
542: function updateBribeDepot(IUniswapV3Pool uniswapV3Pool) public {
552: function updatePoolMinimumWidth(IUniswapV3Pool uniswapV3Pool) public {
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L136
There are 23 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
8: string public constant name = "vMaia Governor Bravo";
29: uint256 public constant quorumVotes = 0.35 ether; // 35% of GovToken
32: uint256 public constant proposalMaxOperations = 10; // 10 actions
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L8
File: hermes/minters/BaseV2Minter.sol
23: uint256 internal constant week = 86400 * 7;
25: uint256 internal constant base = 1000;
27: uint256 internal constant max_tail_emission = 100;
28: uint256 internal constant max_dao_share = 300;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L23
File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol
7: string public constant name = "bHermes Governor Bravo Severity 1";
28: uint256 public constant quorumVotes = 0.04 ether; // 4% of GovToken
31: uint256 public constant proposalMaxOperations = 10; // 10 actions
File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol
7: string public constant name = "bHermes Governor Bravo Severity 2";
28: uint256 public constant quorumVotes = 0.125 ether; // 12.5% of GovToken
31: uint256 public constant proposalMaxOperations = 10; // 10 actions
File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol
7: string public constant name = "bHermes Governor Bravo Severity 3";
28: uint256 public constant quorumVotes = 0.25 ether; // 25,000,000 = about 25% of GovToken
31: uint256 public constant proposalMaxOperations = 10; // 10 actions
File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol
7: string public constant name = "bHermes Governor Bravo Severity 4";
28: uint256 public constant quorumVotes = 0.35 ether; // 35% of GovToken
31: uint256 public constant proposalMaxOperations = 10; // 10 actions
File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol
7: string public constant name = "bHermes Governor Bravo Severity 5";
28: uint256 public constant quorumVotes = 0.5 ether; // 50% of GovToken
31: uint256 public constant proposalMaxOperations = 10; // 10 actions
File: talos/TalosStrategyVanilla.sol
46: uint24 private constant protocolFee = 2 * 1e5; //20%
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L46
There are 28 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
103: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol
105: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol
105: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol
105: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol
105: function propose(
File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol
105: function propose(
File: talos/base/TalosBaseStrategy.sol
101: function init(uint256 amount0Desired, uint256 amount1Desired, address receiver)
181: function deposit(uint256 amount0Desired, uint256 amount1Desired, address receiver)
237: function redeem(uint256 shares, uint256 amount0Min, uint256 amount1Min, address receiver, address _owner)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L101
File: ulysses-amm/UlyssesPool.sol
158: function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {
222: function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {
344: function getBandwidthUpdateAmounts(
538: function updateBandwidth(
679: function _calculateRebalancingFee(uint256 bandwidth, uint256 targetBandwidth, bool roundDown)
941: function ulyssesAddLP(uint256 amount, bool depositFees) private returns (uint256 output) {
1025: function ulyssesRemoveLP(uint256 shares) private returns (uint256 assets) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L158
File: ulysses-omnichain/BranchBridgeAgent.sol
318: function retryDeposit(
564: function clearTokens(bytes calldata _sParams, address _recipient)
1117: function anyExecute(bytes calldata data)
1226: function anyFallback(bytes calldata data)
File: ulysses-omnichain/CoreBranchRouter.sol
228: function anyExecuteNoSettlement(bytes calldata _data)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L228
File: ulysses-omnichain/MulticallRootRouter.sol
267: function anyExecuteSigned(bytes1 funcId, bytes calldata encodedData, address userAccount, uint24)
344: function anyExecuteSignedDepositSingle(
420: function anyExecuteSignedDepositMultiple(
File: ulysses-omnichain/RootBridgeAgent.sol
859: function anyExecute(bytes calldata data)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L859
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
349: function _bridgeInMultiple(address _recipient, bytes calldata _dParams, uint24 _fromChain)
File: ulysses-omnichain/RootPort.sol
419: function addNewChain(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L419
File: uni-v3-staker/UniswapV3Staker.sol
364: function _unstakeToken(IncentiveKey memory key, uint256 tokenId, bool isNotRestake) private {
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L364
There are 2 instances of this issue:
File: governance/GovernorBravoInterfaces.sol
170: function GRACE_PERIOD() external view returns (uint256);
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L170
File: out-of-scope/governance/GovernorBravoInterfaces.sol
170: function GRACE_PERIOD() external view returns (uint256);
There are 5 instances of this issue:
File: hermes/bHermes.sol
51: contract bHermes is UtilityManager, ERC4626DepositOnly {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L51
File: hermes/tokens/bHermesBoost.sol
17: contract bHermesBoost is ERC20Boost, IbHermesUnderlying {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L17
File: hermes/tokens/bHermesGauges.sol
21: contract bHermesGauges is ERC20Gauges, IbHermesUnderlying {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L21
File: hermes/tokens/bHermesVotes.sol
15: contract bHermesVotes is ERC20MultiVotes, IbHermesUnderlying {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L15
File: maia/vMaia.sol
25: contract vMaia is ERC4626PartnerManager {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L25
While the compiler knows to optimize away the exponentiation, it's still better coding practice to use idioms that do not require compiler optimization, if they exist.
There are 2 instances of this issue:
File: ulysses-omnichain/BranchBridgeAgent.sol
1341: return _decimals == 18 ? _amount : _amount * (10 ** _decimals) / 1 ether;
File: ulysses-omnichain/BranchPort.sol
389: return _decimals == 18 ? _amount : _amount * 1 ether / (10 ** _decimals);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L389
Magic numbers are numbers that appear without explanation in the code. They should be replaced with named constants.
There are 102 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
82: return (a & b) + (a ^ b) / 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L82
File: erc-4626/ERC4626MultiToken.sol
40: ERC20(_name, _symbol, 18)
51: require(ERC20(_assets[i]).decimals() == 18);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L40
File: erc-4626/UlyssesERC4626.sol
24: constructor(address _asset, string memory _name, string memory _symbol) ERC20(_name, _symbol, 18) {
27: if (ERC20(_asset).decimals() != 18) revert InvalidAssetDecimals();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L24
File: gauges/factories/UniswapV3GaugeFactory.sol
65: 52 weeks,
File: governance/GovernorBravoDelegateMaia.sol
363: require(support <= 2, "GovernorBravo::castVoteInternal: invalid vote type");
373: } else if (support == 2) {
File: hermes/tokens/HERMES.sol
48: constructor(address _owner) ERC20("Hermes", "HERMES", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L48
File: hermes/tokens/bHermesBoost.sol
22: constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L22
File: hermes/tokens/bHermesGauges.sol
28: ERC20("bHermes Gauges", "bHERMES-G", 18)
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L28
File: hermes/tokens/bHermesVotes.sol
20: constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L20
File: maia/libraries/DateTimeLib.sol
40: uint256 epochDay = timestamp / 86400;
44: epochDay := add(epochDay, 719468)
45: let doe := mod(epochDay, 146097)
46: let yoe := div(sub(sub(add(doe, div(doe, 36524)), div(doe, 1460)), eq(doe, 146096)), 365)
47: let doy := sub(doe, sub(add(mul(365, yoe), shr(2, yoe)), div(yoe, 100)))
48: let mp := div(add(mul(5, doy), 2), 153)
49: month := sub(add(mp, 3), mul(gt(mp, 9), 12))
57: uint256 day = timestamp / 86400;
58: startOfDay = day * 86400;
59: result = ((day + 3) % 7) + 1 == 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L40
File: maia/tokens/Maia.sol
41: constructor(address _owner) ERC20("Maia", "MAIA", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L41
File: talos/TalosOptimizer.sol
42: if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();
43: if (_twapDuration < 100) revert TwapDurationTooLow();
44: if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {
69: if (_twapDuration < 100) revert TwapDurationTooLow();
75: if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();
86: if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L42
File: talos/base/TalosBaseStrategy.sol
85: ) ERC20("TALOS LP", "TLP", 18) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L85
File: talos/libraries/PoolVariables.sol
209: uint32[] memory secondsAgo = new uint32[](2);
247: ? int256((cache.amount0Desired - cache.amount0) / 2)
248: : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2
251: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L209
File: ulysses-amm/UlyssesPool.sol
70: Fees public fees = Fees({lambda1: 20e14, lambda2: 4980e14, sigma1: 6000e14, sigma2: 500e14});
312: if (_fees.lambda1 + _fees.lambda2 != DIVISIONER / 2) revert InvalidFee();
396: let slot := sload(add(bandwidthStateListStart, mul(i, 2)))
400: let weight := shr(248, slot)
490: let weight := shr(248, sload(add(bandwidthStateListStart, mul(i, 2))))
559: weight := shr(248, slot)
669: sstore(destinationState.slot, or(bandwidth, shl(248, weight)))
702: let sigma2 := shr(192, feeSlot)
704: let sigma1 := and(shr(128, feeSlot), 0xffffffffffffffff)
706: lambda2 := and(shr(64, feeSlot), 0xffffffffffffffff)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L70
File: ulysses-amm/UlyssesToken.sol
46: require(ERC20(asset).decimals() == 18);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L46
File: ulysses-omnichain/BaseBranchRouter.sol
148: _unlocked = 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L148
File: ulysses-omnichain/BranchBridgeAgent.sol
587: PARAMS_TKN_START + (PARAMS_ENTRY_SIZE * i) + 12:
598: PARAMS_TKN_START + PARAMS_ENTRY_SIZE * uint16(i + numOfAssets) + 12:
1145: uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1167: uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1191: uint32 nonce = uint32(bytes4(data[22:26]));
1341: return _decimals == 18 ? _amount : _amount * (10 ** _decimals) / 1 ether;
1368: _unlocked = 2;
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
76: (success, result) = IRouter(_router).anyExecuteNoSettlement(_data[25:_data.length - PARAMS_GAS_OUT]);
95: settlementNonce: uint32(bytes4(_data[PARAMS_START_SIGNED:25])),
97: hToken: address(uint160(bytes20(_data[25:45]))),
98: token: address(uint160(bytes20(_data[45:65]))),
99: amount: uint256(bytes32(_data[65:97])),
100: deposit: uint256(bytes32(_data[97:129]))
108: if (_data.length - PARAMS_GAS_OUT > 129) {
110: (success, result) = IRouter(_router).anyExecuteSettlement(_data[129:_data.length - PARAMS_GAS_OUT], sParams);
File: ulysses-omnichain/BranchPort.sol
389: return _decimals == 18 ? _amount : _amount * 1 ether / (10 ** _decimals);
425: _unlocked = 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L389
File: ulysses-omnichain/CoreRootRouter.sol
440: _unlocked = 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L440
File: ulysses-omnichain/MulticallRootRouter.sol
496: _unlocked = 2;
File: ulysses-omnichain/RootBridgeAgent.sol
677: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
720: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
990: uint32 nonce = uint32(bytes4(data[2:6]));
1014: uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1050: uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1085: uint32 nonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1130: try RootBridgeAgentExecutor(bridgeAgentExecutorAddress).executeRetrySettlement(uint32(bytes4(data[5:9])))
1198: _settlementNonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1203: _settlementNonce = uint32(bytes4(data[PARAMS_START_SIGNED:25]));
1208: _settlementNonce = uint32(bytes4(data[22:26]));
1275: _unlocked = 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
85: bytes1(_data[PARAMS_TKN_START]), _data[6:_data.length - PARAMS_GAS_IN], _fromChainId
105: IRouter(_router).anyExecute(bytes1(_data[5]), _data[6:_data.length - PARAMS_GAS_IN], _fromChainId);
125: hToken: address(uint160(bytes20(_data[PARAMS_TKN_START:25]))),
126: token: address(uint160(bytes20(_data[25:45]))),
127: amount: uint256(bytes32(_data[45:77])),
128: deposit: uint256(bytes32(_data[77:109])),
129: toChain: uint24(bytes3(_data[109:112]))
135: if (_data.length - PARAMS_GAS_IN > 112) {
138: _data[112], _data[113:_data.length - PARAMS_GAS_IN], dParams, _fromChainId
208: IRouter(_router).anyExecuteSigned(_data[25], _data[26:_data.length - PARAMS_GAS_IN], _account, _fromChainId);
228: depositNonce: uint32(bytes4(_data[PARAMS_START_SIGNED:25])),
229: hToken: address(uint160(bytes20(_data[25:45]))),
230: token: address(uint160(bytes20(_data[45:65]))),
231: amount: uint256(bytes32(_data[65:97])),
232: deposit: uint256(bytes32(_data[97:129])),
233: toChain: uint24(bytes3(_data[129:132]))
239: if (_data.length - PARAMS_GAS_IN > 132) {
242: _data[132], _data[133:_data.length - PARAMS_GAS_IN], dParams, _account, _fromChainId
357: uint24 toChain = uint24(bytes3(_dParams[_dParams.length - 3:_dParams.length]));
371: PARAMS_TKN_START + (PARAMS_ENTRY_SIZE * i) + 12:
383: PARAMS_TKN_START + PARAMS_ENTRY_SIZE * uint16(i + numOfAssets) + 12:
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
13: ERC20(string(string.concat("Hermes - ", _name)), string(string.concat("h-", _symbol)), 18)
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
44: ) ERC20(string(string.concat("Hermes ", _name)), string(string.concat("h-", _symbol)), 18) {
File: uni-v3-staker/libraries/RewardMath.sol
35: ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
44: boostedSecondsInsideX128 = (secondsInsideX128 * 4) / 10;
67: uint256 totalSecondsUnclaimedX128 = ((endTime.max(currentTime) - startTime) << 128) - totalSecondsClaimedX128;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L35
Instead of using error strings, to reduce deployment and runtime cost, you should use Custom Errors. This would save both deployment and runtime cost.
There are 283 instances of this issue:
File: erc-20/ERC20Boost.sol
118: revert InvalidGauge();
122: if (!_userGauges[user].add(msg.sender)) revert GaugeAlreadyAttached();
267: if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGauge();
279: if (!_deprecatedGauges.add(gauge)) revert InvalidGauge();
342: if (freeGaugeBoost(user) < amount) revert AttachedBoost();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L118
File: erc-20/ERC20Gauges.sol
29: if (_incrementFreezeWindow >= _gaugeCycleLength) revert IncrementFreezeError();
203: if (!_gauges.contains(gauge) || _deprecatedGauges.contains(gauge)) revert InvalidGaugeError();
205: if (cycle - block.timestamp <= incrementFreezeWindow) revert IncrementFreezeError();
212: revert MaxGaugeError();
236: if (newUserWeight > getVotes(user)) revert OverWeightError();
251: if (weights.length != size) revert SizeMismatchError();
293: if (!_gauges.contains(gauge)) revert InvalidGaugeError();
328: if (weights.length != size) revert SizeMismatchError();
411: if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGaugeError();
435: if (!_deprecatedGauges.add(gauge)) revert InvalidGaugeError();
464: if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L29
File: erc-20/ERC20MultiVotes.sol
59: if (blockNumber >= block.number) revert BlockError();
105: if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts
165: if (count > 1) revert DelegationError();
191: if (delegatee == address(0) || free < amount || amount == 0) revert DelegationError();
196: revert DelegationError();
220: if (userUnusedVotes(delegatee) < amount) revert UndelegationVoteError();
351: if ((userFreeVotes + totalFreed) < votes) revert UndelegationVoteError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L59
File: erc-4626/ERC4626MultiToken.sol
48: if (length != _assets.length || length == 0) revert InvalidLength();
172: if (assetsAmounts[i] == 0) revert ZeroAssets();
198: if (length != assets.length) revert InvalidLength();
248: if (length != assets.length) revert InvalidLength();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L48
File: erc-4626/UlyssesERC4626.sol
27: if (ERC20(_asset).decimals() != 18) revert InvalidAssetDecimals();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L27
File: gauges/BaseV2Gauge.sol
130: if (added[bribeFlywheel]) revert FlywheelAlreadyAdded();
146: if (!isActive[bribeFlywheel]) revert FlywheelNotActive();
156: if (msg.sender != strategy) revert StrategyError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L130
File: gauges/UniswapV3Gauge.sol
74: if (msg.sender != uniswapV3Staker) revert StrategyError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L74
File: gauges/factories/BaseV2GaugeFactory.sol
110: if (address(strategyGauges[strategy]) != address(0)) revert GaugeAlreadyExists();
131: if (!activeGauges[gauge] || gauges[gaugeIds[gauge]] != gauge) revert InvalidGauge();
145: if (!activeGauges[gauge]) revert InvalidGauge();
152: if (!activeGauges[gauge]) revert InvalidGauge();
162: revert NotOwnerOrBribesFactoryOwner();
File: gauges/factories/BaseV2GaugeManager.sol
111: if (activeGaugeFactories[gaugeFactory]) revert GaugeFactoryAlreadyExists();
123: revert NotActiveGaugeFactory();
156: if (!activeGaugeFactories[BaseV2GaugeFactory(msg.sender)]) revert NotActiveGaugeFactory();
161: if (msg.sender != admin) revert NotAdmin();
File: gauges/factories/BribesFactory.sol
80: if (address(flywheelTokens[bribeToken]) != address(0)) revert BribeFlywheelAlreadyExists();
107: revert Unauthorized();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L80
File: gauges/factories/UniswapV3GaugeFactory.sol
99: if (!activeGauges[BaseV2Gauge(gauge)]) revert InvalidGauge();
File: governance/GovernorBravoDelegator.sol
62: if eq(success, 0) { revert(add(returnData, 0x20), returndatasize()) }
80: case 0 { revert(free_mem_ptr, returndatasize()) }
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L62
File: hermes/bHermes.sol
71: revert InsufficientShares();
79: revert InsufficientShares();
87: revert InsufficientShares();
146: ) revert InsufficientUnderlying();
164: ) revert InsufficientUnderlying();
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L71
File: hermes/minters/BaseV2Minter.sol
79: if (initializer != msg.sender) revert NotInitializer();
93: if (_daoShare > max_dao_share) revert DaoShareTooHigh();
99: if (_tail_emission > max_tail_emission) revert TailEmissionTooHigh();
163: if (address(flywheelGaugeRewards) != msg.sender) revert NotFlywheelGaugeRewards();
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L79
File: hermes/tokens/bHermesBoost.sol
33: if (msg.sender != bHermes) revert NotbHermes();
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L33
File: hermes/tokens/bHermesGauges.sol
40: if (msg.sender != bHermes) revert NotbHermes();
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L40
File: hermes/tokens/bHermesVotes.sol
40: if (msg.sender != bHermes) revert NotbHermes();
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L40
File: maia/factories/PartnerManagerFactory.sol
81: if (partners[partnerIds[partnerManager]] != partnerManager) revert InvalidPartnerManager();
90: if (vaults[vaultIds[vault]] != vault) revert InvalidVault();
File: maia/tokens/ERC4626PartnerManager.sol
189: if (factory.vaultIds(IBaseVault(newPartnerVault)) == 0) revert UnrecognizedVault();
217: if (newRate < bHermesRate) revert InvalidRate();
220: revert InsufficientBacking();
241: if (amount > maxMint(to)) revert ExceedsMaxDeposit();
296: revert InsufficientShares();
304: revert InsufficientShares();
312: revert InsufficientShares();
320: revert InsufficientShares();
332: ) revert InsufficientUnderlying();
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L189
File: maia/vMaia.sol
69: revert InsufficientShares();
77: revert InsufficientShares();
85: revert InsufficientShares();
107: if (_currentMonth == currentMonth) revert UnstakePeriodNotLive();
110: if (!isTuesday) revert UnstakePeriodNotLive();
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L69
File: rewards/base/BaseFlywheelRewards.sol
44: if (msg.sender != address(flywheel)) revert FlywheelError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L44
File: rewards/depots/MultiRewardsDepot.sol
48: if (_isAsset[asset] || _isRewardsContract[rewardsContract]) revert ErrorAddingAsset();
58: if (!_isRewardsContract[rewardsContract]) revert ErrorRemovingAsset();
73: if (!_isRewardsContract[msg.sender]) revert FlywheelRewardsError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L48
File: rewards/depots/SingleRewardsDepot.sol
41: if (msg.sender != address(rewardsContract)) revert FlywheelRewardsError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L41
File: rewards/rewards/FlywheelGaugeRewards.sol
83: if (currentCycle <= lastCycle) revert CycleError();
118: if (currentCycle <= lastCycle) revert CycleError();
174: if (size == 0) revert EmptyGaugesError();
File: talos/TalosOptimizer.sol
42: if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();
43: if (_twapDuration < 100) revert TwapDurationTooLow();
45: revert PriceImpactPercentageInvalid();
47: if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();
63: if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();
69: if (_twapDuration < 100) revert TwapDurationTooLow();
75: if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();
87: revert PriceImpactPercentageInvalid();
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L42
File: talos/base/TalosBaseStrategy.sol
108: if (initialized) revert AlreadyInitialized();
151: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
158: if (totalSupply > optimizer.maxTotalSupply()) revert ExceedingMaxTotalSupply();
212: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
219: if (totalSupply > optimizer.maxTotalSupply()) revert ExceedingMaxTotalSupply();
252: if (shares == 0) revert RedeemingZeroShares();
253: if (receiver == address(0)) revert ReceiverIsZeroAddress();
273: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
334: if (msg.sender != address(pool)) revert CallerIsNotPool();
335: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
399: revert Token0AmountIsBiggerThanProtocolFees();
402: revert Token1AmountIsBiggerThanProtocolFees();
431: if (msg.sender != strategyManager) revert NotStrategyManager();
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L108
File: talos/boost-aggregator/BoostAggregator.sol
111: if (user != msg.sender) revert NotTokenIdOwner();
154: if (_protocolFee > DIVISIONER) revert FeeTooHigh();
191: if (!whitelistedAddresses[from]) revert Unauthorized();
File: talos/factories/BoostAggregatorFactory.sol
52: if (owner == address(0)) revert InvalidOwner();
File: talos/factories/TalosBaseStrategyFactory.sol
62: revert UnrecognizedOptimizer();
File: talos/factories/TalosStrategyStakedFactory.sol
70: revert InvalidNFTManager();
File: talos/libraries/PoolVariables.sol
89: if (tickLower >= tickUpper) revert LowerTickMustBeLessThanUpperTick();
90: if (tickLower < TickMath.MIN_TICK) revert LowerTickMustBeGreaterThanMinTick();
91: if (tickUpper > TickMath.MAX_TICK) revert UpperTickMustBeLessThanMaxTick();
203: if (deviation > maxTwapDeviation) revert DeviationTooHigh();
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L89
File: ulysses-amm/UlyssesPool.sol
160: if (weight == 0) revert InvalidWeight();
165: if (destinationIds[address(destination)] != 0 || destinationId == id) revert InvalidPool();
167: if (destinationId == 0) revert NotUlyssesLP();
171: if (index > MAX_DESTINATIONS) revert TooManyDestinations();
185: if (newTotalWeights > MAX_TOTAL_WEIGHT) revert InvalidWeight();
224: if (weight == 0) revert InvalidWeight();
228: if (poolIndex == 0) revert NotUlyssesLP();
244: revert InvalidWeight();
310: if (_fees.lambda1 > MAX_LAMBDA1) revert InvalidFee();
312: if (_fees.lambda1 + _fees.lambda2 != DIVISIONER / 2) revert InvalidFee();
315: if (_fees.sigma1 > DIVISIONER) revert InvalidFee();
317: if (_fees.sigma1 <= _fees.sigma2 || _fees.sigma2 < MIN_SIGMA2) revert InvalidFee();
324: if (msg.sender != factory.owner()) revert Unauthorized();
327: if (_protocolFee > MAX_PROTOCOL_FEE) revert InvalidFee();
362: revert(0x1c, 0x04)
370: revert(0x1c, 0x04)
407: revert(0x1c, 0x04)
471: revert(0x1c, 0x04)
497: revert(0x1c, 0x04)
566: revert(0x1c, 0x04)
593: revert(0x1c, 0x04)
603: revert(0x1c, 0x04)
617: revert(0x1c, 0x04)
649: revert(0x1c, 0x04)
665: revert(0x1c, 0x04)
715: revert(0x1c, 0x04)
726: revert(0x1c, 0x04)
861: revert(0x1c, 0x04)
874: revert(0x1c, 0x04)
1013: revert(0x1c, 0x04)
1080: revert(0x1c, 0x04)
1104: revert(0x1c, 0x04)
1121: revert(0x1c, 0x04)
1133: revert(0x1c, 0x04)
1158: revert(0x1c, 0x04)
1165: revert(0x1c, 0x04)
1181: revert(0x1c, 0x04)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L160
File: ulysses-amm/UlyssesRouter.sol
36: if (address(ulysses) == address(0)) revert UnrecognizedUlyssesLP();
54: if (amount < minOutput) revert OutputTooLow();
64: if (amount < minOutput) revert OutputTooLow();
86: if (amount < minOutput) revert OutputTooLow();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L36
File: ulysses-amm/UlyssesToken.sol
45: if (assetId[asset] != 0) revert AssetAlreadyAdded();
66: if (newAssetsLength == 0) revert CannotRemoveLastAsset();
89: if (_weights.length != assets.length) revert InvalidWeightsLength();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L45
File: ulysses-amm/factories/UlyssesFactory.sol
66: revert("Cannot renounce ownership");
84: if (address(asset) == address(0)) revert InvalidAsset();
97: if (length != weights.length) revert ParameterLengthError();
108: if (length != weights[i].length) revert ParameterLengthError();
148: if (destination == address(0)) revert InvalidPoolId();
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
135: revert GasErrorOrRepeatedTx();
185: if (msg.sender != rootBridgeAgentAddress) revert AnycallUnauthorizedCaller();
File: ulysses-omnichain/ArbitrumBranchPort.sol
50: if (globalToken == address(0)) revert UnknownUnderlyingToken();
63: revert UnknownToken();
68: if (underlyingAddress == address(0)) revert UnknownUnderlyingToken();
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
84: revert UnrecognizedBridgeAgentFactory();
94: revert UnrecognizedBridgeAgent();
File: ulysses-omnichain/BaseBranchRouter.sol
139: if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedBridgeAgentExecutor();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L139
File: ulysses-omnichain/BranchBridgeAgent.sol
327: if (getDeposit[_depositNonce].owner != msg.sender) revert NotDepositOwner();
453: revert DepositRedeemUnavailable();
816: ) revert InvalidInput();
1375: if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedBridgeAgentExecutor();
1387: if (msg.sender != localAnyCallExecutorAddress) revert AnycallUnauthorizedCaller();
1389: if (from != rootBridgeAgentAddress) revert AnycallUnauthorizedCaller();
1400: if (msg.sender != localRouterAddress) revert UnrecognizedCallerNotRouter();
1411: if (msg.value <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGas();
1416: if (_depositedGas <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGas();
File: ulysses-omnichain/BranchPort.sol
114: revert("Cannot renounce ownership");
159: if (_amount > _excessReserves(_token)) revert InsufficientReserves();
173: if (!isStrategyToken[_token]) revert UnrecognizedStrategyToken();
174: if (!isPortStrategy[_strategy][_token]) revert UnrecognizedPortStrategy();
332: if (_minimumReservesRatio >= DIVISIONER) revert InvalidMinimumReservesRatio();
353: if (!isStrategyToken[_token]) revert UnrecognizedStrategyToken();
398: if (msg.sender != coreBranchRouterAddress) revert UnrecognizedCore();
404: if (!isBridgeAgent[msg.sender]) revert UnrecognizedBridgeAgent();
410: if (!isBridgeAgentFactory[msg.sender]) revert UnrecognizedBridgeAgentFactory();
416: if (!isPortStrategy[msg.sender][_token]) revert UnrecognizedPortStrategy();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L114
File: ulysses-omnichain/CoreBranchRouter.sol
134: revert UnrecognizedBridgeAgentFactory();
144: revert UnrecognizedBridgeAgent();
178: if (!IPort(localPortAddress).isBridgeAgent(_branchBridgeAgent)) revert UnrecognizedBridgeAgent();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L134
File: ulysses-omnichain/CoreRootRouter.sol
91: revert UnauthorizedCallerNotManager();
95: if (!IPort(rootPortAddress).isChainId(_toChain)) revert InvalidChainId();
98: if (IBridgeAgent(_rootBridgeAgent).getBranchBridgeAgent(_toChain) != address(0)) revert InvalidChainId();
101: if (!IBridgeAgent(_rootBridgeAgent).isBranchBridgeAgentAllowed(_toChain)) revert UnauthorizedChainId();
146: if (_toChain == rootChainId) revert InvalidChainId();
149: revert UnrecognizedGlobalToken();
154: revert TokenAlreadyAdded();
190: ) revert TokenAlreadyAdded();
210: if (IPort(rootPortAddress).isLocalToken(_localAddress, _toChain)) revert TokenAlreadyAdded();
234: revert UnrecognizedBridgeAgentFactory();
386: revert();
396: revert();
407: revert();
418: revert();
428: revert();
453: if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedBridgeAgentExecutor();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L91
File: ulysses-omnichain/MulticallRootRouter.sol
172: revert();
245: revert();
255: revert();
File: ulysses-omnichain/RootBridgeAgent.sol
261: revert SettlementRedeemUnavailable();
265: revert NotSettlementOwner();
302: revert InvalidInputParams();
347: if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();
390: revert InvalidInputParams();
397: if (globalAddress == address(0)) revert InvalidInputParams();
453: if (_localAddress == address(0)) revert UnrecognizedLocalAddress();
459: if (_underlyingAddress == address(0)) revert UnrecognizedUnderlyingAddress();
461: revert InsufficientBalanceForSettlement();
647: if (!approvedGasPool[msg.sender]) revert CallerIsNotPool();
648: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
665: if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();
709: if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();
758: if (userFeeInfo.gasToBridgeOut <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGasForFees();
761: if (msg.value <= MIN_FALLBACK_RESERVE * tx.gasprice) revert InsufficientGasForFees();
778: if (callee == address(0)) revert UnrecognizedBridgeAgent();
1234: if (initialGas == 0) revert GasErrorOrRepeatedTx();
1249: if (getBranchBridgeAgent[_branchChainId] != address(0)) revert AlreadyAddedBridgeAgent();
1260: if (msg.sender != daoAddress) revert NotDao();
1290: if (msg.sender != localAnyCallExecutorAddress) revert AnycallUnauthorizedCaller();
1292: if (getBranchBridgeAgent[fromChainId] != from) revert AnycallUnauthorizedCaller();
1303: if (msg.sender != localRouterAddress) revert UnrecognizedCallerNotRouter();
1308: if (msg.sender != bridgeAgentExecutorAddress) revert UnrecognizedExecutor();
1315: revert UnrecognizedExecutor();
1322: if (msg.sender != localPortAddress) revert UnrecognizedPort();
1329: revert UnrecognizedBridgeAgentManager();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L261
File: ulysses-omnichain/RootPort.sol
166: revert("Cannot renounce ownership");
280: if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();
294: if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();
300: if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();
309: if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();
318: if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();
330: if (!isGlobalAddress[_hToken]) revert UnrecognizedToken();
367: if (isBridgeAgent[_bridgeAgent]) revert AlreadyAddedBridgeAgent();
384: revert AlreadyAddedBridgeAgent();
387: revert BridgeAgentNotAllowed();
492: if (isGlobalAddress[_ecoTokenGlobalAddress]) revert AlreadyAddedEcosystemToken();
496: ) revert AlreadyAddedEcosystemToken();
511: if (!isBridgeAgentFactory[msg.sender]) revert UnrecognizedBridgeAgentFactory();
517: if (!isBridgeAgent[msg.sender]) revert UnrecognizedBridgeAgent();
523: if (!(msg.sender == coreRootRouterAddress)) revert UnrecognizedCoreRootRouter();
529: if (!(msg.sender == localBranchPortAddress)) revert UnrecognizedLocalBranchPort();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L166
File: ulysses-omnichain/VirtualAccount.sol
50: if (!success) revert CallFailed();
71: revert UnauthorizedCaller();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L50
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
76: if (msg.sender != localCoreRouterAddress) revert UnrecognizedCoreRouter();
82: if (msg.sender != localPortAddress) revert UnrecognizedPort();
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
76: revert UnrecognizedCoreRouter();
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
58: if (msg.sender != rootPortAddress) revert UnrecognizedPort();
File: uni-v3-staker/UniswapV3Staker.sol
138: if (reward <= 0) revert IncentiveRewardMustBePositive();
144: if (address(pool) == address(0)) revert IncentiveCallerMustBeRegisteredGauge();
158: if (reward <= 0) revert IncentiveRewardMustBePositive();
162: if (startTime != key.startTime) revert IncentiveStartTimeNotAtEndOfAnEpoch();
164: if (startTime <= block.timestamp) revert IncentiveStartTimeMustBeNowOrInTheFuture();
166: revert IncentiveStartTimeTooFarIntoFuture();
170: revert IncentiveCannotBeCreatedForPoolWithNoGauge();
189: revert EndIncentiveBeforeEndTime();
198: if (refund == 0) revert EndIncentiveNoRefundAvailable();
199: if (incentive.numberOfStakes > 0) revert EndIncentiveWhileStakesArePresent();
224: if (msg.sender != address(_nonfungiblePositionManager)) revert TokenNotUniswapV3NFT();
244: if (to == address(0)) revert InvalidRecipient();
248: if (deposit.owner != msg.sender) revert NotCalledByOwner();
249: if (deposit.stakedTimestamp != 0) revert TokenStakedError();
310: if (liquidity == 0) revert TokenNotStaked();
374: if ((isNotRestake || block.timestamp < endTime) && owner != msg.sender) revert NotCalledByOwner();
411: if (liquidity == 0) revert TokenNotStaked();
467: if (deposits[tokenId].stakedTimestamp != 0) revert TokenStakedError();
483: if (incentives[incentiveId].totalRewardUnclaimed == 0) revert NonExistentIncentiveError();
485: if (uint24(tickUpper - tickLower) < poolsMinimumWidth[pool]) revert RangeTooSmallError();
486: if (liquidity == 0) revert NoLiquidityError();
492: if (tokenOwner == address(0)) revert TokenNotDeposited();
529: if (uniswapV3Gauge == address(0)) revert InvalidGauge();
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L138
File: uni-v3-staker/libraries/IncentiveTime.sol
40: if (stakedTimestamp < start) revert InvalidStartTime();
There are 16 instances of this issue:
File: erc-4626/interfaces/IERC4626MultiToken.sol
178: event AssetAdded(address asset, uint256 weight);
184: event AssetRemoved(address asset);
File: gauges/interfaces/IBaseV2GaugeManager.sol
111: event AddedGaugeFactory(address gaugeFactory);
114: event RemovedGaugeFactory(address gaugeFactory);
117: event ChangedbHermesGaugeOwner(address newOwner);
120: event ChangedAdmin(address newAdmin);
File: governance/GovernorBravoInterfaces.sol
6: event ProposalCreated(
7: uint256 id,
8: address proposer,
9: address[] targets,
10: uint256[] values,
11: string[] signatures,
12: bytes[] calldatas,
13: uint256 startBlock,
14: uint256 endBlock,
15: string description
16: );
42: event NewImplementation(address oldImplementation, address newImplementation);
48: event NewPendingAdmin(address oldPendingAdmin, address newPendingAdmin);
51: event NewAdmin(address oldAdmin, address newAdmin);
54: event WhitelistAccountExpirationSet(address account, uint256 expiration);
57: event WhitelistGuardianSet(address oldGuardian, address newGuardian);
File: ulysses-omnichain/interfaces/IRootPort.sol
315: event BridgeAgentAdded(address indexed bridgeAgent, address manager);
322: event VirtualAccountCreated(address indexed user, address account);
324: event LocalTokenAdded(
325: address indexed underlyingAddress, address localAddress, address globalAddress, uint24 chainId
326: );
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
296: event BribeDepotUpdated(IUniswapV3Pool indexed uniswapV3Pool, address bribeDepot);
Doing so will prevent typo bugs
There are 180 instances of this issue:
File: erc-20/ERC20Boost.sol
267: if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGauge();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L267
File: erc-20/ERC20Gauges.sol
411: if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGaugeError();
539: if (userGaugeWeight != 0) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L411
File: erc-20/ERC20MultiVotes.sol
169: if (count == 1) {
175: if (newDelegatee != address(0)) {
191: if (delegatee == address(0) || free < amount || amount == 0) revert DelegationError();
224: if (newDelegates == 0) {
334: if (votesToFree != 0) {
376: require(signer != address(0));
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L169
File: erc-4626/ERC4626MultiToken.sol
48: if (length != _assets.length || length == 0) revert InvalidLength();
51: require(ERC20(_assets[i]).decimals() == 18);
172: if (assetsAmounts[i] == 0) revert ZeroAssets();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L48
File: erc-4626/UlyssesERC4626.sol
27: if (ERC20(_asset).decimals() != 18) revert InvalidAssetDecimals();
40: require(shares != 0, "ZERO_SHARES");
50: require(assets != 0, "ZERO_ASSETS");
75: require(assets != 0, "ZERO_ASSETS");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L27
File: gauges/factories/BaseV2GaugeFactory.sol
110: if (address(strategyGauges[strategy]) != address(0)) revert GaugeAlreadyExists();
File: gauges/factories/BribesFactory.sol
73: if (address(flywheelTokens[bribeToken]) == address(0)) createBribeFlywheel(bribeToken);
80: if (address(flywheelTokens[bribeToken]) != address(0)) revert BribeFlywheelAlreadyExists();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L73
File: governance/GovernorBravoDelegateMaia.sol
63: require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");
65: require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");
66: require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");
112: require(initialProposalId != 0, "GovernorBravo::propose: Governor Bravo not active");
123: require(targets.length != 0, "GovernorBravo::propose: must provide actions");
127: if (latestProposalId != 0) {
146: require(newProposal.id == 0, "GovernorBravo::propose: ProposalID collsion");
310: } else if (proposal.eta == 0) {
350: require(signatory != address(0), "GovernorBravo::castVoteBySig: invalid signature");
369: if (support == 0) {
371: } else if (support == 1) {
373: } else if (support == 2) {
476: require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");
508: msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"
File: governance/GovernorBravoDelegator.sol
44: implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L44
File: hermes/UtilityManager.sol
70: if (amount == 0) return;
79: if (amount == 0) return;
88: if (amount == 0) return;
111: if (amount == 0) return;
120: if (amount == 0) return;
129: if (amount == 0) return;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L70
File: hermes/minters/BaseV2Minter.sol
126: if (block.timestamp >= _period + week && initializer == address(0)) {
145: if (dao != address(0)) underlying.safeTransfer(dao, share);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L126
File: maia/PartnerUtilityManager.sol
75: if (partnerVault != address(0) && address(gaugeWeight).balanceOf(address(this)) > 0) {
85: if (partnerVault != address(0) && address(gaugeBoost).balanceOf(address(this)) > 0) {
95: if (partnerVault != address(0) && address(governance).balanceOf(address(this)) > 0) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L75
File: maia/tokens/ERC4626PartnerManager.sol
189: if (factory.vaultIds(IBaseVault(newPartnerVault)) == 0) revert UnrecognizedVault();
192: if (oldPartnerVault != address(0)) IBaseVault(oldPartnerVault).clearAll();
206: if (newPartnerVault != address(0)) IBaseVault(newPartnerVault).applyAll();
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L189
File: rewards/base/FlywheelCore.sol
77: if (index == 0) return 0;
87: if (index == 0) return (0, 0);
97: if (accrued != 0) {
116: require(strategyIndex[strategy] == 0, "strategy");
170: if (supplyTokens != 0) {
190: if (supplierIndex == 0) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L77
File: rewards/rewards/FlywheelGaugeRewards.sol
128: if (offset == 0) {
174: if (size == 0) revert EmptyGaugesError();
210: if (queuedRewards.priorCycleRewards == 0 && (queuedRewards.cycleRewards == 0 || incompleteCycle)) {
File: talos/TalosOptimizer.sol
44: if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {
47: if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();
63: if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();
86: if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L44
File: talos/TalosStrategyStaked.sol
141: if (liquidity == 0) return; // can't unstake when liquidity is zero
174: if (liquidity == 0) return; // can't stake when liquidity is zero
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L141
File: talos/TalosStrategyVanilla.sol
105: if (liquidity == 0) return; // no fees to collect when liquidity is zero
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L105
File: talos/base/TalosBaseStrategy.sol
151: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
212: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
252: if (shares == 0) revert RedeemingZeroShares();
253: if (receiver == address(0)) revert ReceiverIsZeroAddress();
273: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
335: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
351: if (_liquidity == 0) return;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L151
File: talos/boost-aggregator/BoostAggregator.sol
125: if (rewardsDepot != address(0)) {
File: talos/factories/BoostAggregatorFactory.sol
52: if (owner == address(0)) revert InvalidOwner();
File: talos/factories/TalosBaseStrategyFactory.sol
61: if (optimizerFactory.optimizerIds(TalosOptimizer(address(optimizer))) == 0) {
File: ulysses-amm/UlyssesPool.sol
88: require(_owner != address(0));
91: require(_id != 0);
160: if (weight == 0) revert InvalidWeight();
165: if (destinationIds[address(destination)] != 0 || destinationId == id) revert InvalidPool();
167: if (destinationId == 0) revert NotUlyssesLP();
224: if (weight == 0) revert InvalidWeight();
228: if (poolIndex == 0) revert NotUlyssesLP();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L88
File: ulysses-amm/UlyssesRouter.sol
33: if (address(ulysses) == address(0)) {
36: if (address(ulysses) == address(0)) revert UnrecognizedUlyssesLP();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L33
File: ulysses-amm/UlyssesToken.sol
30: require(_id != 0);
45: if (assetId[asset] != 0) revert AssetAlreadyAdded();
46: require(ERC20(asset).decimals() == 18);
66: if (newAssetsLength == 0) revert CannotRemoveLastAsset();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L30
File: ulysses-amm/factories/UlyssesFactory.sol
61: require(_owner != address(0), "Owner cannot be 0");
84: if (address(asset) == address(0)) revert InvalidAsset();
148: if (destination == address(0)) revert InvalidPoolId();
File: ulysses-omnichain/ArbitrumBranchPort.sol
34: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
50: if (globalToken == address(0)) revert UnknownUnderlyingToken();
68: if (underlyingAddress == address(0)) revert UnknownUnderlyingToken();
File: ulysses-omnichain/BaseBranchRouter.sol
38: require(_localBridgeAgentAddress != address(0), "Bridge Agent address cannot be 0");
147: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L38
File: ulysses-omnichain/BranchBridgeAgent.sol
151: require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");
152: require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");
153: require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");
154: require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");
155: require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");
332: if (uint8(getDeposit[_depositNonce].hTokens.length) == 1) {
1367: require(_unlocked == 1);
File: ulysses-omnichain/BranchPort.sol
95: require(_owner != address(0), "Owner is zero address");
100: require(coreBranchRouterAddress == address(0), "Contract already initialized");
103: require(_coreBranchRouter != address(0), "CoreBranchRouter is zero address");
104: require(_bridgeAgentFactory != address(0), "BridgeAgentFactory is zero address");
302: require(coreBranchRouterAddress != address(0), "CoreRouter address is zero");
303: require(_newCoreRouter != address(0), "New CoreRouter address is zero");
424: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L95
File: ulysses-omnichain/CoreRootRouter.sol
98: if (IBridgeAgent(_rootBridgeAgent).getBranchBridgeAgent(_toChain) != address(0)) revert InvalidChainId();
439: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L98
File: ulysses-omnichain/MulticallRootRouter.sol
65: require(_localPortAddress != address(0), "Local Port Address cannot be 0");
66: require(_multicallAddress != address(0), "Multicall Address cannot be 0");
75: require(_bridgeAgentAddress != address(0), "Bridge Agent Address cannot be 0");
495: require(_unlocked == 1);
File: ulysses-omnichain/RootBridgeAgent.sol
210: require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");
211: require(_daoAddress != address(0), "DAO cannot be zero address");
212: require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");
213: require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");
214: require(_localPortAddress != address(0), "Port Address cannot be zero address");
215: require(_localRouterAddress != address(0), "Router Address cannot be zero address");
246: if (initialGas == 0) {
260: if (getSettlement[_depositNonce].status != SettlementStatus.Failed || depositOwner == address(0)) {
301: if (localAddress == address(0) || (underlyingAddress == address(0) && _deposit > 0)) {
347: if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();
397: if (globalAddress == address(0)) revert InvalidInputParams();
453: if (_localAddress == address(0)) revert UnrecognizedLocalAddress();
459: if (_underlyingAddress == address(0)) revert UnrecognizedUnderlyingAddress();
555: if (settlement.owner == address(0)) return false;
598: if (settlement.hTokens[i] != address(0)) {
648: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
665: if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();
709: if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();
778: if (callee == address(0)) revert UnrecognizedBridgeAgent();
1234: if (initialGas == 0) revert GasErrorOrRepeatedTx();
1249: if (getBranchBridgeAgent[_branchChainId] != address(0)) revert AlreadyAddedBridgeAgent();
1274: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L210
File: ulysses-omnichain/RootPort.sol
115: require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");
130: require(_bridgeAgentFactory != address(0), "Bridge Agent Factory cannot be 0 address.");
131: require(_coreRootRouter != address(0), "Core Root Router cannot be 0 address.");
147: require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0 address.");
148: require(_coreLocalBranchBridgeAgent != address(0), "Core Local Branch Bridge Agent cannot be 0 address.");
149: require(_localBranchPortAddress != address(0), "Local Branch Port Address cannot be 0 address.");
159: require(_owner != address(0), "Owner cannot be 0 address.");
342: if (address(account) == address(0)) account = addVirtualAccount(_user);
383: if (IBridgeAgent(_rootBridgeAgent).getBranchBridgeAgent(_branchChainId) != address(0)) {
494: getUnderlyingTokenFromLocal[_ecoTokenGlobalAddress][localChainId] != address(0)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L115
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
64: require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");
65: require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
66: require(_localAnyCallAddress != address(0), "Anycall Address cannot be 0");
67: require(_localAnyCallExecutorAddress != address(0), "Anyexec Address cannot be 0");
68: require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");
69: require(_localPortAddress != address(0), "Port Address cannot be 0");
70: require(_owner != address(0), "Owner cannot be 0");
84: require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0");
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
28: require(_localPortAddress != address(0), "Port address cannot be 0");
36: require(_coreRouter != address(0), "CoreRouter address cannot be 0");
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
34: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
41: require(_coreRouter != address(0), "CoreRouter address cannot be 0");
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
55: require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
56: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
57: require(_daoAddress != address(0), "DAO Address cannot be 0");
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
45: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
46: require(_factoryAddress != address(0), "Factory Address cannot be 0");
File: uni-v3-staker/UniswapV3Staker.sol
144: if (address(pool) == address(0)) revert IncentiveCallerMustBeRegisteredGauge();
169: if (address(gauges[key.pool]) == address(0)) {
198: if (refund == 0) revert EndIncentiveNoRefundAvailable();
244: if (to == address(0)) revert InvalidRecipient();
249: if (deposit.stakedTimestamp != 0) revert TokenStakedError();
264: if (amountRequested != 0 && amountRequested < reward) {
310: if (liquidity == 0) revert TokenNotStaked();
342: if (incentiveId.startTime != 0) _unstakeToken(incentiveId, tokenId, true);
357: if (incentiveId.startTime != 0) _unstakeToken(incentiveId, tokenId, true);
380: if (bribeAddress != address(0)) {
411: if (liquidity == 0) revert TokenNotStaked();
467: if (deposits[tokenId].stakedTimestamp != 0) revert TokenStakedError();
483: if (incentives[incentiveId].totalRewardUnclaimed == 0) revert NonExistentIncentiveError();
486: if (liquidity == 0) revert NoLiquidityError();
492: if (tokenOwner == address(0)) revert TokenNotDeposited();
529: if (uniswapV3Gauge == address(0)) revert InvalidGauge();
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L144
If functions are only allowed to be called by the special actor, modifier should be used instead of checking with require statement, if actor is the msg.sender calling the function.
There are 11 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
56: function initialize(
57: address timelock_,
58: address govToken_,
59: uint256 votingPeriod_,
60: uint256 votingDelay_,
61: uint256 proposalThreshold_
62: ) public virtual {
63: require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");
64: require(msg.sender == admin, "GovernorBravo::initialize: admin only");
65: require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");
66: require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");
67: require(
68: votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
69: "GovernorBravo::initialize: invalid voting period"
70: );
71: require(
72: votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
73: "GovernorBravo::initialize: invalid voting delay"
74: );
75: require(
76: proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
77: "GovernorBravo::initialize: invalid proposal threshold"
78: );
79:
80: timelock = TimelockInterface(timelock_);
81: govToken = GovTokenInterface(govToken_);
82: votingPeriod = votingPeriod_;
83: votingDelay = votingDelay_;
84: proposalThreshold = proposalThreshold_;
85: }
397: function _setVotingDelay(uint256 newVotingDelay) external {
398: require(msg.sender == admin, "GovernorBravo::_setVotingDelay: admin only");
399: require(
400: newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
401: "GovernorBravo::_setVotingDelay: invalid voting delay"
402: );
403: uint256 oldVotingDelay = votingDelay;
404: votingDelay = newVotingDelay;
405:
406: emit VotingDelaySet(oldVotingDelay, votingDelay);
407: }
413: function _setVotingPeriod(uint256 newVotingPeriod) external {
414: require(msg.sender == admin, "GovernorBravo::_setVotingPeriod: admin only");
415: require(
416: newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
417: "GovernorBravo::_setVotingPeriod: invalid voting period"
418: );
419: uint256 oldVotingPeriod = votingPeriod;
420: votingPeriod = newVotingPeriod;
421:
422: emit VotingPeriodSet(oldVotingPeriod, votingPeriod);
423: }
430: function _setProposalThreshold(uint256 newProposalThreshold) external {
431: require(msg.sender == admin, "GovernorBravo::_setProposalThreshold: admin only");
432: require(
433: newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
434: "GovernorBravo::_setProposalThreshold: invalid proposal threshold"
435: );
436: uint256 oldProposalThreshold = proposalThreshold;
437: proposalThreshold = newProposalThreshold;
438:
439: emit ProposalThresholdSet(oldProposalThreshold, proposalThreshold);
440: }
461: function _setWhitelistGuardian(address account) external {
462: require(msg.sender == admin, "GovernorBravo::_setWhitelistGuardian: admin only");
463: address oldGuardian = whitelistGuardian;
464: whitelistGuardian = account;
465:
466: emit WhitelistGuardianSet(oldGuardian, whitelistGuardian);
467: }
474: function _initiate(address governorAlpha) external {
475: require(msg.sender == admin, "GovernorBravo::_initiate: admin only");
476: require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");
477: proposalCount = GovernorAlpha(governorAlpha).proposalCount();
478: initialProposalId = proposalCount;
479: timelock.acceptAdmin();
480: }
487: function _setPendingAdmin(address newPendingAdmin) external {
488: // Check caller = admin
489: require(msg.sender == admin, "GovernorBravo:_setPendingAdmin: admin only");
490:
491: // Save current value, if any, for inclusion in log
492: address oldPendingAdmin = pendingAdmin;
493:
494: // Store pendingAdmin with value newPendingAdmin
495: pendingAdmin = newPendingAdmin;
496:
497: // Emit NewPendingAdmin(oldPendingAdmin, newPendingAdmin)
498: emit NewPendingAdmin(oldPendingAdmin, newPendingAdmin);
499: }
File: governance/GovernorBravoDelegator.sol
41: function _setImplementation(address implementation_) public {
42: require(msg.sender == admin, "GovernorBravoDelegator::_setImplementation: admin only");
43: require(
44: implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
45: );
46:
47: address oldImplementation = implementation;
48: implementation = implementation_;
49:
50: emit NewImplementation(oldImplementation, implementation);
51: }
File: ulysses-omnichain/MulticallRootRouter.sol
508: function _requiresExecutor() internal view {
509: require(msg.sender == bridgeAgentExecutorAddress, "Unauthorized Caller");
510: }
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
79: function createBridgeAgent(
80: address _newBranchRouterAddress,
81: address _rootBridgeAgentAddress,
82: address _rootBridgeAgentFactoryAddress
83: ) external virtual override returns (address newBridgeAgent) {
84: require(
85: msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
86: );
87: require(
88: _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
89: "Root Bridge Agent Factory Address does not match."
90: );
91:
92: newBridgeAgent = address(
93: DeployArbitrumBranchBridgeAgent.deploy(
94: wrappedNativeToken,
95: rootChainId,
96: _rootBridgeAgentAddress,
97: localAnyCallAddress,
98: localAnyCallExecutorAddress,
99: _newBranchRouterAddress,
100: localPortAddress
101: )
102: );
103:
104: IPort(localPortAddress).addBridgeAgent(newBridgeAgent);
105: }
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
113: function createBridgeAgent(
114: address _newBranchRouterAddress,
115: address _rootBridgeAgentAddress,
116: address _rootBridgeAgentFactoryAddress
117: ) external virtual returns (address newBridgeAgent) {
118: require(
119: msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
120: );
121: require(
122: _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
123: "Root Bridge Agent Factory Address does not match."
124: );
125:
126: newBridgeAgent = address(
127: DeployBranchBridgeAgent.deploy(
128: wrappedNativeToken,
129: rootChainId,
130: localChainId,
131: _rootBridgeAgentAddress,
132: localAnyCallAddress,
133: localAnyCallExecutorAddress,
134: _newBranchRouterAddress,
135: localPortAddress
136: )
137: );
138:
139: IPort(localPortAddress).addBridgeAgent(newBridgeAgent);
140: }
Using multiple require()
and if
improves code readability and makes it easier to debug.
There are 44 instances of this issue:
File: erc-20/ERC20Gauges.sol
211: if (added && _userGauges[user].length() > maxGauges && !canContractExceedMaxGauges[user]) {
464: if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L211
File: erc-20/ERC20MultiVotes.sol
105: if (canExceedMax && account.code.length == 0) revert Errors.NonContractError(); // can only approve contracts
194: if (newDelegate && delegateCount(delegator) > maxDelegates && !canContractExceedMaxDelegates[delegator]) {
250: if (pos > 0 && ckpts[pos - 1].fromBlock == block.number) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L105
File: gauges/factories/BaseV2GaugeFactory.sol
161: if (msg.sender != bribesFactory.owner() && msg.sender != owner()) {
File: governance/GovernorBravoDelegateMaia.sol
68: votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
72: votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
76: proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
120: targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,
234: if (msg.sender != proposal.proposer && msg.sender != admin) {
238: (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount())
299: proposalCount >= proposalId && proposalId > initialProposalId, "GovernorBravo::state: invalid proposal id"
400: newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
416: newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
433: newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
508: msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"
File: hermes/minters/BaseV2Minter.sol
126: if (block.timestamp >= _period + week && initializer == address(0)) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L126
File: maia/PartnerUtilityManager.sol
75: if (partnerVault != address(0) && address(gaugeWeight).balanceOf(address(this)) > 0) {
85: if (partnerVault != address(0) && address(gaugeBoost).balanceOf(address(this)) > 0) {
95: if (partnerVault != address(0) && address(governance).balanceOf(address(this)) > 0) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L75
File: rewards/rewards/FlywheelGaugeRewards.sol
210: if (queuedRewards.priorCycleRewards == 0 && (queuedRewards.cycleRewards == 0 || incompleteCycle)) {
File: talos/base/TalosBaseStrategy.sol
151: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
212: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
273: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
335: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
408: require(balance0 >= amount0 && balance1 >= amount1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L151
File: talos/libraries/PoolVariables.sol
98: if (tick < 0 && tick % tickSpacing != 0) compressed--;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98
File: ulysses-amm/factories/UlyssesFactory.sol
111: if (j != i && weights[i][j] > 0) pools[poolIds[i]].addNewBandwidth(poolIds[j], weights[i][j]);
File: ulysses-omnichain/BranchBridgeAgent.sol
474: if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();
499: if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();
521: if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();
543: if (!isRemote && gasToBridgeOut > 0) wrappedNativeToken.deposit{value: msg.value}();
File: ulysses-omnichain/RootBridgeAgent.sol
57: || (_dParams.amount > 0 && !IPort(_localPortAddress).isLocalToken(_dParams.hToken, _fromChain)) //Check local exists.
58: || (_dParams.deposit > 0 && !IPort(_localPortAddress).isUnderlyingToken(_dParams.token, _fromChain)) //Check underlying exists.
263: msg.sender != depositOwner && msg.sender != address(IPort(localPortAddress).getUserAccount(depositOwner))
301: if (localAddress == address(0) || (underlyingAddress == address(0) && _deposit > 0)) {
347: if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();
648: if (amount0 == 0 && amount1 == 0) revert AmountsAreZero();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L57
File: ulysses-omnichain/VirtualAccount.sol
70: if ((!IRootPort(localPortAddress).isRouterApproved(this, msg.sender)) && (msg.sender != userAddress)) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L70
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
75: if (msg.sender != coreRootRouterAddress && msg.sender != rootPortAddress) {
File: uni-v3-staker/UniswapV3Staker.sol
264: if (amountRequested != 0 && amountRequested < reward) {
374: if ((isNotRestake || block.timestamp < endTime) && owner != msg.sender) revert NotCalledByOwner();
402: if (hermesGaugeBoost.isUserGauge(owner, address(gauge)) && _userAttachements[owner][key.pool] == tokenId) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L264
One level of nesting can be removed by not having an else block when the if-block returns:
There are 5 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
314: } else if (block.timestamp >= add256(proposal.eta, timelock.GRACE_PERIOD())) {
315: return ProposalState.Expired;
316: } else {
317: return ProposalState.Queued;
318: }
File: ulysses-amm/UlyssesPool.sol
138: if (balance > assets) {
139: return balance - assets;
140: } else {
141: return 0;
142: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L138-L142
File: ulysses-omnichain/BranchBridgeAgent.sol
1189: } else if (flag == 0x02) {
1190: //Get deposit nonce
1191: uint32 nonce = uint32(bytes4(data[22:26]));
1192:
1193: //Check if tx has already been executed
1194: if (executionHistory[nonce]) {
1195: _forceRevert();
1196: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1197: return (true, "already executed tx");
1198: }
1199:
1200: //Try to execute remote request
1201: try BranchBridgeAgentExecutor(bridgeAgentExecutorAddress).executeWithSettlementMultiple(
1202: recipient, localRouterAddress, data
1203: ) returns (bool, bytes memory res) {
1204: (success, result) = (true, res);
1205: } catch (bytes memory reason) {
1206: result = reason;
1207: }
1208:
1209: //Update tx state as executed
1210: executionHistory[nonce] = true;
1211:
1212: //Unrecognized Function Selector
1213: } else {
1214: emit LogCallin(flag, data, rootChainId);
1215: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1216: _payExecutionGas(recipient, initialGas);
1217: return (false, "unknown selector");
1218: }
1287: } else if (flag == 0x06) {
1288: //Save nonce
1289: _depositNonce = uint32(
1290: bytes4(data[PARAMS_START_SIGNED + PARAMS_START:PARAMS_START_SIGNED + PARAMS_TKN_START + PARAMS_START])
1291: );
1292:
1293: //Make tokens available to depositor.
1294: _clearDeposit(_depositNonce);
1295:
1296: emit LogCalloutFail(flag, data, rootChainId);
1297:
1298: //Deduct gas costs from deposit and replenish this bridge agent's execution budget.
1299: _payFallbackGas(_depositNonce, initialGas);
1300:
1301: return (true, "");
1302:
1303: //Unrecognized Function Selector
1304: } else {
1305: return (false, "unknown selector");
1306: }
File: ulysses-omnichain/RootBridgeAgent.sol
1141: } else if (flag == 0x08) {
1142: //Get nonce
1143: uint32 nonce = uint32(bytes4(data[1:5]));
1144:
1145: //Check if tx has already been executed
1146: if (!executionHistory[fromChainId][uint32(bytes4(data[1:5]))]) {
1147: //Toggle Nonce as executed
1148: executionHistory[fromChainId][nonce] = true;
1149:
1150: //Retry failed fallback
1151: (success, result) = (false, "");
1152: } else {
1153: _forceRevert();
1154: //Return true to avoid triggering anyFallback in case of `_forceRevert()` failure
1155: return (true, "already executed tx");
1156: }
1157:
1158: //Unrecognized Function Selector
1159: } else {
1160: //Zero out gas after use if remote call
1161: if (initialGas > 0) {
1162: _payExecutionGas(userFeeInfo.depositedGas, userFeeInfo.gasToBridgeOut, _initialGas, fromChainId);
1163: }
1164:
1165: return (false, "unknown selector");
1166: }
Divisions which do not divide by -1 cannot overflow or overflow so such operations can be unchecked to save gas
There are 7 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
136: uint256 share = (_required * daoShare) / base;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L136
File: rewards/base/FlywheelCore.sol
201: uint256 supplierDelta = (supplierTokens * deltaIndex) / ONE;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L201
File: talos/TalosStrategyVanilla.sol
120: uint256 earnedProtocolFees0 = (collect0 * _protocolFee) / _GLOBAL_DIVISIONER;
121: uint256 earnedProtocolFees1 = (collect1 * _protocolFee) / _GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L120
File: talos/boost-aggregator/BoostAggregator.sol
119: uint256 newProtocolRewards = (pendingRewards * protocolFee) / DIVISIONER;
File: ulysses-omnichain/RootBridgeAgent.sol
677: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
720: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677
Using import declarations of the form import {<identifier_name>} from "some/file.sol"
avoids polluting the symbol namespace making flattened files smaller, and speeds up compilation
There are 2 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
4: import "./GovernorBravoInterfaces.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L4
File: governance/GovernorBravoDelegator.sol
4: import "./GovernorBravoInterfaces.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L4
There are 35 instances of this issue:
File: erc-20/ERC20Boost.sol
139: require(_userGauges[user].remove(msg.sender));
191: require(_userGauges[msg.sender].remove(gauge));
213: require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.
239: require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L139
File: erc-20/ERC20Gauges.sol
302: require(_userGauges[user].remove(gauge));
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L302
File: erc-20/ERC20MultiVotes.sol
225: require(_delegates[delegator].remove(delegatee));
339: require(_delegates[user].remove(delegatee)); // Remove from set. Should never fail.
376: require(signer != address(0));
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L225
File: erc-4626/ERC4626MultiToken.sol
51: require(ERC20(_assets[i]).decimals() == 18);
52: require(_weights[i] > 0);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L51
File: rewards/rewards/FlywheelGaugeRewards.sol
90: require(rewardToken.balanceOf(address(this)) - balanceBefore >= totalQueuedForCycle);
132: require(rewardToken.balanceOf(address(this)) - balanceBefore >= newRewards);
133: require(newRewards <= type(uint112).max); // safe cast
182: require(queuedRewards.storedCycle < currentCycle);
187: require(nextRewards <= type(uint112).max); // safe cast
File: talos/base/TalosBaseStrategy.sol
408: require(balance0 >= amount0 && balance1 >= amount1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L408
File: ulysses-amm/UlyssesPool.sol
88: require(_owner != address(0));
91: require(_id != 0);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L88
File: ulysses-amm/UlyssesToken.sol
30: require(_id != 0);
46: require(ERC20(asset).decimals() == 18);
47: require(_weight > 0);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L30
File: ulysses-omnichain/BaseBranchRouter.sol
147: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L147
File: ulysses-omnichain/BranchBridgeAgent.sol
1367: require(_unlocked == 1);
File: ulysses-omnichain/BranchPort.sol
424: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L424
File: ulysses-omnichain/CoreRootRouter.sol
386: revert();
396: revert();
407: revert();
418: revert();
428: revert();
439: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L386
File: ulysses-omnichain/MulticallRootRouter.sol
172: revert();
245: revert();
255: revert();
495: require(_unlocked == 1);
File: ulysses-omnichain/RootBridgeAgent.sol
1274: require(_unlocked == 1);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L1274
There are 6 instances of this issue:
File: erc-20/interfaces/Errors.sol
7: interface Errors {
8: /// @notice thrown when attempting to approve an EOA that must be a contract
9: error NonContractError();
10: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/Errors.sol#L7-L10
File: governance/GovernorBravoInterfaces.sol
169: interface TimelockInterface {
170: function delay() external view returns (uint256);
171: function GRACE_PERIOD() external view returns (uint256);
172: function acceptAdmin() external;
173: function queuedTransactions(bytes32 hash) external view returns (bool);
174: function queueTransaction(
175: address target,
176: uint256 value,
177: string calldata signature,
178: bytes calldata data,
179: uint256 eta
180: ) external returns (bytes32);
181: function cancelTransaction(
182: address target,
183: uint256 value,
184: string calldata signature,
185: bytes calldata data,
186: uint256 eta
187: ) external;
188: function executeTransaction(
189: address target,
190: uint256 value,
191: string calldata signature,
192: bytes calldata data,
193: uint256 eta
194: ) external payable returns (bytes memory);
195: }
197: interface GovTokenInterface {
198: function getPriorVotes(address account, uint256 blockNumber) external view returns (uint96);
199:
200: function totalSupply() external view returns (uint256);
201: }
203: interface GovernorAlpha {
204: /// @notice The total number of proposals
205: function proposalCount() external returns (uint256);
206: }
File: talos/interfaces/AutomationCompatibleInterface.sol
4: interface AutomationCompatibleInterface {
5: /**
6: * @notice method that is simulated by the keepers to see if any work actually
7: * needs to be performed. This method does does not actually need to be
8: * executable, and since it is only ever simulated it can consume lots of gas.
9: * @dev To ensure that it is never called, you may want to add the
10: * cannotExecute modifier from KeeperBase to your implementation of this
11: * method.
12: * @param checkData specified in the upkeep registration so it is always the
13: * same for a registered upkeep. This can easily be broken down into specific
14: * arguments using `abi.decode`, so multiple upkeeps can be registered on the
15: * same contract and easily differentiated by the contract.
16: * @return upkeepNeeded boolean to indicate whether the keeper should call
17: * performUpkeep or not.
18: * @return performData bytes that the keeper should call performUpkeep with, if
19: * upkeep is needed. If you would like to encode data to decode later, try
20: * `abi.encode`.
21: */
22: function checkUpkeep(bytes calldata checkData) external returns (bool upkeepNeeded, bytes memory performData);
23:
24: /**
25: * @notice method that is actually executed by the keepers, via the registry.
26: * The data returned by the checkUpkeep simulation will be passed into
27: * this method to actually be executed.
28: * @dev The input to this method should not be trusted, and the caller of the
29: * method should not even be restricted to any single registry. Anyone should
30: * be able call it, and the input should be validated, there is no guarantee
31: * that the data passed in is the performData returned from checkUpkeep. This
32: * could happen due to malicious keepers, racing keepers, or simply a state
33: * change while the performUpkeep transaction is waiting for confirmation.
34: * Always validate the data passed in.
35: * @param performData is the data which was passed back from the checkData
36: * simulation. If it is encoded, it can easily be decoded into other types by
37: * calling `abi.decode`. This data should not be trusted, and should be
38: * validated against the contract's current state.
39: */
40: function performUpkeep(bytes calldata performData) external;
41: }
File: ulysses-omnichain/interfaces/IWETH9.sol
4: interface WETH9 {
5: function withdraw(uint256 wad) external;
6:
7: function deposit() external payable;
8:
9: function balanceOf(address guy) external view returns (uint256 wad);
10:
11: function transfer(address dst, uint256 wad) external;
12: }
Adding a return statement when the function defines a named return variable is redundant.
There are 22 instances of this issue:
File: erc-20/ERC20Gauges.sol
188: function incrementGauge(address gauge, uint112 weight) external nonReentrant returns (uint112 newUserWeight) {
248: returns (uint256 newUserWeight)
273: function decrementGauge(address gauge, uint112 weight) external nonReentrant returns (uint112 newUserWeight) {
325: returns (uint112 newUserWeight)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L188
File: rewards/depots/SingleRewardsDepot.sol
32: function getRewards() external override onlyFlywheelRewards returns (uint256 balance) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L32
File: talos/TalosManager.sol
91: function checkUpkeep(bytes calldata) external view override returns (bool upkeepNeeded, bytes memory performData) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L91
File: ulysses-amm/UlyssesPool.sol
683: returns (uint256 fee)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L683
File: ulysses-amm/UlyssesToken.sol
39: function totalAssets() public view override returns (uint256 _totalAssets) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L39
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
116: returns (bool success, bytes memory result)
File: ulysses-omnichain/BaseBranchRouter.sol
105: returns (bool success, bytes memory result)
116: returns (bool success, bytes memory result)
127: returns (bool success, bytes memory result)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L105
File: ulysses-omnichain/BranchBridgeAgent.sol
1122: returns (bool success, bytes memory result)
1231: returns (bool success, bytes memory result)
File: ulysses-omnichain/CoreBranchRouter.sol
234: returns (bool success, bytes memory result)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L234
File: ulysses-omnichain/MulticallRootRouter.sol
351: ) external payable override requiresExecutor lock returns (bool success, bytes memory result) {
427: ) external payable requiresExecutor lock returns (bool success, bytes memory result) {
File: ulysses-omnichain/RootBridgeAgent.sol
864: returns (bool success, bytes memory result)
1181: returns (bool success, bytes memory result)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L864
File: uni-v3-staker/libraries/IncentiveId.sol
16: function compute(IUniswapV3Staker.IncentiveKey memory key) internal pure returns (bytes32 incentiveId) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L16
File: uni-v3-staker/libraries/IncentiveTime.sol
17: function computeStart(uint256 timestamp) internal pure returns (uint96 start) {
23: function computeEnd(uint256 timestamp) internal pure returns (uint96 end) {
There are 3 instances of this issue:
File: gauges/factories/BaseV2GaugeManager.sol
138: bHermesGaugeWeight.transferOwnership(newOwner);
139: bHermesGaugeBoost.transferOwnership(newOwner);
File: ulysses-amm/factories/UlyssesFactory.sol
124: pools[poolIds[i]].transferOwnership(owner);
There are 7 instances of this issue:
File: erc-4626/ERC4626.sol
13: abstract contract ERC4626 is ERC20, IERC4626 {
14: using SafeTransferLib for address;
15: using FixedPointMathLib for uint256;
16:
17: /*//////////////////////////////////////////////////////////////
18: IMMUTABLES
19: //////////////////////////////////////////////////////////////*/
20:
21: ERC20 public immutable asset;
22:
23: constructor(ERC20 _asset, string memory _name, string memory _symbol) ERC20(_name, _symbol, _asset.decimals()) {
24: asset = _asset;
25: }
26:
27: /*//////////////////////////////////////////////////////////////
28: DEPOSIT/WITHDRAWAL LOGIC
29: //////////////////////////////////////////////////////////////*/
30:
31: /// @inheritdoc IERC4626
32: function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {
33: // Check for rounding error since we round down in previewDeposit.
34: require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");
35:
36: // Need to transfer before minting or ERC777s could reenter.
37: address(asset).safeTransferFrom(msg.sender, address(this), assets);
38:
39: _mint(receiver, shares);
40:
41: emit Deposit(msg.sender, receiver, assets, shares);
42:
43: afterDeposit(assets, shares);
44: }
45:
46: /// @inheritdoc IERC4626
47: function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {
48: assets = previewMint(shares); // No need to check for rounding error, previewMint rounds up.
49:
50: // Need to transfer before minting or ERC777s could reenter.
51: address(asset).safeTransferFrom(msg.sender, address(this), assets);
52:
53: _mint(receiver, shares);
54:
55: emit Deposit(msg.sender, receiver, assets, shares);
56:
57: afterDeposit(assets, shares);
58: }
59:
60: /// @inheritdoc IERC4626
61: function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256 shares) {
62: shares = previewWithdraw(assets); // No need to check for rounding error, previewWithdraw rounds up.
63:
64: if (msg.sender != owner) {
65: uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
66:
67: if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
68: }
69:
70: beforeWithdraw(assets, shares);
71:
72: _burn(owner, shares);
73:
74: emit Withdraw(msg.sender, receiver, owner, assets, shares);
75:
76: address(asset).safeTransfer(receiver, assets);
77: }
78:
79: /// @inheritdoc IERC4626
80: function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256 assets) {
81: if (msg.sender != owner) {
82: uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
83:
84: if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
85: }
86:
87: // Check for rounding error since we round down in previewRedeem.
88: require((assets = previewRedeem(shares)) != 0, "ZERO_ASSETS");
89:
90: beforeWithdraw(assets, shares);
91:
92: _burn(owner, shares);
93:
94: emit Withdraw(msg.sender, receiver, owner, assets, shares);
95:
96: address(asset).safeTransfer(receiver, assets);
97: }
98:
99: /*//////////////////////////////////////////////////////////////
100: ACCOUNTING LOGIC
101: //////////////////////////////////////////////////////////////*/
102:
103: function totalAssets() public view virtual returns (uint256);
104:
105: /// @inheritdoc IERC4626
106: function convertToShares(uint256 assets) public view virtual returns (uint256) {
107: uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
108:
109: return supply == 0 ? assets : assets.mulDiv(supply, totalAssets());
110: }
111:
112: /// @inheritdoc IERC4626
113: function convertToAssets(uint256 shares) public view virtual returns (uint256) {
114: uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
115:
116: return supply == 0 ? shares : shares.mulDiv(totalAssets(), supply);
117: }
118:
119: /// @inheritdoc IERC4626
120: function previewDeposit(uint256 assets) public view virtual returns (uint256) {
121: return convertToShares(assets);
122: }
123:
124: /// @inheritdoc IERC4626
125: function previewMint(uint256 shares) public view virtual returns (uint256) {
126: uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
127:
128: return supply == 0 ? shares : shares.mulDivUp(totalAssets(), supply);
129: }
130:
131: /// @inheritdoc IERC4626
132: function previewWithdraw(uint256 assets) public view virtual returns (uint256) {
133: uint256 supply = totalSupply; // Saves an extra SLOAD if totalSupply is non-zero.
134:
135: return supply == 0 ? assets : assets.mulDivUp(supply, totalAssets());
136: }
137:
138: /// @inheritdoc IERC4626
139: function previewRedeem(uint256 shares) public view virtual returns (uint256) {
140: return convertToAssets(shares);
141: }
142:
143: /*//////////////////////////////////////////////////////////////
144: DEPOSIT/WITHDRAWAL LIMIT LOGIC
145: //////////////////////////////////////////////////////////////*/
146:
147: /// @inheritdoc IERC4626
148: function maxDeposit(address) public view virtual returns (uint256) {
149: return type(uint256).max;
150: }
151:
152: /// @inheritdoc IERC4626
153: function maxMint(address) public view virtual returns (uint256) {
154: return type(uint256).max;
155: }
156:
157: /// @inheritdoc IERC4626
158: function maxWithdraw(address owner) public view virtual returns (uint256) {
159: return convertToAssets(balanceOf[owner]);
160: }
161:
162: /// @inheritdoc IERC4626
163: function maxRedeem(address owner) public view virtual returns (uint256) {
164: return balanceOf[owner];
165: }
166:
167: /*//////////////////////////////////////////////////////////////
168: INTERNAL HOOKS LOGIC
169: //////////////////////////////////////////////////////////////*/
170:
171: function beforeWithdraw(uint256 assets, uint256 shares) internal virtual {}
172:
173: function afterDeposit(uint256 assets, uint256 shares) internal virtual {}
174: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L13-L174
File: hermes/bHermes.sol
52: contract bHermes is UtilityManager, ERC4626DepositOnly {
53: using SafeTransferLib for address;
54:
55: constructor(ERC20 _hermes, address _owner, uint32 _gaugeCycleLength, uint32 _incrementFreezeWindow)
56: UtilityManager(
57: address(new bHermesGauges(_owner, _gaugeCycleLength, _incrementFreezeWindow)),
58: address(new bHermesBoost(_owner)),
59: address(new bHermesVotes(_owner))
60: )
61: ERC4626DepositOnly(_hermes, "Burned Hermes: Gov + Yield + Boost", "bHermes")
62: {}
63:
64: /*///////////////////////////////////////////////////////////////
65: MODIFIERS
66: //////////////////////////////////////////////////////////////*/
67:
68: /// @dev Checks available weight allows for the call.
69: modifier checkWeight(uint256 amount) override {
70: if (balanceOf[msg.sender] < amount + userClaimedWeight[msg.sender]) {
71: revert InsufficientShares();
72: }
73: _;
74: }
75:
76: /// @dev Checks available boost allows for the call.
77: modifier checkBoost(uint256 amount) override {
78: if (balanceOf[msg.sender] < amount + userClaimedBoost[msg.sender]) {
79: revert InsufficientShares();
80: }
81: _;
82: }
83:
84: /// @dev Checks available governance allows for the call.
85: modifier checkGovernance(uint256 amount) override {
86: if (balanceOf[msg.sender] < amount + userClaimedGovernance[msg.sender]) {
87: revert InsufficientShares();
88: }
89: _;
90: }
91:
92: /*///////////////////////////////////////////////////////////////
93: UTILITY MANAGER LOGIC
94: //////////////////////////////////////////////////////////////*/
95:
96: function claimOutstanding() public virtual {
97: uint256 balance = balanceOf[msg.sender];
98: /// @dev Never overflows since balandeOf >= userClaimed.
99: claimWeight(balance - userClaimedWeight[msg.sender]);
100: claimBoost(balance - userClaimedBoost[msg.sender]);
101: claimGovernance(balance - userClaimedGovernance[msg.sender]);
102: }
103:
104: /*///////////////////////////////////////////////////////////////
105: ERC4626 LOGIC
106: //////////////////////////////////////////////////////////////*/
107:
108: /**
109: * @notice Computes the amounts of tokens available in the contract.
110: * @dev Front-running first deposit vulnerability is not an
111: * issue since in the initial state:
112: * total assets (~90,000,000 ether) are larger than the
113: * underlying's remaining circulating supply (~30,000,000 ether).
114: */
115: function totalAssets() public view virtual override returns (uint256) {
116: return address(asset).balanceOf(address(this));
117: }
118:
119: /*///////////////////////////////////////////////////////////////
120: ERC20 LOGIC
121: //////////////////////////////////////////////////////////////*/
122:
123: /**
124: * @notice Mint new bHermes and its underlying tokens: governance, boost and gauge tokens
125: * @param to address to mint new tokens for
126: * @param amount amounts of new tokens to mint
127: */
128: function _mint(address to, uint256 amount) internal virtual override {
129: gaugeWeight.mint(address(this), amount);
130: gaugeBoost.mint(address(this), amount);
131: governance.mint(address(this), amount);
132: super._mint(to, amount);
133: }
134:
135: /**
136: * @notice Transfer bHermes and its underlying tokens.
137: * @param to address to transfer the tokens to
138: * @param amount amounts of tokens to transfer
139: */
140: function transfer(address to, uint256 amount) public virtual override returns (bool) {
141: uint256 userBalance = balanceOf[msg.sender];
142:
143: if (
144: userBalance - userClaimedWeight[msg.sender] < amount || userBalance - userClaimedBoost[msg.sender] < amount
145: || userBalance - userClaimedGovernance[msg.sender] < amount
146: ) revert InsufficientUnderlying();
147:
148: return super.transfer(to, amount);
149: }
150:
151: /**
152: * @notice Transfer bHermes and its underlying tokens from a specific account
153: * @param from address to transfer the tokens from
154: * @param to address to transfer the tokens to
155: * @param amount amounts of tokens to transfer
156: */
157:
158: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
159: uint256 userBalance = balanceOf[from];
160:
161: if (
162: userBalance - userClaimedWeight[from] < amount || userBalance - userClaimedBoost[from] < amount
163: || userBalance - userClaimedGovernance[from] < amount
164: ) revert InsufficientUnderlying();
165:
166: return super.transferFrom(from, to, amount);
167: }
168:
169: /*///////////////////////////////////////////////////////////////
170: ERRORS
171: //////////////////////////////////////////////////////////////*/
172: /// @notice Insufficient Underlying assets in the vault for transfer.
173: error InsufficientUnderlying();
174: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L52-L174
File: hermes/tokens/HERMES.sol
47: contract HERMES is ERC20, Ownable {
48: constructor(address _owner) ERC20("Hermes", "HERMES", 18) {
49: _initializeOwner(_owner);
50: }
51:
52: /*///////////////////////////////////////////////////////////////
53: ERC20 LOGIC
54: //////////////////////////////////////////////////////////////*/
55:
56: /**
57: * @notice Responsible for minting new hermes tokens.
58: * @dev Checks if the sender is an allowed minter.
59: * @param account account to mint tokens to.
60: * @param amount amount of hermes to mint.
61: */
62: function mint(address account, uint256 amount) external onlyOwner {
63: _mint(account, amount);
64: }
65: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L47-L65
File: hermes/tokens/bHermesBoost.sol
18: contract bHermesBoost is ERC20Boost, IbHermesUnderlying {
19: /// @inheritdoc IbHermesUnderlying
20: address public immutable bHermes;
21:
22: constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {
23: _initializeOwner(_owner);
24: bHermes = msg.sender;
25: }
26:
27: /// @inheritdoc IbHermesUnderlying
28: function mint(address to, uint256 amount) external onlybHermes {
29: _mint(to, amount);
30: }
31:
32: modifier onlybHermes() {
33: if (msg.sender != bHermes) revert NotbHermes();
34: _;
35: }
36: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L18-L36
File: hermes/tokens/bHermesGauges.sol
22: contract bHermesGauges is ERC20Gauges, IbHermesUnderlying {
23: /// @inheritdoc IbHermesUnderlying
24: address public immutable bHermes;
25:
26: constructor(address _owner, uint32 _rewardsCycleLength, uint32 _incrementFreezeWindow)
27: ERC20Gauges(_rewardsCycleLength, _incrementFreezeWindow)
28: ERC20("bHermes Gauges", "bHERMES-G", 18)
29: {
30: _initializeOwner(_owner);
31: bHermes = msg.sender;
32: }
33:
34: /// @inheritdoc IbHermesUnderlying
35: function mint(address to, uint256 amount) external onlybHermes {
36: _mint(to, amount);
37: }
38:
39: modifier onlybHermes() {
40: if (msg.sender != bHermes) revert NotbHermes();
41: _;
42: }
43: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L22-L43
File: hermes/tokens/bHermesVotes.sol
16: contract bHermesVotes is ERC20MultiVotes, IbHermesUnderlying {
17: /// @inheritdoc IbHermesUnderlying
18: address public immutable bHermes;
19:
20: constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {
21: _initializeOwner(_owner);
22: bHermes = msg.sender;
23: }
24:
25: /// @inheritdoc IbHermesUnderlying
26: function mint(address to, uint256 amount) external onlybHermes {
27: _mint(to, amount);
28: }
29:
30: /**
31: * @notice Burns bHermes gauge tokens
32: * @param from account to burn tokens from
33: * @param amount amount of tokens to burn
34: */
35: function burn(address from, uint256 amount) external onlybHermes {
36: _burn(from, amount);
37: }
38:
39: modifier onlybHermes() {
40: if (msg.sender != bHermes) revert NotbHermes();
41: _;
42: }
43: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L16-L43
File: maia/vMaia.sol
26: contract vMaia is ERC4626PartnerManager {
27: using SafeTransferLib for address;
28: using FixedPointMathLib for uint256;
29:
30: /*//////////////////////////////////////////////////////////////
31: vMAIA STATE
32: //////////////////////////////////////////////////////////////*/
33:
34: uint256 private currentMonth;
35: uint256 private unstakePeriodEnd;
36:
37: /**
38: * @notice Initializes the vMaia token.
39: * @param _factory The factory that created this contract.
40: * @param _bHermesRate The rate at which bHermes can be claimed.
41: * @param _partnerAsset The asset that will be used to deposit to get vMaia.
42: * @param _name The name of the token.
43: * @param _symbol The symbol of the token.
44: * @param _bhermes The address of the bHermes token.
45: * @param _partnerVault The address of the partner vault.
46: * @param _owner The owner of the token.
47: */
48: constructor(
49: PartnerManagerFactory _factory,
50: uint256 _bHermesRate,
51: ERC20 _partnerAsset,
52: string memory _name,
53: string memory _symbol,
54: address _bhermes,
55: address _partnerVault,
56: address _owner
57: ) ERC4626PartnerManager(_factory, _bHermesRate, _partnerAsset, _name, _symbol, _bhermes, _partnerVault, _owner) {
58: // Set the current month to the current month.
59: currentMonth = DateTimeLib.getMonth(block.timestamp);
60: }
61:
62: /*///////////////////////////////////////////////////////////////
63: MODIFIERS
64: //////////////////////////////////////////////////////////////*/
65:
66: /// @dev Checks available weight allows for the call.
67: modifier checkWeight(uint256 amount) virtual override {
68: if (balanceOf[msg.sender] < amount + userClaimedWeight[msg.sender]) {
69: revert InsufficientShares();
70: }
71: _;
72: }
73:
74: /// @dev Checks available governance allows for the call.
75: modifier checkGovernance(uint256 amount) virtual override {
76: if (balanceOf[msg.sender] < amount + userClaimedGovernance[msg.sender]) {
77: revert InsufficientShares();
78: }
79: _;
80: }
81:
82: /// @dev Checks available partner governance allows for the call.
83: modifier checkPartnerGovernance(uint256 amount) virtual override {
84: if (balanceOf[msg.sender] < amount + userClaimedPartnerGovernance[msg.sender]) {
85: revert InsufficientShares();
86: }
87: _;
88: }
89:
90: /// @dev Boost can't be claimed; does not fail. It is all used by the partner vault.
91: function claimBoost(uint256 amount) public override {}
92:
93: /*//////////////////////////////////////////////////////////////
94: INTERNAL HOOKS LOGIC
95: //////////////////////////////////////////////////////////////*/
96:
97: /**
98: * @notice Function that performs the necessary verifications before a user can withdraw from their vMaia position.
99: * Checks if we're inside the unstaked period, if so then the user is able to withdraw.
100: * If we're not in the unstake period, then there will be checks to determine if this is the beginning of the month.
101: */
102: function beforeWithdraw(uint256, uint256) internal override {
103: /// @dev Check if unstake period has not ended yet, continue if it is the case.
104: if (unstakePeriodEnd >= block.timestamp) return;
105:
106: uint256 _currentMonth = DateTimeLib.getMonth(block.timestamp);
107: if (_currentMonth == currentMonth) revert UnstakePeriodNotLive();
108:
109: (bool isTuesday, uint256 _unstakePeriodStart) = DateTimeLib.isTuesday(block.timestamp);
110: if (!isTuesday) revert UnstakePeriodNotLive();
111:
112: currentMonth = _currentMonth;
113: unstakePeriodEnd = _unstakePeriodStart + 1 days;
114: }
115:
116: /*///////////////////////////////////////////////////////////////
117: ERRORS
118: //////////////////////////////////////////////////////////////*/
119:
120: /// @dev Error thrown when trying to withdraw and it is not the first Tuesday of the month.
121: error UnstakePeriodNotLive();
122: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L26-L122
There are 3 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
86: function setDao(address _dao) external onlyOwner {
87: /// @dev DAO can be set to address(0) to disable DAO rewards.
88: dao = _dao;
89: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86-L89
File: rewards/base/FlywheelCore.sol
125: function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {
126: uint256 oldRewardBalance = rewardToken.balanceOf(address(flywheelRewards));
127: if (oldRewardBalance > 0) {
128: rewardToken.safeTransferFrom(address(flywheelRewards), address(newFlywheelRewards), oldRewardBalance);
129: }
130:
131: flywheelRewards = newFlywheelRewards;
132:
133: emit FlywheelRewardsUpdate(address(newFlywheelRewards));
134: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L125-L134
File: ulysses-omnichain/BranchPort.sol
301: function setCoreRouter(address _newCoreRouter) external requiresCoreRouter {
302: require(coreBranchRouterAddress != address(0), "CoreRouter address is zero");
303: require(_newCoreRouter != address(0), "New CoreRouter address is zero");
304: coreBranchRouterAddress = _newCoreRouter;
305: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L301-L305
The normal if / else statement can be written in a shorthand way using the ternary operator. It increases readability and reduces the number of lines of code.
There are 1 instances of this issue:
File: ulysses-amm/UlyssesPool.sol
126: function getProtocolFees() public view returns (uint256) {
127: uint256 balance = asset.balanceOf(address(this));
128: uint256 assets;
129:
130: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
131: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
132:
133: assets += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
134:
135: assets += bandwidthStateList[i].bandwidth;
136: }
137:
138: if (balance > assets) {
139: return balance - assets;
140: } else {
141: return 0;
142: }
143: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L126-L143
The assert()
function when false, uses up all the remaining gas and reverts all the changes made.\n\nMeanwhile, a require()
or a custom error function when false, also reverts back all the changes made to the contract but does refund all the remaining gas fees we offered to pay.
There are 3 instances of this issue:
File: rewards/rewards/FlywheelGaugeRewards.sol
183: assert(queuedRewards.storedCycle == 0 || queuedRewards.storedCycle >= lastCycle);
215: assert(queuedRewards.storedCycle >= cycle);
File: uni-v3-staker/libraries/RewardMath.sol
65: assert(currentTime >= startTime);
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L65
The contract's interface should be imported first, followed by each of the interfaces it uses, followed by all other files. The examples below do not follow this layout.
There are 119 instances of this issue:
File: erc-20/ERC20Boost.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L5
File: erc-20/ERC20Gauges.sol
5: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L5
File: erc-20/ERC20MultiVotes.sol
6: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L6
File: erc-4626/ERC4626.sol
4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L4
File: erc-4626/ERC4626DepositOnly.sol
4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L4
File: erc-4626/ERC4626MultiToken.sol
4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L4
File: erc-4626/UlyssesERC4626.sol
4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L4
File: gauges/BaseV2Gauge.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L4
File: gauges/UniswapV3Gauge.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L4
File: gauges/factories/BaseV2GaugeFactory.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L5
File: gauges/factories/BaseV2GaugeManager.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L5
File: gauges/factories/BribesFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L4
File: gauges/factories/UniswapV3GaugeFactory.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
File: gauges/interfaces/IBaseV2Gauge.sol
4: import {FlywheelCore} from "@rewards/FlywheelCoreStrategy.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2Gauge.sol#L4
File: gauges/interfaces/IBaseV2GaugeFactory.sol
5: import {BaseV2Gauge} from "@gauges/BaseV2Gauge.sol";
File: gauges/interfaces/IBaseV2GaugeManager.sol
5: import {bHermesBoost} from "@hermes/tokens/bHermesBoost.sol";
File: gauges/interfaces/IBribesFactory.sol
4: import {FlywheelCore} from "@rewards/FlywheelCoreStrategy.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBribesFactory.sol#L4
File: gauges/interfaces/IUniswapV3GaugeFactory.sol
5: import {FlywheelGaugeRewards} from "@rewards/rewards/FlywheelGaugeRewards.sol";
File: governance/GovernorBravoDelegateMaia.sol
4: import "./GovernorBravoInterfaces.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L4
File: governance/GovernorBravoDelegator.sol
4: import "./GovernorBravoInterfaces.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L4
File: hermes/UtilityManager.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L5
File: hermes/bHermes.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L4
File: hermes/interfaces/IBaseV2Minter.sol
4: import {ERC4626} from "@ERC4626/ERC4626.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L4
File: hermes/interfaces/IUtilityManager.sol
4: import {bHermesBoost} from "../tokens/bHermesBoost.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IUtilityManager.sol#L4
File: hermes/minters/BaseV2Minter.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L4
File: hermes/tokens/HERMES.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L4
File: hermes/tokens/bHermesBoost.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L4
File: hermes/tokens/bHermesGauges.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L4
File: hermes/tokens/bHermesVotes.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L4
File: maia/PartnerUtilityManager.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L4
File: maia/factories/PartnerManagerFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L4
File: maia/interfaces/IERC4626PartnerManager.sol
4: import {bHermes} from "@hermes/bHermes.sol";
File: maia/interfaces/IPartnerManagerFactory.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
File: maia/interfaces/IPartnerUtilityManager.sol
4: import {bHermesVotes as ERC20Votes} from "@hermes/tokens/bHermesVotes.sol";
File: maia/tokens/ERC4626PartnerManager.sol
4: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L4
File: maia/tokens/Maia.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L4
File: maia/vMaia.sol
5: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L5
File: rewards/FlywheelCoreInstant.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L4
File: rewards/FlywheelCoreStrategy.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L4
File: rewards/base/BaseFlywheelRewards.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L5
File: rewards/base/FlywheelCore.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L5
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
File: rewards/depots/MultiRewardsDepot.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L4
File: rewards/depots/RewardsDepot.sol
4: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L4
File: rewards/depots/SingleRewardsDepot.sol
4: import {RewardsDepot, IRewardsDepot} from "./RewardsDepot.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L4
File: rewards/interfaces/IFlywheelAcummulatedRewards.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
File: rewards/interfaces/IFlywheelBooster.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBooster.sol#L5
File: rewards/interfaces/IFlywheelBribeRewards.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
File: rewards/interfaces/IFlywheelCore.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L5
File: rewards/interfaces/IFlywheelGaugeRewards.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
File: rewards/interfaces/IFlywheelRewards.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L5
File: rewards/rewards/FlywheelAcummulatedRewards.sol
5: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";
File: rewards/rewards/FlywheelBribeRewards.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L5
File: rewards/rewards/FlywheelGaugeRewards.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L5
File: rewards/rewards/FlywheelInstantRewards.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
File: talos/TalosManager.sol
4: import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L4
File: talos/TalosOptimizer.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L5
File: talos/TalosStrategyStaked.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L4
File: talos/TalosStrategyVanilla.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L5
File: talos/base/TalosBaseStrategy.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L5
File: talos/boost-aggregator/BoostAggregator.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: talos/factories/BoostAggregatorFactory.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
File: talos/factories/OptimizerFactory.sol
4: import {TalosOptimizer} from "../TalosOptimizer.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L4
File: talos/factories/TalosBaseStrategyFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: talos/factories/TalosStrategyStakedFactory.sol
4: import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
File: talos/factories/TalosStrategyVanillaFactory.sol
5: import {IUniswapV3Pool} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Pool.sol";
File: talos/interfaces/IBoostAggregator.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IBoostAggregator.sol#L4
File: talos/interfaces/IBoostAggregatorFactory.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
File: talos/interfaces/IOptimizerFactory.sol
4: import {TalosOptimizer} from "../TalosOptimizer.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IOptimizerFactory.sol#L4
File: talos/interfaces/ITalosBaseStrategy.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L5
File: talos/interfaces/ITalosBaseStrategyFactory.sol
4: import {INonfungiblePositionManager} from "@uniswap/v3-periphery/contracts/interfaces/INonfungiblePositionManager.sol";
File: talos/interfaces/ITalosManager.sol
4: import {ITalosBaseStrategy} from "./ITalosBaseStrategy.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosManager.sol#L4
File: talos/interfaces/ITalosStrategyStaked.sol
4: import {FlywheelCoreInstant} from "@rewards/FlywheelCoreInstant.sol";
File: talos/interfaces/ITalosStrategyStakedFactory.sol
4: import {FlywheelCoreInstant} from "@rewards/FlywheelCoreInstant.sol";
File: talos/libraries/PoolActions.sol
5: import {ERC20} from "solmate/tokens/ERC20.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L5
File: talos/libraries/PoolVariables.sol
5: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L5
File: talos/strategies/TalosStrategySimple.sol
4: import {TalosBaseStrategy} from "../base/TalosBaseStrategy.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/strategies/TalosStrategySimple.sol#L4
File: ulysses-amm/UlyssesPool.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L4
File: ulysses-amm/UlyssesRouter.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L4
File: ulysses-amm/UlyssesToken.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L4
File: ulysses-amm/factories/UlyssesFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L4
File: ulysses-amm/interfaces/IUlyssesFactory.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
File: ulysses-amm/interfaces/IUlyssesPool.sol
4: import {UlyssesPool} from "../UlyssesPool.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesPool.sol#L4
File: ulysses-amm/interfaces/IUlyssesRouter.sol
4: import {UlyssesFactory} from "../factories/UlyssesFactory.sol";
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
4: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";
File: ulysses-omnichain/ArbitrumBranchPort.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L5
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
4: import {ERC20} from "solmate/tokens/ERC20.sol";
File: ulysses-omnichain/BaseBranchRouter.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L4
File: ulysses-omnichain/BranchBridgeAgent.sol
4: import {SafeCastLib} from "solady/utils/SafeCastLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L4
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/BranchPort.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L5
File: ulysses-omnichain/CoreBranchRouter.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L4
File: ulysses-omnichain/CoreRootRouter.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L4
File: ulysses-omnichain/MulticallRootRouter.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/RootBridgeAgent.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L4
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/RootPort.sol
5: import {Ownable} from "solady/auth/Ownable.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L5
File: ulysses-omnichain/VirtualAccount.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L5
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
4: import {WETH9} from "../interfaces/IWETH9.sol";
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
4: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/interfaces/IArbitrumBranchPort.sol
5: import {IBranchPort} from "./IBranchPort.sol";
File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol
4: import {IApp} from "./IApp.sol";
File: ulysses-omnichain/interfaces/IBranchRouter.sol
4: import {
5: Deposit,
6: DepositInput,
7: DepositMultipleInput,
8: SettlementParams,
9: SettlementMultipleParams
10: } from "./IBranchBridgeAgent.sol";
File: ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol
4: import {ERC20hTokenBranch} from "../token/ERC20hTokenBranch.sol";
File: ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol
4: import {ERC20hTokenRoot} from "../token/ERC20hTokenRoot.sol";
File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol
4: import {IApp} from "./IApp.sol";
File: ulysses-omnichain/interfaces/IRootPort.sol
5: import {VirtualAccount} from "../VirtualAccount.sol";
File: ulysses-omnichain/interfaces/IRootRouter.sol
4: import {DepositParams, DepositMultipleParams} from "../interfaces/IRootBridgeAgent.sol";
File: ulysses-omnichain/interfaces/IVirtualAccount.sol
4: import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
4: import {Ownable} from "solady/auth/Ownable.sol";
File: uni-v3-staker/UniswapV3Staker.sol
5: import {SafeTransferLib} from "solady/utils/SafeTransferLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L5
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
5: import {IERC721Receiver} from "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol";
File: uni-v3-staker/libraries/IncentiveId.sol
5: import {IUniswapV3Staker} from "@v3-staker/interfaces/IUniswapV3Staker.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L5
File: uni-v3-staker/libraries/NFTPositionInfo.sol
5: import {IUniswapV3Factory} from "@uniswap/v3-core/contracts/interfaces/IUniswapV3Factory.sol";
File: uni-v3-staker/libraries/RewardMath.sol
5: import {FixedPointMathLib} from "solady/utils/FixedPointMathLib.sol";
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L5
Consider defining in only one contract so that values cannot become out of sync when only one location is updated. A cheap way to store constants in a single location is to create an internal constant
in a library
. If the variable is a local cache of another contract’s value, consider making the cache variable internal or private, which will require external users to query the contract with the source of truth, so that callers don’t get out of sync.
There are 37 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
36: uint256 public constant DIVISIONER = 1 ether;
File: ulysses-amm/UlyssesPool.sol
65: uint256 private constant DIVISIONER = 1 ether;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L65
File: talos/TalosStrategyVanilla.sol
48: uint24 private constant GLOBAL_DIVISIONER = 1e6;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L48
File: talos/libraries/PoolVariables.sol
23: uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L23
File: ulysses-omnichain/RootBridgeAgent.sol
640: uint24 private constant GLOBAL_DIVISIONER = 1e6; // for basis point (0.0001%)
100: uint8 internal constant PARAMS_START = 1;
102: uint8 internal constant PARAMS_START_SIGNED = 21;
108: uint8 internal constant PARAMS_GAS_OUT = 16;
112: uint8 internal constant PARAMS_TKN_START = 5;
114: uint8 internal constant PARAMS_AMT_OFFSET = 64;
116: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
104: uint8 internal constant PARAMS_ADDRESS_SIZE = 20;
106: uint8 internal constant PARAMS_GAS_IN = 32;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L640
File: ulysses-omnichain/BranchBridgeAgent.sol
68: uint8 internal constant PARAMS_START = 1;
70: uint8 internal constant PARAMS_START_SIGNED = 21;
72: uint8 internal constant PARAMS_ENTRY_SIZE = 32;
74: uint8 internal constant PARAMS_GAS_OUT = 16;
78: uint8 internal constant PARAMS_TKN_START = 5;
80: uint8 internal constant PARAMS_AMT_OFFSET = 64;
82: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L68
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
32: uint8 internal constant PARAMS_START = 1;
34: uint8 internal constant PARAMS_START_SIGNED = 21;
38: uint8 internal constant PARAMS_ENTRY_SIZE = 32;
44: uint8 internal constant PARAMS_GAS_OUT = 16;
48: uint8 internal constant PARAMS_TKN_START = 5;
50: uint8 internal constant PARAMS_AMT_OFFSET = 64;
52: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
40: uint8 internal constant PARAMS_ADDRESS_SIZE = 20;
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
33: uint8 internal constant PARAMS_START = 1;
35: uint8 internal constant PARAMS_START_SIGNED = 21;
41: uint8 internal constant PARAMS_ENTRY_SIZE = 32;
51: uint8 internal constant PARAMS_GAS_OUT = 16;
55: uint8 internal constant PARAMS_TKN_START = 5;
57: uint8 internal constant PARAMS_AMT_OFFSET = 64;
59: uint8 internal constant PARAMS_DEPOSIT_OFFSET = 96;
43: uint8 internal constant PARAMS_ADDRESS_SIZE = 20;
49: uint8 internal constant PARAMS_GAS_IN = 32;
There are 75 instances of this issue:
File: talos/TalosStrategyVanilla.sol
57: // @audit @return is missing
58: function
constructor(
IUniswapV3Pool _pool,
ITalosOptimizer _optimizer,
INonfungiblePositionManager _nonfungiblePositionManager,
address _strategyManager,
address _owner
) TalosStrategySimple(_pool, _optimizer, _nonfungiblePositionManager, _strategyManager, _owner)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L57-L58
File: talos/TalosStrategyStaked.sol
62: // @audit @return is missing
63: function
constructor(
IUniswapV3Pool _pool,
ITalosOptimizer _optimizer,
BoostAggregator _boostAggregator,
address _strategyManager,
FlywheelCoreInstant _flywheel,
address _owner
)
TalosStrategySimple(
_pool,
_optimizer,
_boostAggregator.nonfungiblePositionManager(),
_strategyManager,
_owner
)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L62-L63
File: talos/TalosManager.sol
65: // @audit @return is missing
66: function getRebalance(ITalosBaseStrategy position) private view returns (bool)
77: // @audit @return is missing
78: function getRerange(ITalosBaseStrategy position) private view returns (bool)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L65-L66
File: talos/factories/TalosStrategyVanillaFactory.sol
23: // @audit @return is missing
24: function
constructor(INonfungiblePositionManager _nonfungiblePositionManager, OptimizerFactory _optimizerFactory)
TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory)
File: talos/factories/TalosStrategyStakedFactory.sol
39: // @audit @return is missing
40: function
constructor(
INonfungiblePositionManager _nonfungiblePositionManager,
OptimizerFactory _optimizerFactory,
BoostAggregatorFactory _boostAggregatorFactory
) TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory)
File: maia/vMaia.sol
47: // @audit @return is missing
48: function
constructor(
PartnerManagerFactory _factory,
uint256 _bHermesRate,
ERC20 _partnerAsset,
string memory _name,
string memory _symbol,
address _bhermes,
address _partnerVault,
address _owner
) ERC4626PartnerManager(_factory, _bHermesRate, _partnerAsset, _name, _symbol, _bhermes, _partnerVault, _owner)
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L47-L48
File: maia/PartnerUtilityManager.sol
35: // @audit @return is missing
36: function
constructor(
address _gaugeWeight,
address _gaugeBoost,
address _governance,
address _partnerGovernance,
address _partnerVault
) UtilityManager(_gaugeWeight, _gaugeBoost, _governance)
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L35-L36
File: maia/tokens/ERC4626PartnerManager.sol
49: // @audit @return is missing
50: function
constructor(
PartnerManagerFactory _factory,
uint256 _bHermesRate,
ERC20 _partnerAsset,
string memory _name,
string memory _symbol,
address _bhermes,
address _partnerVault,
address _owner
)
PartnerUtilityManager(
address(bHermes(_bhermes).gaugeWeight()),
address(bHermes(_bhermes).gaugeBoost()),
address(bHermes(_bhermes).governance()),
address(new ERC20MultiVotes(_owner)),
partnerVault
)
ERC4626(
_partnerAsset,
string.concat(_name, " - Burned Hermes: Aggregated Gov + Yield + Boost"),
string.concat(_symbol, "-bHermes")
)
112: // @audit @return is missing
113: function convertToShares(uint256 assets) public view virtual override returns (uint256)
120: // @audit @return is missing
121: function convertToAssets(uint256 shares) public view virtual override returns (uint256)
128: // @audit @return is missing
129: function previewDeposit(uint256 assets) public view virtual override returns (uint256)
135: // @audit @return is missing
136: function previewMint(uint256 shares) public view virtual override returns (uint256)
142: // @audit @return is missing
143: function previewWithdraw(uint256 assets) public view virtual override returns (uint256)
150: // @audit @return is missing
151: function previewRedeem(uint256 shares) public view virtual override returns (uint256)
253: // @audit @return is missing
254: function _burn(address from, uint256 amount) internal virtual override checkTransfer(from, amount)
262: // @audit @return is missing
263: function transfer(address to, uint256 amount)
public
virtual
override
checkTransfer(msg.sender, amount)
returns (bool)
278: // @audit @return is missing
279: function transferFrom(address from, address to, uint256 amount)
public
virtual
override
checkTransfer(from, amount)
returns (bool)
File: erc-20/ERC20Gauges.sol
362: // @audit @return is missing
363: function _writeGaugeWeight(
Weight storage weight,
function(uint112, uint112) view returns (uint112) op,
uint112 delta,
uint32 cycle
) private
495: // @audit @return is missing
496: function transfer(address to, uint256 amount) public virtual override returns (bool)
507: // @audit @return is missing
508: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L362-L363
File: erc-20/ERC20MultiVotes.sol
240: // @audit @return is missing
241: function _writeCheckpoint(address delegatee, function(uint256, uint256) view returns (uint256) op, uint256 delta)
private
290: // @audit @return is missing
291: function transfer(address to, uint256 amount) public virtual override returns (bool)
302: // @audit @return is missing
303: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L240-L241
File: erc-20/ERC20Boost.sol
301: // @audit @return is missing
302: function _burn(address from, uint256 amount) internal override notAttached(from, amount)
311: // @audit @return is missing
312: function transfer(address to, uint256 amount) public override notAttached(msg.sender, amount) returns (bool)
322: // @audit @return is missing
323: function transferFrom(address from, address to, uint256 amount)
public
override
notAttached(from, amount)
returns (bool)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L301-L302
File: ulysses-amm/UlyssesPool.sol
79: // @audit @return is missing
80: function
constructor(
uint256 _id,
address _asset,
string memory _name,
string memory _symbol,
address _owner,
address _factory
) UlyssesERC4626(_asset, _name, _symbol)
344: // @audit @return is missing
345: function getBandwidthUpdateAmounts(
bool roundUp,
bool positiveTransfer,
uint256 amount,
uint256 _totalWeights,
uint256 _totalSupply
) private view returns (uint256[] memory bandwidthUpdateAmounts, uint256 length)
538: // @audit @return is missing
539: function updateBandwidth(
bool depositFees,
bool positiveTransfer,
BandwidthState storage destinationState,
uint256 difference,
uint256 _totalWeights,
uint256 _totalSupply,
uint256 _newTotalSupply
) private returns (uint256 positivefee, uint256 negativeFee)
841: // @audit @return is missing
842: function calcFee(
uint256 feeTier,
uint256 maxWidth,
uint256 upperBound,
uint256 bandwidth,
uint256 offset,
bool roundDown
) private pure returns (uint256 fee)
1199: // @audit @return is missing
1200: function beforeDeposit(uint256 assets) internal override returns (uint256 shares)
1208: // @audit @return is missing
1209: function beforeMint(uint256 shares) internal override returns (uint256 assets)
1217: // @audit @return is missing
1218: function afterRedeem(uint256 shares) internal override returns (uint256 assets)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L79-L80
File: ulysses-amm/UlyssesRouter.sol
30: // @audit @return is missing
31: function getUlyssesLP(uint256 id) private returns (UlyssesPool ulysses)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L30-L31
File: ulysses-amm/factories/UlyssesFactory.sol
24: // @audit @return is missing
25: function deployPool(
uint256 id,
address asset,
string calldata name,
string calldata symbol,
address owner,
address factory
) public returns (UlyssesPool)
File: gauges/UniswapV3Gauge.sol
32: // @audit @return is missing
33: function
constructor(
FlywheelGaugeRewards _flywheelGaugeRewards,
address _uniswapV3Staker,
address _uniswapV3Pool,
uint24 _minimumWidth,
address _owner
) BaseV2Gauge(_flywheelGaugeRewards, _uniswapV3Pool, _owner)
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L32-L33
File: gauges/factories/UniswapV3GaugeFactory.sol
49: // @audit @return is missing
50: function
constructor(
BaseV2GaugeManager _gaugeManager,
bHermesBoost _bHermesBoost,
IUniswapV3Factory _factory,
INonfungiblePositionManager _nonfungiblePositionManager,
FlywheelGaugeRewards _flywheelGaugeRewards,
BribesFactory _bribesFactory,
address _owner
) BaseV2GaugeFactory(_gaugeManager, _bHermesBoost, _bribesFactory, _owner)
File: rewards/rewards/FlywheelInstantRewards.sol
27: // @audit @return is missing
28: function
constructor(FlywheelCore _flywheel) BaseFlywheelRewards(_flywheel)
File: rewards/rewards/FlywheelBribeRewards.sol
26: // @audit @return is missing
27: function
constructor(FlywheelCore _flywheel, uint256 _rewardsCycleLength)
FlywheelAcummulatedRewards(_flywheel, _rewardsCycleLength)
File: rewards/rewards/FlywheelAcummulatedRewards.sol
32: // @audit @return is missing
33: function
constructor(FlywheelCore _flywheel, uint256 _rewardsCycleLength) BaseFlywheelRewards(_flywheel)
File: hermes/bHermes.sol
114: // @audit @return is missing
115: function totalAssets() public view virtual override returns (uint256)
139: // @audit @return is missing
140: function transfer(address to, uint256 amount) public virtual override returns (bool)
156: // @audit @return is missing
157: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool)
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L114-L115
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
349: // @audit @return is missing
350: function _bridgeInMultiple(address _recipient, bytes calldata _dParams, uint24 _fromChain)
internal
returns (DepositMultipleParams memory dParams)
File: ulysses-omnichain/MulticallRootRouter.sol
90: // @audit @return is missing
91: function _multicall(IMulticall.Call[] memory calls)
internal
returns (uint256 blockNumber, bytes[] memory returnData)
184: // @audit @return is missing
185: function anyExecute(bytes1 funcId, bytes calldata encodedData, uint24)
external
payable
override
lock
requiresExecutor
returns (bool, bytes memory)
267: // @audit @return is missing
268: function anyExecuteSigned(bytes1 funcId, bytes calldata encodedData, address userAccount, uint24)
external
payable
override
lock
requiresExecutor
returns (bool, bytes memory)
344: // @audit @return is missing
345: function anyExecuteSignedDepositSingle(
bytes1 funcId,
bytes calldata encodedData,
DepositParams calldata,
address userAccount,
uint24
) external payable override requiresExecutor lock returns (bool success, bytes memory result)
420: // @audit @return is missing
421: function anyExecuteSignedDepositMultiple(
bytes1 funcId,
bytes memory encodedData,
DepositMultipleParams calldata,
address userAccount,
uint24
) external payable requiresExecutor lock returns (bool success, bytes memory result)
File: ulysses-omnichain/BranchBridgeAgent.sol
936: // @audit @return is missing
937: function _getAndIncrementDepositNonce() internal returns (uint32)
1098: // @audit @return is missing
1099: function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount)
1108: // @audit @return is missing
1109: function _getContext() internal view returns (address from, uint256 fromChainId)
1339: // @audit @return is missing
1340: function _normalizeDecimals(uint256 _amount, uint8 _decimals) internal pure returns (uint256)
1348: // @audit @return is missing
1349: function _normalizeDecimalsMultiple(uint256[] memory _deposits, address[] memory _tokens)
internal
view
returns (uint256[] memory deposits)
File: ulysses-omnichain/BranchPort.sol
387: // @audit @return is missing
388: function _denormalizeDecimals(uint256 _amount, uint8 _decimals) internal pure returns (uint256)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L387-L388
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
148: // @audit @return is missing
149: function _gasSwapIn(bytes memory gasData) internal override returns (uint256 gasAmount)
File: ulysses-omnichain/RootBridgeAgent.sol
49: // @audit @return is missing
50: function checkParams(address _localPortAddress, DepositParams memory _dParams, uint24 _fromChain)
internal
view
returns (bool)
549: // @audit @return is missing
550: function _retrySettlement(uint32 _settlementNonce) internal returns (bool)
631: // @audit @return is missing
632: function _getAndIncrementSettlementNonce() internal returns (uint32)
658: // @audit @return is missing
659: function _gasSwapIn(uint256 _amount, uint24 _fromChain) internal returns (uint256)
702: // @audit @return is missing
703: function _gasSwapOut(uint256 _amount, uint24 _toChain) internal returns (uint256, address)
742: // @audit @return is missing
743: function _manageGasOut(uint24 _toChain) internal returns (uint128)
File: ulysses-omnichain/ArbitrumBranchPort.sol
32: // @audit @return is missing
33: function
constructor(uint24 _localChainId, address _rootPortAddress, address _owner) BranchPort(_owner)
File: ulysses-omnichain/RootPort.sol
183: // @audit @return is missing
184: function _getLocalToken(address _localAddress, uint256 _fromChain, uint24 _toChain)
internal
view
returns (address)
202: // @audit @return is missing
203: function _getUnderlyingTokenFromGlobal(address _globalAddress, uint24 _fromChain) internal view returns (address)
217: // @audit @return is missing
218: function _isGlobalToken(address _globalAddress, uint24 _fromChain) internal view returns (bool)
348: // @audit @return is missing
349: function addVirtualAccount(address _user) internal returns (VirtualAccount newAccount)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L183-L184
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
53: // @audit @return is missing
54: function createToken(string memory _name, string memory _symbol)
external
requiresCoreRouter
returns (ERC20hTokenRoot newToken)
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
112: // @audit @return is missing
113: function createBridgeAgent(
address _newBranchRouterAddress,
address _rootBridgeAgentAddress,
address _rootBridgeAgentFactoryAddress
) external virtual returns (address newBridgeAgent)
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
59: // @audit @return is missing
60: function createToken(string memory _name, string memory _symbol)
external
requiresCoreRouter
returns (ERC20hTokenBranch newToken)
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
30: // @audit @return is missing
31: function
constructor(
uint256 _rootChainId,
address _rootBridgeAgentFactoryAddress,
WETH9 _wrappedNativeToken,
address _localAnyCallAddress,
address _localAnyCallExecutorAddress,
address _localCoreBranchRouterAddress,
address _localPortAddress,
address _owner
)
BranchBridgeAgentFactory(
_rootChainId,
_rootChainId,
_rootBridgeAgentFactoryAddress,
_wrappedNativeToken,
_localAnyCallAddress,
_localAnyCallExecutorAddress,
_localCoreBranchRouterAddress,
_localPortAddress,
_owner
)
78: // @audit @return is missing
79: function createBridgeAgent(
address _newBranchRouterAddress,
address _rootBridgeAgentAddress,
address _rootBridgeAgentFactoryAddress
) external virtual override returns (address newBridgeAgent)
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
37: // @audit @return is missing
38: function
constructor(
uint256 _localChainId,
address _factoryAddress,
address _rootPortAddress,
string memory _name,
string memory _symbol
) ERC20(string(string.concat("Hermes ", _name)), string(string.concat("h-", _symbol)), 18)
71: // @audit @return is missing
72: function mint(address to, uint256 amount, uint256 chainId) external requiresPort returns (bool)
There are 35 instances of this issue:
File: talos/TalosManager.sol
65: // @audit missing @param: position
66: function getRebalance(ITalosBaseStrategy position) private view returns (bool)
77: // @audit missing @param: position
78: function getRerange(ITalosBaseStrategy position) private view returns (bool)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L65-L66
File: talos/TalosOptimizer.sol
33: // @audit missing @param: _owner
34: function
constructor(
uint32 _twapDuration,
int24 _maxTwapDeviation,
int24 _tickRangeMultiplier,
uint24 _priceImpactPercentage,
uint256 _maxTotalSupply,
address _owner
)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L33-L34
File: maia/vMaia.sol
101: // @audit missing @param: uint256
102: function beforeWithdraw(uint256, uint256) internal override
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L101-L102
File: maia/tokens/ERC4626PartnerManager.sol
135: // @audit missing @param: shares
136: function previewMint(uint256 shares) public view virtual override returns (uint256)
142: // @audit missing @param: assets
143: function previewWithdraw(uint256 assets) public view virtual override returns (uint256)
File: erc-20/ERC20Gauges.sol
362: // @audit missing @param: functionno matching args for @param: cycle, op, delta
363: function _writeGaugeWeight(
Weight storage weight,
function(uint112, uint112) view returns (uint112) op,
uint112 delta,
uint32 cycle
) private
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L362-L363
File: erc-20/ERC20MultiVotes.sol
240: // @audit missing @param: functionno matching args for @param: op, delta
241: function _writeCheckpoint(address delegatee, function(uint256, uint256) view returns (uint256) op, uint256 delta)
private
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L240-L241
File: out-of-scope/governance/GovernorBravoDelegateSeverity2.sol
345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external
File: out-of-scope/governance/GovernorBravoDelegateSeverity5.sol
345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external
File: out-of-scope/governance/GovernorBravoDelegateSeverity4.sol
345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external
File: out-of-scope/governance/GovernorBravoDelegateSeverity3.sol
345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external
File: out-of-scope/governance/GovernorBravoDelegateSeverity1.sol
345: // @audit missing @param: v, r, proposalId, support, s
346: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external
File: governance/GovernorBravoDelegateMaia.sol
343: // @audit missing @param: v, r, proposalId, support, s
344: function castVoteBySig(uint256 proposalId, uint8 support, uint8 v, bytes32 r, bytes32 s) external
File: ulysses-amm/UlyssesPool.sol
1208: // @audit missing @param: sharesno matching args for @param: assets
1209: function beforeMint(uint256 shares) internal override returns (uint256 assets)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L1208-L1209
File: ulysses-amm/factories/UlyssesFactory.sol
82: // @audit missing @param: owner
83: function _createPool(ERC20 asset, address owner) private returns (uint256 _poolId)
File: gauges/UniswapV3Gauge.sol
52: // @audit missing @param: amount
53: function distribute(uint256 amount) internal override
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L52-L53
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
324: // @audit missing @param: _recipient
325: function _bridgeIn(address _recipient, DepositParams memory _dParams, uint24 _fromChain) internal
349: // @audit missing @param: _recipient
350: function _bridgeInMultiple(address _recipient, bytes calldata _dParams, uint24 _fromChain)
internal
returns (DepositMultipleParams memory dParams)
File: ulysses-omnichain/MulticallRootRouter.sol
136: // @audit missing @param: toChain
137: function _approveMultipleAndCallOut(
address owner,
address recipient,
address[] memory outputTokens,
uint256[] memory amountsOut,
uint256[] memory depositsOut,
uint24 toChain
) internal virtual
184: // @audit missing @param: funcId, encodedData, uint24
185: function anyExecute(bytes1 funcId, bytes calldata encodedData, uint24)
external
payable
override
lock
requiresExecutor
returns (bool, bytes memory)
267: // @audit missing @param: funcId, userAccount, encodedData, uint24
268: function anyExecuteSigned(bytes1 funcId, bytes calldata encodedData, address userAccount, uint24)
external
payable
override
lock
requiresExecutor
returns (bool, bytes memory)
344: // @audit missing @param: userAccount, funcId, calldata, encodedData, uint24
345: function anyExecuteSignedDepositSingle(
bytes1 funcId,
bytes calldata encodedData,
DepositParams calldata,
address userAccount,
uint24
) external payable override requiresExecutor lock returns (bool success, bytes memory result)
420: // @audit missing @param: userAccount, funcId, calldata, encodedData, uint24
421: function anyExecuteSignedDepositMultiple(
bytes1 funcId,
bytes memory encodedData,
DepositMultipleParams calldata,
address userAccount,
uint24
) external payable requiresExecutor lock returns (bool success, bytes memory result)
File: ulysses-omnichain/BranchBridgeAgent.sol
708: // @audit missing @param: _depositor
709: function _callOutAndBridgeMultiple(
address _depositor,
bytes calldata _params,
DepositMultipleInput memory _dParams,
uint128 _gasToBridgeOut,
uint128 _remoteExecutionGas
) internal
1098: // @audit missing @param: gasData
1099: function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount)
File: ulysses-omnichain/CoreRootRouter.sol
80: // @audit missing @param: _rootBridgeAgent
81: function addBranchToBridgeAgent(
address _rootBridgeAgent,
address _branchBridgeAgentFactory,
address _newBranchRouter,
address _gasReceiver,
uint24 _toChain,
uint128 _remoteExecutionGas
) external payable
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
148: // @audit missing @param: gasData
149: function _gasSwapIn(bytes memory gasData) internal override returns (uint256 gasAmount)
155: // @audit missing @param: uint256, _recipient
156: function _payExecutionGas(address _recipient, uint256) internal override
173: // @audit missing @param: uint256, uint32
174: function _payFallbackGas(uint32, uint256) internal override
180: // @audit missing @param: uint256
181: function _replenishGas(uint256) internal override
File: ulysses-omnichain/RootBridgeAgent.sol
200: // @audit missing @param: _localAnyCallExecutorAddress
201: function
constructor(
WETH9 _wrappedNativeToken,
uint24 _localChainId,
address _daoAddress,
address _localAnyCallAddress,
address _localAnyCallExecutorAddress,
address _localPortAddress,
address _localRouterAddress
)
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
74: // @audit missing @param: uint128
75: function _receiveAddBridgeAgent(
address _newBranchRouter,
address _branchBridgeAgentFactory,
address _rootBridgeAgent,
address _rootBridgeAgentFactory,
uint128
) internal override
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
112: // @audit missing @param: _rootBridgeAgentFactoryAddress
113: function createBridgeAgent(
address _newBranchRouterAddress,
address _rootBridgeAgentAddress,
address _rootBridgeAgentFactoryAddress
) external virtual returns (address newBridgeAgent)
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
78: // @audit missing @param: _rootBridgeAgentFactoryAddress
79: function createBridgeAgent(
address _newBranchRouterAddress,
address _rootBridgeAgentAddress,
address _rootBridgeAgentFactoryAddress
) external virtual override returns (address newBridgeAgent)
Saves 5 gas per iteration.
There are 60 instances of this issue:
File: rewards/rewards/FlywheelGaugeRewards.sol
176: for (uint256 i = 0; i < size; i++) {
File: erc-20/ERC20Boost.sol
55: i++;
101: i++;
166: i++;
224: i++;
245: i++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L55
File: erc-20/ERC20Gauges.sol
117: i++;
158: i++;
266: i++;
346: i++;
548: i++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L117
File: erc-20/ERC20MultiVotes.sol
328: for (uint256 i = 0; i < size && (userFreeVotes + totalFreed) < votes; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L328
File: gauges/BaseV2Gauge.sol
118: i++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L118
File: gauges/factories/BaseV2GaugeManager.sol
68: i++;
84: i++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L68
File: gauges/factories/BaseV2GaugeFactory.sol
81: i++;
97: i++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L81
File: uni-v3-staker/UniswapV3Staker.sol
428: incentive.numberOfStakes--;
502: incentives[incentiveId].numberOfStakes++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L428
File: governance/GovernorBravoDelegateMaia.sol
142: proposalCount++;
181: for (uint256 i = 0; i < proposal.targets.length; i++) {
215: for (uint256 i = 0; i < proposal.targets.length; i++) {
251: for (uint256 i = 0; i < proposal.targets.length; i++) {
File: talos/libraries/PoolVariables.sol
98: if (tick < 0 && tick % tickSpacing != 0) compressed--;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98
File: ulysses-omnichain/RootBridgeAgent.sol
278: abi.encodePacked(bytes1(0x00), _recipient, settlementNonce++, _data, _manageGasOut(_toChain));
633: return settlementNonce++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L278
File: ulysses-omnichain/BranchBridgeAgent.sol
283: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
426: bytes1(0x07), depositNonce++, _settlementNonce, msg.value.toUint128(), _gasToBoostSettlement
719: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
938: return depositNonce++;
1354: for (uint256 i = 0; i < _deposits.length; i++) {
File: ulysses-omnichain/VirtualAccount.sol
48: for (uint256 i = 0; i < calls.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L48
File: ulysses-omnichain/BranchPort.sol
109: bridgeAgentFactoriesLenght++;
280: i++;
293: bridgeAgentsLenght++;
311: bridgeAgentFactoriesLenght++;
334: strategyTokensLenght++;
355: portStrategiesLenght++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L109
File: ulysses-omnichain/RootPort.sol
135: bridgeAgentFactoriesLenght++;
370: bridgeAgentsLenght++;
407: bridgeAgentFactories[bridgeAgentsLenght++] = _bridgeAgentFactory;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L135
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
45: hTokensLenght++;
67: hTokensLenght++;
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
67: hTokensLenght++;
File: erc-4626/ERC4626MultiToken.sol
60: i++;
72: i++;
83: i++;
174: i++;
205: i++;
219: i++;
238: i++;
254: i++;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L60
File: ulysses-amm/UlyssesToken.sol
95: for (uint256 i = 0; i < assets.length; i++) {
111: for (uint256 i = 0; i < assets.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95
File: ulysses-amm/UlyssesPool.sol
130: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
175: for (uint256 i = 1; i < index; i++) {
211: for (uint256 i = 1; i <= index; i++) {
232: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
296: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
775: * fee1 + fee2 * amount-->| /| |
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130
There are 31 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
126: if (block.timestamp >= _period + week && initializer == address(0)) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L126
File: erc-20/ERC20Boost.sol
267: if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGauge();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L267
File: erc-20/ERC20Gauges.sol
411: if (gauge == address(0) || !(newAdd || previouslyDeprecated)) revert InvalidGaugeError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L411
File: erc-20/ERC20MultiVotes.sol
191: if (delegatee == address(0) || free < amount || amount == 0) revert DelegationError();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L191
File: gauges/factories/BribesFactory.sol
73: if (address(flywheelTokens[bribeToken]) == address(0)) createBribeFlywheel(bribeToken);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L73
File: uni-v3-staker/UniswapV3Staker.sol
144: if (address(pool) == address(0)) revert IncentiveCallerMustBeRegisteredGauge();
169: if (address(gauges[key.pool]) == address(0)) {
244: if (to == address(0)) revert InvalidRecipient();
492: if (tokenOwner == address(0)) revert TokenNotDeposited();
529: if (uniswapV3Gauge == address(0)) revert InvalidGauge();
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L144
File: governance/GovernorBravoDelegateMaia.sol
63: require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");
File: talos/base/TalosBaseStrategy.sol
253: if (receiver == address(0)) revert ReceiverIsZeroAddress();
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L253
File: talos/factories/BoostAggregatorFactory.sol
52: if (owner == address(0)) revert InvalidOwner();
File: ulysses-omnichain/RootBridgeAgent.sol
260: if (getSettlement[_depositNonce].status != SettlementStatus.Failed || depositOwner == address(0)) {
301: if (localAddress == address(0) || (underlyingAddress == address(0) && _deposit > 0)) {
347: if (hTokens[i] == address(0) || (tokens[i] == address(0) && _deposits[i] > 0)) revert InvalidInputParams();
397: if (globalAddress == address(0)) revert InvalidInputParams();
453: if (_localAddress == address(0)) revert UnrecognizedLocalAddress();
459: if (_underlyingAddress == address(0)) revert UnrecognizedUnderlyingAddress();
555: if (settlement.owner == address(0)) return false;
665: if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();
709: if (gasTokenGlobalAddress == address(0) || poolAddress == address(0)) revert InvalidGasPool();
778: if (callee == address(0)) revert UnrecognizedBridgeAgent();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L260
File: ulysses-omnichain/ArbitrumBranchPort.sol
50: if (globalToken == address(0)) revert UnknownUnderlyingToken();
68: if (underlyingAddress == address(0)) revert UnknownUnderlyingToken();
File: ulysses-omnichain/BranchPort.sol
100: require(coreBranchRouterAddress == address(0), "Contract already initialized");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L100
File: ulysses-omnichain/RootPort.sol
342: if (address(account) == address(0)) account = addVirtualAccount(_user);
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L342
File: ulysses-amm/UlyssesRouter.sol
33: if (address(ulysses) == address(0)) {
36: if (address(ulysses) == address(0)) revert UnrecognizedUlyssesLP();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L33
File: ulysses-amm/factories/UlyssesFactory.sol
84: if (address(asset) == address(0)) revert InvalidAsset();
148: if (destination == address(0)) revert InvalidPoolId();
Instead of using error strings, to reduce deployment and runtime cost, you should use custom errors. This would save both deployment and runtime cost.
There are 108 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
364: require(block.timestamp <= expiry, "ERC20MultiVotes: signature expired");
375: require(nonce == nonces[signer]++, "ERC20MultiVotes: invalid nonce");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L364
File: erc-4626/ERC4626.sol
34: require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");
88: require((assets = previewRedeem(shares)) != 0, "ZERO_ASSETS");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L34
File: erc-4626/ERC4626DepositOnly.sol
34: require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L34
File: erc-4626/ERC4626MultiToken.sol
100: require((shares = previewDeposit(assetsAmounts)) != 0, "ZERO_SHARES");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L100
File: erc-4626/UlyssesERC4626.sol
40: require(shares != 0, "ZERO_SHARES");
50: require(assets != 0, "ZERO_ASSETS");
75: require(assets != 0, "ZERO_ASSETS");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L40
File: governance/GovernorBravoDelegateMaia.sol
63: require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");
64: require(msg.sender == admin, "GovernorBravo::initialize: admin only");
65: require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");
66: require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");
67: require(
68: votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
69: "GovernorBravo::initialize: invalid voting period"
70: );
71: require(
72: votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
73: "GovernorBravo::initialize: invalid voting delay"
74: );
75: require(
76: proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
77: "GovernorBravo::initialize: invalid proposal threshold"
78: );
112: require(initialProposalId != 0, "GovernorBravo::propose: Governor Bravo not active");
114: require(
115: govToken.getPriorVotes(msg.sender, sub256(block.number, 1)) > getProposalThresholdAmount()
116: || isWhitelisted(msg.sender),
117: "GovernorBravo::propose: proposer votes below proposal threshold"
118: );
119: require(
120: targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,
121: "GovernorBravo::propose: proposal function information arity mismatch"
122: );
123: require(targets.length != 0, "GovernorBravo::propose: must provide actions");
124: require(targets.length <= proposalMaxOperations, "GovernorBravo::propose: too many actions");
129: require(
130: proposersLatestProposalState != ProposalState.Active,
131: "GovernorBravo::propose: one live proposal per proposer, found an already active proposal"
132: );
133: require(
134: proposersLatestProposalState != ProposalState.Pending,
135: "GovernorBravo::propose: one live proposal per proposer, found an already pending proposal"
136: );
146: require(newProposal.id == 0, "GovernorBravo::propose: ProposalID collsion");
175: require(
176: state(proposalId) == ProposalState.Succeeded,
177: "GovernorBravo::queue: proposal can only be queued if it is succeeded"
178: );
197: require(
198: !timelock.queuedTransactions(keccak256(abi.encode(target, value, signature, data, eta))),
199: "GovernorBravo::queueOrRevertInternal: identical proposal action already queued at eta"
200: );
209: require(
210: state(proposalId) == ProposalState.Queued,
211: "GovernorBravo::execute: proposal can only be executed if it is queued"
212: );
228: require(state(proposalId) != ProposalState.Executed, "GovernorBravo::cancel: cannot cancel executed proposal");
237: require(
238: (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount())
239: && msg.sender == whitelistGuardian,
240: "GovernorBravo::cancel: whitelisted proposer"
241: );
243: require(
244: (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount()),
245: "GovernorBravo::cancel: proposer above threshold"
246: );
298: require(
299: proposalCount >= proposalId && proposalId > initialProposalId, "GovernorBravo::state: invalid proposal id"
300: );
350: require(signatory != address(0), "GovernorBravo::castVoteBySig: invalid signature");
362: require(state(proposalId) == ProposalState.Active, "GovernorBravo::castVoteInternal: voting is closed");
363: require(support <= 2, "GovernorBravo::castVoteInternal: invalid vote type");
366: require(receipt.hasVoted == false, "GovernorBravo::castVoteInternal: voter already voted");
398: require(msg.sender == admin, "GovernorBravo::_setVotingDelay: admin only");
399: require(
400: newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
401: "GovernorBravo::_setVotingDelay: invalid voting delay"
402: );
414: require(msg.sender == admin, "GovernorBravo::_setVotingPeriod: admin only");
415: require(
416: newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
417: "GovernorBravo::_setVotingPeriod: invalid voting period"
418: );
431: require(msg.sender == admin, "GovernorBravo::_setProposalThreshold: admin only");
432: require(
433: newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
434: "GovernorBravo::_setProposalThreshold: invalid proposal threshold"
435: );
448: require(
449: msg.sender == admin || msg.sender == whitelistGuardian,
450: "GovernorBravo::_setWhitelistAccountExpiration: admin only"
451: );
462: require(msg.sender == admin, "GovernorBravo::_setWhitelistGuardian: admin only");
475: require(msg.sender == admin, "GovernorBravo::_initiate: admin only");
476: require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");
489: require(msg.sender == admin, "GovernorBravo:_setPendingAdmin: admin only");
507: require(
508: msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"
509: );
527: require(c >= a, "addition overflow");
532: require(b <= a, "subtraction underflow");
File: governance/GovernorBravoDelegator.sol
42: require(msg.sender == admin, "GovernorBravoDelegator::_setImplementation: admin only");
43: require(
44: implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
45: );
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L42
File: rewards/base/FlywheelCore.sol
116: require(strategyIndex[strategy] == 0, "strategy");
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L116
File: ulysses-amm/factories/UlyssesFactory.sol
61: require(_owner != address(0), "Owner cannot be 0");
File: ulysses-omnichain/ArbitrumBranchPort.sol
34: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
File: ulysses-omnichain/BaseBranchRouter.sol
38: require(_localBridgeAgentAddress != address(0), "Bridge Agent address cannot be 0");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L38
File: ulysses-omnichain/BranchBridgeAgent.sol
151: require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");
152: require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");
153: require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");
154: require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");
155: require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");
File: ulysses-omnichain/BranchPort.sol
95: require(_owner != address(0), "Owner is zero address");
100: require(coreBranchRouterAddress == address(0), "Contract already initialized");
101: require(!isBridgeAgentFactory[_bridgeAgentFactory], "Contract already initialized");
103: require(_coreBranchRouter != address(0), "CoreBranchRouter is zero address");
104: require(_bridgeAgentFactory != address(0), "BridgeAgentFactory is zero address");
302: require(coreBranchRouterAddress != address(0), "CoreRouter address is zero");
303: require(_newCoreRouter != address(0), "New CoreRouter address is zero");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L95
File: ulysses-omnichain/MulticallRootRouter.sol
65: require(_localPortAddress != address(0), "Local Port Address cannot be 0");
66: require(_multicallAddress != address(0), "Multicall Address cannot be 0");
75: require(_bridgeAgentAddress != address(0), "Bridge Agent Address cannot be 0");
509: require(msg.sender == bridgeAgentExecutorAddress, "Unauthorized Caller");
File: ulysses-omnichain/RootBridgeAgent.sol
210: require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");
211: require(_daoAddress != address(0), "DAO cannot be zero address");
212: require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");
213: require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");
214: require(_localPortAddress != address(0), "Port Address cannot be zero address");
215: require(_localRouterAddress != address(0), "Router Address cannot be zero address");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L210
File: ulysses-omnichain/RootPort.sol
115: require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");
129: require(_setup, "Setup ended.");
130: require(_bridgeAgentFactory != address(0), "Bridge Agent Factory cannot be 0 address.");
131: require(_coreRootRouter != address(0), "Core Root Router cannot be 0 address.");
145: require(_setup, "Setup ended.");
146: require(isBridgeAgent[_coreRootBridgeAgent], "Core Bridge Agent doesn't exist.");
147: require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0 address.");
148: require(_coreLocalBranchBridgeAgent != address(0), "Core Local Branch Bridge Agent cannot be 0 address.");
149: require(_localBranchPortAddress != address(0), "Local Branch Port Address cannot be 0 address.");
159: require(_owner != address(0), "Owner cannot be 0 address.");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L115
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
84: require(
85: msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
86: );
87: require(
88: _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
89: "Root Bridge Agent Factory Address does not match."
90: );
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
64: require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");
65: require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
66: require(_localAnyCallAddress != address(0), "Anycall Address cannot be 0");
67: require(_localAnyCallExecutorAddress != address(0), "Anyexec Address cannot be 0");
68: require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");
69: require(_localPortAddress != address(0), "Port Address cannot be 0");
70: require(_owner != address(0), "Owner cannot be 0");
84: require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0");
118: require(
119: msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
120: );
121: require(
122: _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
123: "Root Bridge Agent Factory Address does not match."
124: );
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
28: require(_localPortAddress != address(0), "Port address cannot be 0");
36: require(_coreRouter != address(0), "CoreRouter address cannot be 0");
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
34: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
41: require(_coreRouter != address(0), "CoreRouter address cannot be 0");
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
55: require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
56: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
57: require(_daoAddress != address(0), "DAO Address cannot be 0");
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
45: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
46: require(_factoryAddress != address(0), "Factory Address cannot be 0");
The code should be refactored such that they no longer exist, or the block should do something useful, such as emitting an event or reverting.
There are 3 instances of this issue:
File: ulysses-omnichain/BranchBridgeAgent.sol
1419: fallback() external payable {}
File: ulysses-omnichain/CoreBranchRouter.sol
284: fallback() external payable {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L284
File: ulysses-omnichain/RootBridgeAgent.sol
1334: fallback() external payable {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L1334
Solidity does not recognize null as a value, so uint variables are initialized to zero. Setting a uint variable to zero is redundant and can waste gas.
There are 56 instances of this issue:
File: erc-20/ERC20Boost.sol
52: for (uint256 i = 0; i < num;) {
98: for (uint256 i = 0; i < num;) {
151: uint256 userBoost = 0;
156: for (uint256 i = 0; i < length;) {
207: for (uint256 i = 0; i < num && i < length;) {
236: for (uint256 i = 0; i < size;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L52
File: erc-20/ERC20Gauges.sol
114: for (uint256 i = 0; i < num;) {
155: for (uint256 i = 0; i < num;) {
259: for (uint256 i = 0; i < size;) {
338: for (uint256 i = 0; i < size;) {
536: for (uint256 i = 0; i < size && (userFreeWeight + totalFreed) < weight;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L114
File: erc-20/ERC20MultiVotes.sol
67: uint256 low = 0;
328: for (uint256 i = 0; i < size && (userFreeVotes + totalFreed) < votes; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L67
File: erc-4626/ERC4626MultiToken.sol
50: for (uint256 i = 0; i < length;) {
68: for (uint256 i = 0; i < length;) {
79: for (uint256 i = 0; i < length;) {
170: for (uint256 i = 0; i < length;) {
201: for (uint256 i = 0; i < length;) {
216: for (uint256 i = 0; i < length;) {
235: for (uint256 i = 0; i < length;) {
250: for (uint256 i = 0; i < length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L50
File: gauges/BaseV2Gauge.sol
114: for (uint256 i = 0; i < length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L114
File: gauges/factories/BaseV2GaugeFactory.sol
77: for (uint256 i = 0; i < length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L77
File: gauges/factories/BaseV2GaugeManager.sol
64: for (uint256 i = 0; i < length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L64
File: governance/GovernorBravoDelegateMaia.sol
181: for (uint256 i = 0; i < proposal.targets.length; i++) {
215: for (uint256 i = 0; i < proposal.targets.length; i++) {
251: for (uint256 i = 0; i < proposal.targets.length; i++) {
File: rewards/rewards/FlywheelGaugeRewards.sol
176: for (uint256 i = 0; i < size; i++) {
File: ulysses-amm/UlyssesRouter.sol
78: for (uint256 i = 0; i < length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L78
File: ulysses-amm/UlyssesToken.sol
95: for (uint256 i = 0; i < assets.length; i++) {
111: for (uint256 i = 0; i < assets.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95
File: ulysses-amm/factories/UlyssesFactory.sol
99: for (uint256 i = 0; i < length;) {
107: for (uint256 i = 0; i < length;) {
110: for (uint256 j = 0; j < length;) {
123: for (uint256 i = 0; i < length;) {
145: for (uint256 i = 0; i < length;) {
File: ulysses-omnichain/ArbitrumBranchPort.sol
101: for (uint256 i = 0; i < _localAddresses.length;) {
136: for (uint256 i = 0; i < _localAddresses.length;) {
File: ulysses-omnichain/BranchBridgeAgent.sol
283: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
580: for (uint256 i = 0; i < numOfAssets;) {
719: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
951: for (uint256 i = 0; i < deposit.hTokens.length;) {
1354: for (uint256 i = 0; i < _deposits.length; i++) {
File: ulysses-omnichain/BranchPort.sol
231: for (uint256 i = 0; i < _localAddresses.length;) {
267: for (uint256 i = 0; i < _localAddresses.length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L231
File: ulysses-omnichain/MulticallRootRouter.sol
146: for (uint256 i = 0; i < outputTokens.length;) {
311: for (uint256 i = 0; i < outputParams.outputTokens.length;) {
387: for (uint256 i = 0; i < outputParams.outputTokens.length;) {
463: for (uint256 i = 0; i < outputParams.outputTokens.length;) {
File: ulysses-omnichain/RootBridgeAgent.sol
342: for (uint256 i = 0; i < _globalAddresses.length;) {
408: for (uint256 i = 0; i < _dParams.hTokens.length;) {
561: for (uint256 i = 0; i < newGas.length;) {
596: for (uint256 i = 0; i < settlement.hTokens.length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L342
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
364: for (uint256 i = 0; i < uint256(uint8(numOfAssets));) {
File: ulysses-omnichain/VirtualAccount.sol
48: for (uint256 i = 0; i < calls.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L48
File: ulysses-omnichain/lib/AnycallFlags.sol
8: uint256 public constant FLAG_NONE = 0x0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/lib/AnycallFlags.sol#L8
There are 209 instances of this issue:
File: erc-20/ERC20Gauges.sol
30: gaugeCycleLength = _gaugeCycleLength;
31: incrementFreezeWindow = _incrementFreezeWindow;
457: maxGauges = newMax;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L30
File: erc-20/ERC20MultiVotes.sol
98: maxDelegates = newMax;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L98
File: erc-4626/ERC4626.sol
24: asset = _asset;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L24
File: erc-4626/ERC4626DepositOnly.sol
24: asset = _asset;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L24
File: erc-4626/ERC4626MultiToken.sol
63: totalWeights = _totalWeights;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L63
File: erc-4626/UlyssesERC4626.sol
25: asset = _asset;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L25
File: gauges/BaseV2Gauge.sol
63: flywheelGaugeRewards = _flywheelGaugeRewards;
64: rewardToken = _flywheelGaugeRewards.rewardToken();
65: hermesGaugeBoost = BaseV2GaugeFactory(msg.sender).bHermesBoostToken();
66: strategy = _strategy;
68: epoch = (block.timestamp / WEEK) * WEEK;
70: multiRewardsDepot = new MultiRewardsDepot(address(this));
87: epoch = _newEpoch;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L63
File: gauges/UniswapV3Gauge.sol
40: uniswapV3Staker = _uniswapV3Staker;
41: minimumWidth = _minimumWidth;
63: minimumWidth = _minimumWidth;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L40
File: gauges/factories/BaseV2GaugeFactory.sol
58: bribesFactory = _bribesFactory;
59: bHermesBoostToken = _bHermesBoost;
60: gaugeManager = _gaugeManager;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L58
File: gauges/factories/BaseV2GaugeManager.sol
44: admin = _admin;
46: bHermesGaugeWeight = _bHermes.gaugeWeight();
47: bHermesGaugeBoost = _bHermes.gaugeBoost();
146: admin = newAdmin;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L44
File: gauges/factories/BribesFactory.sol
57: gaugeManager = _gaugeManager;
58: flywheelGaugeWeightBooster = _flywheelGaugeWeightBooster;
59: rewardsCycleLength = _rewardsCycleLength;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L57
File: gauges/factories/UniswapV3GaugeFactory.sol
59: flywheelGaugeRewards = _flywheelGaugeRewards;
60: uniswapV3Staker = new UniswapV3Staker(
File: hermes/UtilityManager.sol
45: gaugeWeight = bHermesGauges(_gaugeWeight);
46: gaugeBoost = bHermesBoost(_gaugeBoost);
47: governance = ERC20Votes(_governance);
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L45
File: hermes/minters/BaseV2Minter.sol
59: initializer = msg.sender;
60: dao = _dao;
61: underlying = address(ERC4626(_vault).asset());
62: vault = ERC4626(_vault);
80: flywheelGaugeRewards = _flywheelGaugeRewards;
81: initializer = address(0);
82: activePeriod = (block.timestamp / week) * week;
88: dao = _dao;
128: activePeriod = _period;
165: weekly = 0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L59
File: hermes/tokens/bHermesBoost.sol
24: bHermes = msg.sender;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L24
File: hermes/tokens/bHermesGauges.sol
31: bHermes = msg.sender;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L31
File: hermes/tokens/bHermesVotes.sol
22: bHermes = msg.sender;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L22
File: maia/PartnerUtilityManager.sol
43: partnerGovernance = ERC20Votes(_partnerGovernance);
44: partnerVault = _partnerVault;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L43
File: maia/factories/PartnerManagerFactory.sol
39: bHermes = _bHermes;
File: maia/tokens/ERC4626PartnerManager.sol
75: factory = _factory;
76: bHermesRate = _bHermesRate;
77: bHermesToken = bHermes(_bhermes);
223: bHermesRate = newRate;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L75
File: maia/vMaia.sol
59: currentMonth = DateTimeLib.getMonth(block.timestamp);
112: currentMonth = _currentMonth;
113: unstakePeriodEnd = _unstakePeriodStart + 1 days;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L59
File: rewards/base/BaseFlywheelRewards.sol
32: flywheel = _flywheel;
34: rewardToken = _rewardToken;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L32
File: rewards/base/FlywheelCore.sol
47: rewardToken = _rewardToken;
48: flywheelRewards = _flywheelRewards;
49: flywheelBooster = _flywheelBooster;
131: flywheelRewards = newFlywheelRewards;
138: flywheelBooster = newBooster;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L47
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
49: bhermes = _bHermesGauges;
File: rewards/depots/SingleRewardsDepot.sol
23: asset = _asset;
24: rewardsContract = msg.sender;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L23
File: rewards/rewards/FlywheelAcummulatedRewards.sol
34: rewardsCycleLength = _rewardsCycleLength;
51: endCycle = newEndCycle;
File: rewards/rewards/FlywheelGaugeRewards.sol
55: rewardToken = _rewardToken;
57: gaugeCycleLength = _gaugeToken.gaugeCycleLength();
60: gaugeCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;
62: gaugeToken = _gaugeToken;
64: minter = _minter;
85: gaugeCycle = currentCycle;
100: nextCycleQueuedRewards = 0;
101: paginationOffset = 0;
121: nextCycle = currentCycle;
122: paginationOffset = 0;
144: gaugeCycle = currentCycle;
145: nextCycleQueuedRewards = 0;
File: rewards/rewards/FlywheelInstantRewards.sol
29: rewardsDepot = new SingleRewardsDepot(rewardToken);
File: talos/TalosManager.sol
51: strategy = ITalosBaseStrategy(_strategy);
52: ticksFromLowerRebalance = _ticksFromLowerRebalance;
53: ticksFromUpperRebalance = _ticksFromUpperRebalance;
54: ticksFromLowerRerange = _ticksFromLowerRerange;
55: ticksFromUpperRerange = _ticksFromUpperRerange;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L51
File: talos/TalosOptimizer.sol
50: twapDuration = _twapDuration;
51: maxTwapDeviation = _maxTwapDeviation;
52: tickRangeMultiplier = _tickRangeMultiplier;
53: priceImpactPercentage = _priceImpactPercentage;
54: maxTotalSupply = _maxTotalSupply;
64: maxTotalSupply = _maxTotalSupply;
70: twapDuration = _twapDuration;
76: maxTwapDeviation = _maxTwapDeviation;
81: tickRangeMultiplier = _tickRangeMultiplier;
89: priceImpactPercentage = _priceImpactPercentage;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L50
File: talos/TalosStrategyStaked.sol
79: flywheel = _flywheel;
81: boostAggregator = _boostAggregator;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L79
File: talos/base/TalosBaseStrategy.sol
87: optimizer = _optimizer;
88: nonfungiblePositionManager = _nonfungiblePositionManager;
89: strategyManager = _strategyManager;
90: pool = _pool;
91: token0 = ERC20(_pool.token0());
92: token1 = ERC20(_pool.token1());
93: tickSpacing = _pool.tickSpacing();
94: poolFee = _pool.fee();
120: tickLower = _tickLower;
121: tickUpper = _tickUpper;
154: liquidity = _liquidity;
155: tokenId = _tokenId;
362: liquidity = 0;
412: protocolFees0 = _protocolFees0 - amount0;
413: protocolFees1 = _protocolFees1 - amount1;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L87
File: talos/boost-aggregator/BoostAggregator.sol
66: uniswapV3Staker = _uniswapV3Staker;
67: hermesGaugeBoost = uniswapV3Staker.hermesGaugeBoost();
68: nonfungiblePositionManager = uniswapV3Staker.nonfungiblePositionManager();
69: hermes = _hermes;
File: talos/factories/BoostAggregatorFactory.sol
35: uniswapV3Staker = _uniswapV3Staker;
36: hermes = ERC20(_uniswapV3Staker.hermes());
File: talos/factories/TalosBaseStrategyFactory.sol
41: nonfungiblePositionManager = _nonfungiblePositionManager;
42: optimizerFactory = _optimizerFactory;
File: talos/factories/TalosStrategyStakedFactory.sol
45: boostAggregatorFactory = _boostAggregatorFactory;
47: flywheel = new FlywheelCoreInstant(
53: rewards = new FlywheelInstantRewards(flywheel);
File: ulysses-amm/UlyssesPool.sol
89: factory = UlyssesFactory(_factory);
92: id = _id;
183: totalWeights = newTotalWeights;
241: totalWeights = newTotalWeights;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L89
File: ulysses-amm/UlyssesRouter.sol
21: ulyssesFactory = _ulyssesFactory;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L21
File: ulysses-amm/UlyssesToken.sol
31: id = _id;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L31
File: ulysses-omnichain/ArbitrumBranchPort.sol
36: localChainId = _localChainId;
37: rootPortAddress = _rootPortAddress;
File: ulysses-omnichain/BaseBranchRouter.sol
39: localBridgeAgentAddress = _localBridgeAgentAddress;
40: bridgeAgentExecutorAddress = IBridgeAgent(localBridgeAgentAddress).bridgeAgentExecutorAddress();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L39
File: ulysses-omnichain/BranchBridgeAgent.sol
157: wrappedNativeToken = _wrappedNativeToken;
158: localChainId = _localChainId;
159: rootChainId = _rootChainId;
160: rootBridgeAgentAddress = _rootBridgeAgentAddress;
161: localAnyCallAddress = _localAnyCallAddress;
162: localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
163: localRouterAddress = _localRouterAddress;
164: localPortAddress = _localPortAddress;
165: bridgeAgentExecutorAddress = DeployBranchBridgeAgentExecutor.deploy();
166: depositNonce = 1;
1134: remoteCallDepositedGas = depositedGas;
File: ulysses-omnichain/BranchPort.sol
106: coreBranchRouterAddress = _coreBranchRouter;
304: coreBranchRouterAddress = _newCoreRouter;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L106
File: ulysses-omnichain/CoreBranchRouter.sol
27: localPortAddress = _localPortAddress;
28: hTokenFactoryAddress = _hTokenFactoryAddress;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L27
File: ulysses-omnichain/CoreRootRouter.sol
57: rootChainId = _rootChainId;
58: wrappedNativeToken = WETH9(_wrappedNativeToken);
59: rootPortAddress = _rootPortAddress;
65: bridgeAgentExecutorAddress = IBridgeAgent(_bridgeAgentAddress).bridgeAgentExecutorAddress();
66: hTokenFactoryAddress = _hTokenFactory;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L57
File: ulysses-omnichain/MulticallRootRouter.sol
68: localChainId = _localChainId;
69: localPortAddress = _localPortAddress;
70: multicallAddress = _multicallAddress;
78: bridgeAgentExecutorAddress = IBridgeAgent(_bridgeAgentAddress).bridgeAgentExecutorAddress();
File: ulysses-omnichain/RootBridgeAgent.sol
217: wrappedNativeToken = _wrappedNativeToken;
218: factoryAddress = msg.sender;
219: daoAddress = _daoAddress;
220: localChainId = _localChainId;
221: localAnyCallAddress = _localAnyCallAddress;
222: localPortAddress = _localPortAddress;
223: localRouterAddress = _localRouterAddress;
224: bridgeAgentExecutorAddress = DeployRootBridgeAgentExecutor.deploy(address(this));
225: localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
226: settlementNonce = 1;
227: accumulatedFees = 1; //Avoid paying 20k gas in first `payExecutionGas` making MIN_EXECUTION_OVERHEAD constant.
875: initialGas = _initialGas;
908: userFeeInfo = _userFeeInfo;
1262: accumulatedFees = 1;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L217
File: ulysses-omnichain/RootPort.sol
117: localChainId = _localChainId;
118: wrappedNativeTokenAddress = _wrappedNativeToken;
137: coreRootRouterAddress = _coreRootRouter;
151: coreRootBridgeAgentAddress = _coreRootBridgeAgent;
152: localBranchPortAddress = _localBranchPortAddress;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L117
File: ulysses-omnichain/VirtualAccount.sol
26: userAddress = _userAddress;
27: localPortAddress = _localPortAddress;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L26
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
72: localChainId = _localChainId;
73: rootChainId = _rootChainId;
74: rootBridgeAgentFactoryAddress = _rootBridgeAgentFactoryAddress;
75: wrappedNativeToken = _wrappedNativeToken;
76: localAnyCallAddress = _localAnyCallAddress;
77: localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
78: localCoreBranchRouterAddress = _localCoreBranchRouterAddress;
79: localPortAddress = _localPortAddress;
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
30: localChainId = _localChainId;
31: localPortAddress = _localPortAddress;
47: localCoreRouterAddress = _coreRouter;
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
35: localChainId = _localChainId;
36: rootPortAddress = _rootPortAddress;
42: coreRootRouterAddress = _coreRouter;
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
59: rootChainId = _rootChainId;
60: wrappedNativeToken = _wrappedNativeToken;
61: localAnyCallAddress = _localAnyCallAddress;
62: localAnyCallExecutorAddress = IAnycallProxy(localAnyCallAddress).executor();
63: rootPortAddress = _rootPortAddress;
64: daoAddress = _daoAddress;
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
47: localChainId = _localChainId;
48: factoryAddress = _factoryAddress;
49: rootPortAddress = _rootPortAddress;
File: uni-v3-staker/UniswapV3Staker.sol
123: factory = _factory;
124: nonfungiblePositionManager = _nonfungiblePositionManager;
125: maxIncentiveStartLeadTime = _maxIncentiveStartLeadTime;
126: uniswapV3GaugeFactory = _uniswapV3GaugeFactory;
127: hermesGaugeBoost = _hermesGaugeBoost;
128: minter = _minter;
129: hermes = _hermes;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L123
This saves deployment gas cost.
There are 2 instances of this issue:
File: erc-4626/UlyssesERC4626.sol
50: require(assets != 0, "ZERO_ASSETS");
75: require(assets != 0, "ZERO_ASSETS");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L50
If a function modifier such as onlyOwner
is used, the function will revert if a normal user tries to pay the function. Marking the function as payable
will lower the gas cost for legitimate callers because the compiler will not include checks for whether a payment was provided. The extra opcodes avoided are CALLVALUE
(2),DUP1
(3),ISZERO
(3),PUSH2
(3),JUMPI
(10),PUSH1
(3),DUP1
(3),REVERT
(0),JUMPDEST
(1),POP
(2), which costs an average of about 21 gas per call to the function, in addition to the extra deployment cost
There are 92 instances of this issue:
File: erc-20/ERC20Boost.sol
259: function addGauge(address gauge) external onlyOwner {
273: function removeGauge(address gauge) external onlyOwner {
285: function replaceGauge(address oldGauge, address newGauge) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L259
File: erc-20/ERC20Gauges.sol
398: function addGauge(address gauge) external onlyOwner returns (uint112) {
425: function removeGauge(address gauge) external onlyOwner {
449: function replaceGauge(address oldGauge, address newGauge) external onlyOwner {
455: function setMaxGauges(uint256 newMax) external onlyOwner {
463: function setContractExceedMaxGauges(address account, bool canExceedMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L398
File: erc-20/ERC20MultiVotes.sol
96: function setMaxDelegates(uint256 newMax) external onlyOwner {
104: function setContractExceedMaxDelegates(address account, bool canExceedMax) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L96
File: gauges/BaseV2Gauge.sol
128: function addBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {
144: function removeBribeFlywheel(FlywheelCore bribeFlywheel) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L128
File: gauges/UniswapV3Gauge.sol
62: function setMinimumWidth(uint24 _minimumWidth) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L62
File: gauges/factories/BaseV2GaugeFactory.sol
109: function createGauge(address strategy, bytes memory data) external onlyOwner {
130: function removeGauge(BaseV2Gauge gauge) external onlyOwner {
144: function addBribeToGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {
151: function removeBribeFromGauge(BaseV2Gauge gauge, address bribeToken) external onlyOwnerOrBribesFactoryOwner {
File: gauges/factories/BaseV2GaugeManager.sol
110: function addGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {
121: function removeGaugeFactory(BaseV2GaugeFactory gaugeFactory) external onlyOwner {
File: gauges/factories/UniswapV3GaugeFactory.sol
98: function setMinimumWidth(address gauge, uint24 minimumWidth) external onlyOwner {
File: hermes/minters/BaseV2Minter.sol
86: function setDao(address _dao) external onlyOwner {
92: function setDaoShare(uint256 _daoShare) external onlyOwner {
98: function setTailEmission(uint256 _tail_emission) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L86
File: hermes/tokens/HERMES.sol
62: function mint(address account, uint256 amount) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L62
File: maia/factories/PartnerManagerFactory.sol
58: function addPartner(PartnerManager newPartnerManager) external onlyOwner {
67: function addVault(IBaseVault newVault) external onlyOwner {
80: function removePartner(PartnerManager partnerManager) external onlyOwner {
89: function removeVault(IBaseVault vault) external onlyOwner {
File: maia/tokens/ERC4626PartnerManager.sol
188: function migratePartnerVault(address newPartnerVault) external onlyOwner {
216: function increaseConversionRate(uint256 newRate) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L188
File: maia/tokens/Maia.sol
55: function mint(address account, uint256 amount) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L55
File: rewards/base/FlywheelCore.sol
111: function addStrategyForRewards(ERC20 strategy) external onlyOwner {
125: function setFlywheelRewards(address newFlywheelRewards) external onlyOwner {
137: function setBooster(IFlywheelBooster newBooster) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L111
File: rewards/depots/MultiRewardsDepot.sol
47: function addAsset(address rewardsContract, address asset) external onlyOwner {
57: function removeAsset(address rewardsContract) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L47
File: talos/TalosOptimizer.sol
62: function setMaxTotalSupply(uint256 _maxTotalSupply) external onlyOwner {
68: function setTwapDuration(uint32 _twapDuration) external onlyOwner {
74: function setMaxTwapDeviation(int24 _maxTwapDeviation) external onlyOwner {
80: function setTickRange(int24 _tickRangeMultiplier) external onlyOwner {
85: function setPriceImpact(uint24 _priceImpactPercentage) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L62
File: talos/base/TalosBaseStrategy.sol
394: function collectProtocolFees(uint256 amount0, uint256 amount1) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L394
File: talos/boost-aggregator/BoostAggregator.sol
143: function addWhitelistedAddress(address user) external onlyOwner {
148: function removeWhitelistedAddress(address user) external onlyOwner {
153: function setProtocolFee(uint256 _protocolFee) external onlyOwner {
159: function withdrawProtocolFees(address to) external onlyOwner {
165: function withdrawAllGaugeBoost(address to) external onlyOwner {
172: function withdrawGaugeBoost(address to, uint256 amount) external onlyOwner {
180: function decrementGaugesBoostIndexed(uint256 boost, uint256 offset, uint256 num) external onlyOwner {
File: ulysses-amm/UlyssesPool.sol
159: function addNewBandwidth(uint256 poolId, uint8 weight) external nonReentrant onlyOwner returns (uint256 index) {
223: function setWeight(uint256 poolId, uint8 weight) external nonReentrant onlyOwner {
308: function setFees(Fees calldata _fees) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L159
File: ulysses-amm/UlyssesToken.sol
44: function addAsset(address asset, uint256 _weight) external nonReentrant onlyOwner {
60: function removeAsset(address asset) external nonReentrant onlyOwner {
88: function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L44
File: ulysses-amm/factories/UlyssesFactory.sol
65: function renounceOwnership() public payable override onlyOwner {
File: ulysses-omnichain/BaseBranchRouter.sol
37: function initialize(address _localBridgeAgentAddress) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L37
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
70: function executeNoSettlement(address _router, bytes calldata _data)
88: function executeWithSettlement(address _recipient, address _router, bytes calldata _data)
125: function executeWithSettlementMultiple(address _recipient, address _router, bytes calldata _data)
File: ulysses-omnichain/BranchPort.sol
99: function initialize(address _coreBranchRouter, address _bridgeAgentFactory) external virtual onlyOwner {
113: function renounceOwnership() public payable override onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L99
File: ulysses-omnichain/CoreRootRouter.sol
63: function initialize(address _bridgeAgentAddress, address _hTokenFactory) external onlyOwner {
227: function toggleBranchBridgeAgentFactory(
253: function removeBranchBridgeAgent(address _branchBridgeAgent, address _gasReceiver, uint24 _toChain)
275: function manageStrategyToken(
300: function managePortStrategy(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L63
File: ulysses-omnichain/MulticallRootRouter.sol
74: function initialize(address _bridgeAgentAddress) external onlyOwner {
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
78: function executeSystemRequest(address _router, bytes calldata _data, uint24 _fromChainId)
98: function executeNoDeposit(address _router, bytes calldata _data, uint24 _fromChainId)
117: function executeWithDeposit(address _router, bytes calldata _data, uint24 _fromChainId)
154: function executeWithDepositMultiple(address _router, bytes calldata _data, uint24 _fromChainId)
201: function executeSignedNoDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)
221: function executeSignedWithDeposit(address _account, address _router, bytes calldata _data, uint24 _fromChainId)
259: function executeSignedWithDepositMultiple(
308: function executeRetrySettlement(uint32 _settlementNonce)
File: ulysses-omnichain/RootPort.sol
128: function initialize(address _bridgeAgentFactory, address _coreRootRouter) external onlyOwner {
140: function initializeCore(
158: function forefeitOwnership(address _owner) external onlyOwner {
165: function renounceOwnership() public payable override onlyOwner {
399: function toggleBridgeAgent(address _bridgeAgent) external onlyOwner {
406: function addBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {
413: function toggleBridgeAgentFactory(address _bridgeAgentFactory) external onlyOwner {
420: function addNewChain(
484: function setGasPoolInfo(uint24 _chainId, GasPoolInfo calldata _gasPoolInfo) external onlyOwner {
491: function addEcosystemToken(address _ecoTokenGlobalAddress) external onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L128
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
54: function initialize(address _coreRootBridgeAgent) external override onlyOwner {
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
83: function initialize(address _coreRootBridgeAgent) external virtual onlyOwner {
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
35: function initialize(address _wrappedNativeTokenAddress, address _coreRouter) external onlyOwner {
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
40: function initialize(address _coreRouter) external onlyOwner {
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
23: function mint(address account, uint256 amount) external override onlyOwner returns (bool) {
29: function burn(uint256 value) public override onlyOwner {
State variable reads and writes are more expensive than local variable reads and writes. Therefore, it is recommended to replace state variable reads and writes within loops with local variable reads and writes.
There are 68 instances of this issue:
File: erc-20/ERC20Boost.sol
54: values[i] = _gauges.at(offset + i); // will revert if out of bounds
100: values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds
159: if (!_deprecatedGauges.contains(gauge)) {
160: uint256 gaugeBoost = getUserGaugeBoost[user][gauge].userGaugeBoost;
210: GaugeState storage gaugeState = getUserGaugeBoost[msg.sender][gauge];
212: if (_deprecatedGauges.contains(gauge) || boost >= gaugeState.userGaugeBoost) {
213: require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.
214: delete getUserGaugeBoost[msg.sender][gauge];
239: require(_userGauges[msg.sender].remove(gauge)); // Remove from set. Should never fail.
240: delete getUserGaugeBoost[msg.sender][gauge];
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L54
File: erc-20/ERC20Gauges.sol
116: values[i] = _gauges.at(offset + i); // will revert if out of bounds
157: values[i] = _userGauges[user].at(offset + i); // will revert if out of bounds
342: if (!_deprecatedGauges.contains(gauge)) globalWeightsSum += weight;
538: uint112 userGaugeWeight = getUserGaugeWeight[user][gauge];
541: if (!_deprecatedGauges.contains(gauge)) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L116
File: erc-20/ERC20MultiVotes.sol
330: uint256 delegateVotes = _delegatesVotesCount[user][delegatee];
339: require(_delegates[user].remove(delegatee)); // Remove from set. Should never fail.
340: _delegatesVotesCount[user][delegatee] = 0;
343: _delegatesVotesCount[user][delegatee] -= votesToFree;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L330
File: erc-4626/ERC4626MultiToken.sol
55: assetId[_assets[i]] = i + 1;
69: assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);
80: assets[i].safeTransfer(receiver, assetsAmounts[i]);
202: uint256 share = assetsAmounts[i].mulDiv(_totalWeights, weights[i]);
217: assetsAmounts[i] = shares.mulDiv(weights[i], _totalWeights);
236: assetsAmounts[i] = shares.mulDivUp(weights[i], _totalWeights);
251: uint256 share = assetsAmounts[i].mulDivUp(_totalWeights, weights[i]);
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L55
File: gauges/BaseV2Gauge.sol
115: if (isActive[_bribeFlywheels[i]]) _bribeFlywheels[i].accrue(ERC20(address(this)), user);
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L115
File: gauges/factories/BaseV2GaugeFactory.sol
78: if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();
94: if (activeGauges[_gauges[i]]) _gauges[i].newEpoch();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L78
File: gauges/factories/BaseV2GaugeManager.sol
65: if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();
81: if (activeGaugeFactories[_gaugeFactories[i]]) _gaugeFactories[i].newEpoch();
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L65
File: rewards/rewards/FlywheelGaugeRewards.sol
179: QueuedRewards memory queuedRewards = gaugeQueuedRewards[gauge];
189: gaugeQueuedRewards[gauge] = QueuedRewards({
File: ulysses-amm/UlyssesPool.sol
130: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
131: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
133: assets += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
135: assets += bandwidthStateList[i].bandwidth;
176: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
178: oldRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
190: uint256 oldBandwidth = bandwidthStateList[i].bandwidth;
192: bandwidthStateList[i].bandwidth = oldBandwidth.mulDivUp(oldTotalWeights, newTotalWeights).toUint248();
194: newBandwidth += oldBandwidth - bandwidthStateList[i].bandwidth;
212: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
214: newRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
232: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
233: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
235: oldRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
253: for (uint256 i = 1; i < bandwidthStateList.length;) {
255: uint256 oldBandwidth = bandwidthStateList[i].bandwidth;
257: bandwidthStateList[i].bandwidth =
260: leftOverBandwidth += oldBandwidth - bandwidthStateList[i].bandwidth;
278: for (uint256 i = 1; i < bandwidthStateList.length;) {
280: if (i == bandwidthStateList.length - 1) {
281: bandwidthStateList[i].bandwidth += leftOverBandwidth.toUint248();
283: bandwidthStateList[i].bandwidth +=
284: leftOverBandwidth.mulDiv(bandwidthStateList[i].weight, weightsWithoutPool).toUint248();
296: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
297: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
299: newRebalancingFee += _calculateRebalancingFee(bandwidthStateList[i].bandwidth, targetBandwidth, false);
921: updateBandwidth(true, true, bandwidthStateList[i], updateAmount, _totalWeights, _totalSupply, 0);
973: depositFees, true, bandwidthStateList[i], updateAmount, _totalWeights, _totalSupply, _newTotalSupply
1058: false, false, bandwidthStateList[i], updateAmount, _totalWeights, _totalSupply, _newTotalSupply
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130
File: ulysses-amm/factories/UlyssesFactory.sol
111: if (j != i && weights[i][j] > 0) pools[poolIds[i]].addNewBandwidth(poolIds[j], weights[i][j]);
124: pools[poolIds[i]].transferOwnership(owner);
146: address destination = address(pools[poolIds[i]]);
File: ulysses-omnichain/ArbitrumBranchPort.sol
102: IRootPort(rootPortAddress).bridgeToLocalBranchFromRoot(_recipient, _localAddresses[i], _amounts[i]);
145: IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(
File: ulysses-omnichain/MulticallRootRouter.sol
148: ERC20hTokenRoot(outputTokens[i]).approve(bridgeAgentAddress, amountsOut[i]);
Avoids a Gsset (20000 gas) in the constructor, and replaces each Gwarmacces (100 gas) with a PUSH32
(3 gas).
There are 18 instances of this issue:
File: erc-4626/ERC4626MultiToken.sol
42: assets = _assets;
43: weights = _weights;
63: totalWeights = _totalWeights;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L42
File: gauges/BaseV2Gauge.sol
66: strategy = _strategy;
70: multiRewardsDepot = new MultiRewardsDepot(address(this));
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L66
File: maia/PartnerUtilityManager.sol
44: partnerVault = _partnerVault;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L44
File: ulysses-amm/UlyssesRouter.sol
21: ulyssesFactory = _ulyssesFactory;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L21
File: ulysses-omnichain/ArbitrumBranchPort.sol
36: localChainId = _localChainId;
37: rootPortAddress = _rootPortAddress;
File: ulysses-omnichain/BranchBridgeAgent.sol
165: bridgeAgentExecutorAddress = DeployBranchBridgeAgentExecutor.deploy();
166: depositNonce = 1;
File: ulysses-omnichain/CoreBranchRouter.sol
27: localPortAddress = _localPortAddress;
28: hTokenFactoryAddress = _hTokenFactoryAddress;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L27
File: ulysses-omnichain/RootBridgeAgent.sol
226: settlementNonce = 1;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L226
File: ulysses-omnichain/VirtualAccount.sol
27: localPortAddress = _localPortAddress;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L27
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
47: localChainId = _localChainId;
48: factoryAddress = _factoryAddress;
49: rootPortAddress = _rootPortAddress;
if (<x> == true)
=> if (<x>)
, if (<x> == false)
=> if (!<x>)
.
There are 1 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
366: require(receipt.hasVoted == false, "GovernorBravo::castVoteInternal: voter already voted");
When fetching data from a storage location, assigning the data to a memory
variable causes all fields of the struct/array to be read from storage, which incurs a Gcoldsload (2100 gas) for each field of the struct/array. If the fields are read from the new memory variable, they incur an additional MLOAD
rather than a cheap stack read. Instead of declearing the variable with the memory
keyword, declaring the variable with the storage
keyword and caching any fields that need to be re-read in stack variables, will be much cheaper, only incuring the Gcoldsload for the fields actually read. The only time it makes sense to read the whole struct/array into a memory
variable, is if the full struct/array is being returned by the function, is being passed to a function that requires memory
, or if the array/struct is being read from another memory
array/struct
There are 8 instances of this issue:
File: erc-20/ERC20Boost.sol
153: address[] memory gaugeList = _userGauges[user].values();
204: address[] memory gaugeList = _userGauges[msg.sender].values();
232: address[] memory gaugeList = _userGauges[msg.sender].values();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L153
File: erc-20/ERC20Gauges.sol
532: address[] memory gaugeList = _userGauges[user].values();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L532
File: erc-20/ERC20MultiVotes.sol
324: address[] memory delegateList = _delegates[user].values();
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L324
File: rewards/rewards/FlywheelGaugeRewards.sol
179: QueuedRewards memory queuedRewards = gaugeQueuedRewards[gauge];
204: QueuedRewards memory queuedRewards = gaugeQueuedRewards[ERC20(msg.sender)];
File: ulysses-omnichain/RootBridgeAgent.sol
552: Settlement memory settlement = getSettlement[_settlementNonce];
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L552
If you are not modifying the function parameters, consider using calldata instead of memory. This will save gas.
There are 22 instances of this issue:
File: erc-4626/ERC4626MultiToken.sol
66: function receiveAssets(uint256[] memory assetsAmounts) private {
67: uint256 length = assetsAmounts.length;
68: for (uint256 i = 0; i < length;) {
69: assets[i].safeTransferFrom(msg.sender, address(this), assetsAmounts[i]);
70:
71: unchecked {
72: i++;
73: }
74: }
75: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L66-L75
File: gauges/factories/BaseV2GaugeFactory.sol
109: function createGauge(address strategy, bytes memory data) external onlyOwner {
110: if (address(strategyGauges[strategy]) != address(0)) revert GaugeAlreadyExists();
111:
112: BaseV2Gauge gauge = newGauge(strategy, data);
113: strategyGauges[strategy] = gauge;
114:
115: uint256 id = gauges.length;
116: gauges.push(gauge);
117: gaugeIds[gauge] = id;
118: activeGauges[gauge] = true;
119:
120: gaugeManager.addGauge(address(gauge));
121:
122: afterCreateGauge(strategy, data);
123: }
File: gauges/factories/UniswapV3GaugeFactory.sol
76: function newGauge(address strategy, bytes memory data) internal override returns (BaseV2Gauge) {
77: uint24 minimumWidth = abi.decode(data, (uint24));
78: return new UniswapV3Gauge(
79: flywheelGaugeRewards,
80: address(uniswapV3Staker),
81: strategy,
82: minimumWidth,
83: address(this)
84: );
85: }
File: governance/GovernorBravoDelegator.sol
59: function delegateTo(address callee, bytes memory data) internal {
60: (bool success, bytes memory returnData) = callee.delegatecall(data);
61: assembly {
62: if eq(success, 0) { revert(add(returnData, 0x20), returndatasize()) }
63: }
64: }
File: talos/factories/TalosBaseStrategyFactory.sol
55: function createTalosBaseStrategy(
56: IUniswapV3Pool pool,
57: ITalosOptimizer optimizer,
58: address strategyManager,
59: bytes memory data
60: ) external {
61: if (optimizerFactory.optimizerIds(TalosOptimizer(address(optimizer))) == 0) {
62: revert UnrecognizedOptimizer();
63: }
64:
65: TalosBaseStrategy strategy = createTalosV3Strategy(pool, optimizer, strategyManager, data);
66:
67: strategyIds[strategy] = strategies.length;
68: strategies.push(strategy);
69: }
File: talos/factories/TalosStrategyStakedFactory.sol
62: function createTalosV3Strategy(
63: IUniswapV3Pool pool,
64: ITalosOptimizer optimizer,
65: address strategyManager,
66: bytes memory data
67: ) internal override returns (TalosBaseStrategy strategy) {
68: BoostAggregator boostAggregator = abi.decode(data, (BoostAggregator));
69: if (boostAggregator.nonfungiblePositionManager() != nonfungiblePositionManager) {
70: revert InvalidNFTManager();
71: }
72:
73: strategy =
74: DeployStaked.createTalosV3Strategy(pool, optimizer, boostAggregator, strategyManager, flywheel, owner());
75:
76: flywheel.addStrategyForRewards(strategy);
77: }
File: ulysses-amm/UlyssesToken.sol
88: function setWeights(uint256[] memory _weights) external nonReentrant onlyOwner {
89: if (_weights.length != assets.length) revert InvalidWeightsLength();
90:
91: weights = _weights;
92:
93: uint256 newTotalWeights;
94:
95: for (uint256 i = 0; i < assets.length; i++) {
96: newTotalWeights += _weights[i];
97:
98: emit AssetRemoved(assets[i]);
99: emit AssetAdded(assets[i], _weights[i]);
100: }
101:
102: totalWeights = newTotalWeights;
103:
104: updateAssetBalances();
105: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L88-L105
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
142: function _performCall(bytes memory _callData) internal override {
143: IRootBridgeAgent(rootBridgeAgentAddress).anyExecute(_callData);
144: }
File: ulysses-omnichain/ArbitrumBranchPort.sol
96: function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
97: external
98: override(IBranchPort, BranchPort)
99: requiresBridgeAgent
100: {
101: for (uint256 i = 0; i < _localAddresses.length;) {
102: IRootPort(rootPortAddress).bridgeToLocalBranchFromRoot(_recipient, _localAddresses[i], _amounts[i]);
103:
104: unchecked {
105: ++i;
106: }
107: }
108: }
129: function bridgeOutMultiple(
130: address _depositor,
131: address[] memory _localAddresses,
132: address[] memory _underlyingAddresses,
133: uint256[] memory _amounts,
134: uint256[] memory _deposits
135: ) external override(IBranchPort, BranchPort) requiresBridgeAgent {
136: for (uint256 i = 0; i < _localAddresses.length;) {
137: if (_deposits[i] > 0) {
138: _underlyingAddresses[i].safeTransferFrom(
139: _depositor,
140: address(this),
141: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
142: );
143: }
144: if (_amounts[i] - _deposits[i] > 0) {
145: IRootPort(rootPortAddress).bridgeToRootFromLocalBranch(
146: _depositor, _localAddresses[i], _amounts[i] - _deposits[i]
147: );
148: }
149:
150: unchecked {
151: ++i;
152: }
153: }
154: }
File: ulysses-omnichain/BranchBridgeAgent.sol
441: function _sendRetrieveOrRetry(bytes memory _data) internal {
442: //Deposit Gas for call.
443: _createGasDeposit(msg.sender, msg.value.toUint128());
444:
445: //Perform Call
446: _performCall(_data);
447: }
1006: function _performCall(bytes memory _calldata) internal virtual {
1007: //Sends message to AnycallProxy
1008: IAnycallProxy(localAnyCallAddress).anyCall(
1009: rootBridgeAgentAddress, _calldata, rootChainId, AnycallFlags.FLAG_ALLOW_FALLBACK, ""
1010: );
1011: }
1099: function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount) {
1100: //Cast to uint256
1101: gasAmount = uint256(uint128(bytes16(gasData)));
1102: //Move Gas hTokens from Branch to Root / Mint Sufficient hTokens to match new port deposit
1103: IPort(localPortAddress).withdraw(address(this), address(wrappedNativeToken), gasAmount);
1104: }
1349: function _normalizeDecimalsMultiple(uint256[] memory _deposits, address[] memory _tokens)
1350: internal
1351: view
1352: returns (uint256[] memory deposits)
1353: {
1354: for (uint256 i = 0; i < _deposits.length; i++) {
1355: deposits[i] = _normalizeDecimals(_deposits[i], ERC20(_tokens[i]).decimals());
1356: }
1357: }
File: ulysses-omnichain/BranchPort.sol
226: function bridgeInMultiple(address _recipient, address[] memory _localAddresses, uint256[] memory _amounts)
227: external
228: virtual
229: requiresBridgeAgent
230: {
231: for (uint256 i = 0; i < _localAddresses.length;) {
232: ERC20hTokenBranch(_localAddresses[i]).mint(_recipient, _amounts[i]);
233:
234: unchecked {
235: ++i;
236: }
237: }
238: }
260: function bridgeOutMultiple(
261: address _depositor,
262: address[] memory _localAddresses,
263: address[] memory _underlyingAddresses,
264: uint256[] memory _amounts,
265: uint256[] memory _deposits
266: ) external virtual requiresBridgeAgent {
267: for (uint256 i = 0; i < _localAddresses.length;) {
268: if (_deposits[i] > 0) {
269: _underlyingAddresses[i].safeTransferFrom(
270: _depositor,
271: address(this),
272: _denormalizeDecimals(_deposits[i], ERC20(_underlyingAddresses[i]).decimals())
273: );
274: }
275: if (_amounts[i] - _deposits[i] > 0) {
276: _localAddresses[i].safeTransferFrom(_depositor, address(this), _amounts[i] - _deposits[i]);
277: ERC20hTokenBranch(_localAddresses[i]).burn(_amounts[i] - _deposits[i]);
278: }
279: unchecked {
280: i++;
281: }
282: }
283: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L226-L238
File: ulysses-omnichain/MulticallRootRouter.sol
91: function _multicall(IMulticall.Call[] memory calls)
92: internal
93: returns (uint256 blockNumber, bytes[] memory returnData)
94: {
95: //Call desired functions
96: (blockNumber, returnData) = IMulticall(multicallAddress).aggregate(calls);
97: }
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
60: function createToken(string memory _name, string memory _symbol)
61: external
62: requiresCoreRouter
63: returns (ERC20hTokenBranch newToken)
64: {
65: newToken = new ERC20hTokenBranch(_name, _symbol, localPortAddress);
66: hTokens.push(newToken);
67: hTokensLenght++;
68: }
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
54: function createToken(string memory _name, string memory _symbol)
55: external
56: requiresCoreRouter
57: returns (ERC20hTokenRoot newToken)
58: {
59: newToken = new ERC20hTokenRoot(
60: localChainId,
61: address(this),
62: rootPortAddress,
63: _name,
64: _symbol
65: );
66: hTokens.push(newToken);
67: hTokensLenght++;
68: }
File: uni-v3-staker/UniswapV3Staker.sol
187: function endIncentive(IncentiveKey memory key) external returns (uint256 refund) {
188: if (block.timestamp < IncentiveTime.getEnd(key.startTime)) {
189: revert EndIncentiveBeforeEndTime();
190: }
191:
192: bytes32 incentiveId = IncentiveId.compute(key);
193:
194: Incentive storage incentive = incentives[incentiveId];
195:
196: refund = incentive.totalRewardUnclaimed;
197:
198: if (refund == 0) revert EndIncentiveNoRefundAvailable();
199: if (incentive.numberOfStakes > 0) revert EndIncentiveWhileStakesArePresent();
200:
201: // issue the refund
202: incentive.totalRewardUnclaimed = 0;
203:
204: hermes.safeTransfer(minter, refund);
205:
206: // note we never clear totalSecondsClaimedX128
207:
208: emit IncentiveEnded(incentiveId, refund);
209: }
243: function withdrawToken(uint256 tokenId, address to, bytes memory data) external {
244: if (to == address(0)) revert InvalidRecipient();
245:
246: Deposit storage deposit = deposits[tokenId];
247:
248: if (deposit.owner != msg.sender) revert NotCalledByOwner();
249: if (deposit.stakedTimestamp != 0) revert TokenStakedError();
250:
251: delete deposits[tokenId];
252: emit DepositTransferred(tokenId, msg.sender, address(0));
253:
254: nonfungiblePositionManager.safeTransferFrom(address(this), to, tokenId, data);
255: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L187-L209
File: uni-v3-staker/libraries/IncentiveId.sol
16: function compute(IUniswapV3Staker.IncentiveKey memory key) internal pure returns (bytes32 incentiveId) {
17: return keccak256(abi.encode(key));
18: }
Saves 5 gas per iteration.1
There are 2 instances of this issue:
File: talos/libraries/PoolVariables.sol
98: if (tick < 0 && tick % tickSpacing != 0) compressed--;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98
File: uni-v3-staker/UniswapV3Staker.sol
428: incentive.numberOfStakes--;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L428
The instances below point to the second call of the function within a single function
There are 32 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
61: underlying = address(ERC4626(_vault).asset());
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L61
File: ulysses-amm/UlyssesPool.sol
176: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
233: uint256 targetBandwidth = totalSupply.mulDiv(bandwidthStateList[i].weight, totalWeights);
375: bandwidthUpdateAmounts = new uint256[](length);
480: iszero(iszero(mod(mul(transfered, diff), totalDiff))), div(mul(transfered, diff), totalDiff)
508: iszero(iszero(mod(mul(transferedChange, weight), _totalWeights))),
509: div(mul(transferedChange, weight), _totalWeights)
574: uint256 oldRebalancingFee = _calculateRebalancingFee(
880: case true { fee := div(mul(width, height), DIVISIONER) }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L176
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
49: string memory name = ERC20(_underlyingAddress).name();
132: (address bridgeAgentFactoryAddress) = abi.decode(_data[1:], (address));
File: ulysses-omnichain/BranchBridgeAgent.sol
341: _normalizeDecimals(
342: getDeposit[_depositNonce].deposits[0], ERC20(getDeposit[_depositNonce].tokens[0]).decimals()
346: msg.value.toUint128(),
378: _normalizeDecimalsMultiple(getDeposit[nonce].deposits, getDeposit[nonce].tokens),
574: address[] memory _hTokens = new address[](numOfAssets);
576: uint256[] memory _amounts = new uint256[](numOfAssets);
872: address[] memory hTokens = new address[](1);
876: uint256[] memory amounts = new uint256[](1);
1029: uint256 gasLeft = gasleft();
File: ulysses-omnichain/CoreBranchRouter.sol
65: string memory name = ERC20(_underlyingAddress).name();
258: (address bridgeAgentFactoryAddress) = abi.decode(_data[1:], (address));
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L65
File: ulysses-omnichain/CoreRootRouter.sol
332: (address globalAddress, address localAddress) = abi.decode(_encodedData, (address, address));
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L332
File: ulysses-omnichain/RootBridgeAgent.sol
295: address localAddress = IPort(localPortAddress).getLocalTokenFromGlobal(_globalAddress, _toChain);
340: address[] memory hTokens = new address[](_globalAddresses.length);
494: address[] memory hTokens = new address[](1);
498: uint256[] memory amounts = new uint256[](1);
717: (uint160 sqrtPriceX96,,,,,,) = IUniswapV3Pool(poolAddress).slot0();
1024: VirtualAccount userAccount = IPort(localPortAddress).fetchVirtualAccount(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L295
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
359: address[] memory hTokens = new address[](numOfAssets);
361: uint256[] memory amounts = new uint256[](numOfAssets);
File: ulysses-omnichain/RootPort.sol
465: newGasPoolAddress = INonfungiblePositionManager(_nonFungiblePositionManagerAddress)
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L465
When using elements that are smaller than 32 bytes, your contract’s gas usage may be higher. This is because the EVM operates on 32 bytes at a time. Therefore, if the element is smaller than that, the EVM must use more operations in order to reduce the size of the element from 32 bytes to the desired size. Each operation involving a uint8 costs an extra 22-28 gas (depending on whether the other operand is also a variable of type uint8) as compared to ones involving uint256, due to the compiler having to clear the higher bits of the memory word before operating on the uint8, as well as the associated stack operations of doing so. Use a larger size then downcast where needed. https://docs.soliditylang.org/en/v0.8.11/internals/layout_in_storage.html Use a larger size then downcast where needed.
There are 21 instances of this issue:
File: gauges/factories/UniswapV3GaugeFactory.sol
77: uint24 minimumWidth = abi.decode(data, (uint24));
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
124: ) = abi.decode(_data[1:], (address, address, address, address, uint128));
File: ulysses-omnichain/CoreBranchRouter.sol
239: abi.decode(_data[1:], (address, string, string, uint128));
250: ) = abi.decode(_data[1:], (address, address, address, address, uint128));
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L239
File: ulysses-omnichain/CoreRootRouter.sol
360: abi.decode(_encodedData, (address, address, uint24, uint128));
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L360
File: ulysses-omnichain/MulticallRootRouter.sol
202: abi.decode(encodedData, (IMulticall.Call[], OutputParams, uint24));
218: abi.decode(encodedData, (IMulticall.Call[], OutputMultipleParams, uint24));
286: abi.decode(encodedData, (Call[], OutputParams, uint24));
306: abi.decode(encodedData, (Call[], OutputMultipleParams, uint24));
362: abi.decode(encodedData, (Call[], OutputParams, uint24));
382: abi.decode(encodedData, (Call[], OutputMultipleParams, uint24));
438: abi.decode(encodedData, (Call[], OutputParams, uint24));
458: abi.decode(encodedData, (Call[], OutputMultipleParams, uint24));
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
164: PARAMS_END_OFFSET + uint16(uint8(bytes1(_data[PARAMS_START]))) * PARAMS_TKN_SET_SIZE_MULTIPLE
174: > PARAMS_END_OFFSET + uint16(uint8(bytes1(_data[PARAMS_START]))) * PARAMS_TKN_SET_SIZE_MULTIPLE
178: bytes1(_data[PARAMS_END_OFFSET + uint16(numOfAssets) * PARAMS_TKN_SET_SIZE_MULTIPLE]),
180: PARAMS_START + PARAMS_END_OFFSET + uint16(numOfAssets) * PARAMS_TKN_SET_SIZE_MULTIPLE:
271: + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE
280: + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE
285: + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE],
288: + uint16(uint8(bytes1(_data[PARAMS_START_SIGNED]))) * PARAMS_TKN_SET_SIZE_MULTIPLE:
Contracts are allowed to override their parents' functions and change the visibility from external
to public
.
There are 89 instances of this issue:
File: erc-20/ERC20Boost.sol
175: function decrementGaugeBoost(address gauge, uint256 boost) public {
312: function transfer(address to, uint256 amount) public override notAttached(msg.sender, amount) returns (bool) {
323: function transferFrom(address from, address to, uint256 amount)
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L175
File: erc-20/ERC20Gauges.sol
496: function transfer(address to, uint256 amount) public virtual override returns (bool) {
508: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L496
File: erc-20/ERC20MultiVotes.sol
32: function checkpoints(address account, uint32 pos) public view virtual returns (Checkpoint memory) {
37: function numCheckpoints(address account) public view virtual returns (uint32) {
58: function getPriorVotes(address account, uint256 blockNumber) public view virtual returns (uint256) {
126: function delegatesVotesCount(address delegator, address delegatee) public view virtual returns (uint256) {
131: function delegates(address delegator) public view returns (address[] memory) {
141: function incrementDelegation(address delegatee, uint256 amount) public virtual {
146: function undelegate(address delegatee, uint256 amount) public virtual {
291: function transfer(address to, uint256 amount) public virtual override returns (bool) {
303: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
363: function delegateBySig(address delegatee, uint256 nonce, uint256 expiry, uint8 v, bytes32 r, bytes32 s) public {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L32
File: erc-4626/ERC4626.sol
32: function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {
47: function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {
61: function withdraw(uint256 assets, address receiver, address owner) public virtual returns (uint256 shares) {
80: function redeem(uint256 shares, address receiver, address owner) public virtual returns (uint256 assets) {
148: function maxDeposit(address) public view virtual returns (uint256) {
153: function maxMint(address) public view virtual returns (uint256) {
158: function maxWithdraw(address owner) public view virtual returns (uint256) {
163: function maxRedeem(address owner) public view virtual returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626.sol#L32
File: erc-4626/ERC4626DepositOnly.sol
32: function deposit(uint256 assets, address receiver) public virtual returns (uint256 shares) {
47: function mint(uint256 shares, address receiver) public virtual returns (uint256 assets) {
75: function convertToAssets(uint256 shares) public view virtual returns (uint256) {
98: function maxDeposit(address) public view virtual returns (uint256) {
103: function maxMint(address) public view virtual returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626DepositOnly.sol#L32
File: erc-4626/ERC4626MultiToken.sol
93: function deposit(uint256[] calldata assetsAmounts, address receiver)
113: function mint(uint256 shares, address receiver)
132: function withdraw(uint256[] calldata assetsAmounts, address receiver, address owner)
156: function redeem(uint256 shares, address receiver, address owner)
269: function maxDeposit(address) public view virtual returns (uint256) {
274: function maxMint(address) public view virtual returns (uint256) {
279: function maxWithdraw(address owner) public view virtual returns (uint256[] memory) {
284: function maxRedeem(address owner) public view virtual returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/ERC4626MultiToken.sol#L93
File: erc-4626/UlyssesERC4626.sol
34: function deposit(uint256 assets, address receiver) public virtual nonReentrant returns (uint256 shares) {
47: function mint(uint256 shares, address receiver) public virtual nonReentrant returns (uint256 assets) {
59: function redeem(uint256 shares, address receiver, address owner)
88: function convertToShares(uint256 assets) public view virtual returns (uint256) {
92: function convertToAssets(uint256 shares) public view virtual returns (uint256) {
96: function previewDeposit(uint256 assets) public view virtual returns (uint256) {
100: function previewMint(uint256 shares) public view virtual returns (uint256) {
104: function previewRedeem(uint256 shares) public view virtual returns (uint256) {
112: function maxDeposit(address) public view virtual returns (uint256) {
116: function maxMint(address) public view virtual returns (uint256) {
120: function maxRedeem(address owner) public view virtual returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/UlyssesERC4626.sol#L34
File: governance/GovernorBravoDelegateMaia.sol
56: function initialize(
104: function propose(
File: governance/GovernorBravoDelegator.sol
8: constructor(
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L8
File: hermes/UtilityManager.sol
55: function forfeitMultiple(uint256 amount) public virtual {
62: function forfeitMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance) public virtual {
96: function claimMultiple(uint256 amount) public virtual {
103: function claimMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance) public virtual {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L55
File: hermes/bHermes.sol
96: function claimOutstanding() public virtual {
115: function totalAssets() public view virtual override returns (uint256) {
140: function transfer(address to, uint256 amount) public virtual override returns (bool) {
158: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L96
File: maia/PartnerUtilityManager.sol
52: function forfeitMultiple(uint256 amount) public virtual override {
60: function forfeitMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance, uint256 _partnerGovernance)
108: function claimMultiple(uint256 amount) public virtual override {
116: function claimMultipleAmounts(uint256 weight, uint256 boost, uint256 _governance, uint256 _partnerGovernance)
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L52
File: maia/tokens/ERC4626PartnerManager.sol
85: function updateUnderlyingBalance() public virtual {
90: function claimOutstanding() public virtual {
105: function totalAssets() public view override returns (uint256) {
113: function convertToShares(uint256 assets) public view virtual override returns (uint256) {
121: function convertToAssets(uint256 shares) public view virtual override returns (uint256) {
129: function previewDeposit(uint256 assets) public view virtual override returns (uint256) {
136: function previewMint(uint256 shares) public view virtual override returns (uint256) {
143: function previewWithdraw(uint256 assets) public view virtual override returns (uint256) {
151: function previewRedeem(uint256 shares) public view virtual override returns (uint256) {
161: function maxDeposit(address) public view virtual override returns (uint256) {
173: function maxWithdraw(address user) public view virtual override returns (uint256) {
179: function maxRedeem(address user) public view virtual override returns (uint256) {
263: function transfer(address to, uint256 amount)
279: function transferFrom(address from, address to, uint256 amount)
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L85
File: maia/vMaia.sol
91: function claimBoost(uint256 amount) public override {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L91
File: rewards/base/FlywheelCore.sol
84: function accrue(ERC20 strategy, address user, address secondUser) public returns (uint256, uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L84
File: talos/TalosStrategyStaked.sol
89: function transfer(address _to, uint256 _amount) public override returns (bool) {
94: function transferFrom(address _from, address _to, uint256 _amount) public override returns (bool) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L89
File: talos/base/TalosBaseStrategy.sol
182: function deposit(uint256 amount0Desired, uint256 amount1Desired, address receiver)
238: function redeem(uint256 shares, uint256 amount0Min, uint256 amount1Min, address receiver, address _owner)
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L182
File: ulysses-amm/UlyssesPool.sol
102: function totalAssets() public view override returns (uint256) {
107: function maxRedeem(address owner) public view override returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L102
File: ulysses-amm/UlyssesToken.sol
39: function totalAssets() public view override returns (uint256 _totalAssets) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L39
File: ulysses-amm/factories/UlyssesFactory.sol
65: function renounceOwnership() public payable override onlyOwner {
File: ulysses-omnichain/BranchPort.sol
113: function renounceOwnership() public payable override onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L113
File: ulysses-omnichain/RootPort.sol
165: function renounceOwnership() public payable override onlyOwner {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L165
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
29: function burn(uint256 value) public override onlyOwner {
The overheads outlined below are PER LOOP, excluding the first loop\n\n- storage arrays incur a Gwarmaccess (100 gas)\n\n- memory arrays use MLOAD (3 gas)\n\n- calldata arrays use CALLDATALOAD (3 gas)\nCaching the length changes each of these to a DUP (3 gas), and gets rid of the extra DUP needed to store the stack offset.
There are 29 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
181: for (uint256 i = 0; i < proposal.targets.length; i++) {
215: for (uint256 i = 0; i < proposal.targets.length; i++) {
251: for (uint256 i = 0; i < proposal.targets.length; i++) {
File: ulysses-amm/UlyssesPool.sol
130: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
232: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
253: for (uint256 i = 1; i < bandwidthStateList.length;) {
278: for (uint256 i = 1; i < bandwidthStateList.length;) {
280: if (i == bandwidthStateList.length - 1) {
296: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130
File: ulysses-amm/UlyssesToken.sol
95: for (uint256 i = 0; i < assets.length; i++) {
111: for (uint256 i = 0; i < assets.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95
File: ulysses-amm/factories/UlyssesFactory.sol
108: if (length != weights[i].length) revert ParameterLengthError();
File: ulysses-omnichain/ArbitrumBranchPort.sol
101: for (uint256 i = 0; i < _localAddresses.length;) {
136: for (uint256 i = 0; i < _localAddresses.length;) {
File: ulysses-omnichain/BranchBridgeAgent.sol
283: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
719: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
951: for (uint256 i = 0; i < deposit.hTokens.length;) {
1354: for (uint256 i = 0; i < _deposits.length; i++) {
File: ulysses-omnichain/BranchPort.sol
231: for (uint256 i = 0; i < _localAddresses.length;) {
267: for (uint256 i = 0; i < _localAddresses.length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L231
File: ulysses-omnichain/MulticallRootRouter.sol
146: for (uint256 i = 0; i < outputTokens.length;) {
311: for (uint256 i = 0; i < outputParams.outputTokens.length;) {
387: for (uint256 i = 0; i < outputParams.outputTokens.length;) {
463: for (uint256 i = 0; i < outputParams.outputTokens.length;) {
File: ulysses-omnichain/RootBridgeAgent.sol
342: for (uint256 i = 0; i < _globalAddresses.length;) {
408: for (uint256 i = 0; i < _dParams.hTokens.length;) {
561: for (uint256 i = 0; i < newGas.length;) {
562: settlement.callData[settlement.callData.length - 16 + i] = newGas[i];
596: for (uint256 i = 0; i < settlement.hTokens.length;) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L342
<x> * 2
is the same as <x> << 1
. While the compiler uses the SHL
opcode to accomplish both, the version that uses multiplication incurs an overhead of 20 gas due to JUMP
s to and from a compiler utility function that introduces checks which can be avoided by using unchecked {}
around the division by two.
There are 3 instances of this issue:
File: maia/libraries/DateTimeLib.sol
58: startOfDay = day * 86400;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L58
File: uni-v3-staker/libraries/RewardMath.sol
35: ((secondsInsideX128 * 4) / 10) + ((((stakedDuration << 128) * boostAmount) / boostTotalSupply) * 6) / 10
44: boostedSecondsInsideX128 = (secondsInsideX128 * 4) / 10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L35
Shortening revert strings to fit in 32 bytes will decrease deployment time gas and will decrease runtime gas when the revert condition is met.
There are 65 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
364: require(block.timestamp <= expiry, "ERC20MultiVotes: signature expired");
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L364
File: governance/GovernorBravoDelegateMaia.sol
63: require(address(timelock) == address(0), "GovernorBravo::initialize: can only initialize once");
64: require(msg.sender == admin, "GovernorBravo::initialize: admin only");
65: require(timelock_ != address(0), "GovernorBravo::initialize: invalid timelock address");
66: require(govToken_ != address(0), "GovernorBravo::initialize: invalid govToken address");
67: require(
68: votingPeriod_ >= MIN_VOTING_PERIOD && votingPeriod_ <= MAX_VOTING_PERIOD,
69: "GovernorBravo::initialize: invalid voting period"
70: );
71: require(
72: votingDelay_ >= MIN_VOTING_DELAY && votingDelay_ <= MAX_VOTING_DELAY,
73: "GovernorBravo::initialize: invalid voting delay"
74: );
75: require(
76: proposalThreshold_ >= MIN_PROPOSAL_THRESHOLD && proposalThreshold_ <= MAX_PROPOSAL_THRESHOLD,
77: "GovernorBravo::initialize: invalid proposal threshold"
78: );
112: require(initialProposalId != 0, "GovernorBravo::propose: Governor Bravo not active");
114: require(
115: govToken.getPriorVotes(msg.sender, sub256(block.number, 1)) > getProposalThresholdAmount()
116: || isWhitelisted(msg.sender),
117: "GovernorBravo::propose: proposer votes below proposal threshold"
118: );
119: require(
120: targets.length == values.length && targets.length == signatures.length && targets.length == calldatas.length,
121: "GovernorBravo::propose: proposal function information arity mismatch"
122: );
123: require(targets.length != 0, "GovernorBravo::propose: must provide actions");
124: require(targets.length <= proposalMaxOperations, "GovernorBravo::propose: too many actions");
129: require(
130: proposersLatestProposalState != ProposalState.Active,
131: "GovernorBravo::propose: one live proposal per proposer, found an already active proposal"
132: );
133: require(
134: proposersLatestProposalState != ProposalState.Pending,
135: "GovernorBravo::propose: one live proposal per proposer, found an already pending proposal"
136: );
146: require(newProposal.id == 0, "GovernorBravo::propose: ProposalID collsion");
175: require(
176: state(proposalId) == ProposalState.Succeeded,
177: "GovernorBravo::queue: proposal can only be queued if it is succeeded"
178: );
197: require(
198: !timelock.queuedTransactions(keccak256(abi.encode(target, value, signature, data, eta))),
199: "GovernorBravo::queueOrRevertInternal: identical proposal action already queued at eta"
200: );
209: require(
210: state(proposalId) == ProposalState.Queued,
211: "GovernorBravo::execute: proposal can only be executed if it is queued"
212: );
228: require(state(proposalId) != ProposalState.Executed, "GovernorBravo::cancel: cannot cancel executed proposal");
237: require(
238: (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount())
239: && msg.sender == whitelistGuardian,
240: "GovernorBravo::cancel: whitelisted proposer"
241: );
243: require(
244: (govToken.getPriorVotes(proposal.proposer, sub256(block.number, 1)) < getProposalThresholdAmount()),
245: "GovernorBravo::cancel: proposer above threshold"
246: );
298: require(
299: proposalCount >= proposalId && proposalId > initialProposalId, "GovernorBravo::state: invalid proposal id"
300: );
350: require(signatory != address(0), "GovernorBravo::castVoteBySig: invalid signature");
362: require(state(proposalId) == ProposalState.Active, "GovernorBravo::castVoteInternal: voting is closed");
363: require(support <= 2, "GovernorBravo::castVoteInternal: invalid vote type");
366: require(receipt.hasVoted == false, "GovernorBravo::castVoteInternal: voter already voted");
398: require(msg.sender == admin, "GovernorBravo::_setVotingDelay: admin only");
399: require(
400: newVotingDelay >= MIN_VOTING_DELAY && newVotingDelay <= MAX_VOTING_DELAY,
401: "GovernorBravo::_setVotingDelay: invalid voting delay"
402: );
414: require(msg.sender == admin, "GovernorBravo::_setVotingPeriod: admin only");
415: require(
416: newVotingPeriod >= MIN_VOTING_PERIOD && newVotingPeriod <= MAX_VOTING_PERIOD,
417: "GovernorBravo::_setVotingPeriod: invalid voting period"
418: );
431: require(msg.sender == admin, "GovernorBravo::_setProposalThreshold: admin only");
432: require(
433: newProposalThreshold >= MIN_PROPOSAL_THRESHOLD && newProposalThreshold <= MAX_PROPOSAL_THRESHOLD,
434: "GovernorBravo::_setProposalThreshold: invalid proposal threshold"
435: );
448: require(
449: msg.sender == admin || msg.sender == whitelistGuardian,
450: "GovernorBravo::_setWhitelistAccountExpiration: admin only"
451: );
462: require(msg.sender == admin, "GovernorBravo::_setWhitelistGuardian: admin only");
475: require(msg.sender == admin, "GovernorBravo::_initiate: admin only");
476: require(initialProposalId == 0, "GovernorBravo::_initiate: can only initiate once");
489: require(msg.sender == admin, "GovernorBravo:_setPendingAdmin: admin only");
507: require(
508: msg.sender == pendingAdmin && msg.sender != address(0), "GovernorBravo:_acceptAdmin: pending admin only"
509: );
File: governance/GovernorBravoDelegator.sol
42: require(msg.sender == admin, "GovernorBravoDelegator::_setImplementation: admin only");
43: require(
44: implementation_ != address(0), "GovernorBravoDelegator::_setImplementation: invalid implementation address"
45: );
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L42
File: ulysses-omnichain/BranchBridgeAgent.sol
151: require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");
152: require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");
153: require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");
154: require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");
155: require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");
File: ulysses-omnichain/BranchPort.sol
104: require(_bridgeAgentFactory != address(0), "BridgeAgentFactory is zero address");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L104
File: ulysses-omnichain/RootBridgeAgent.sol
210: require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");
212: require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");
213: require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");
214: require(_localPortAddress != address(0), "Port Address cannot be zero address");
215: require(_localRouterAddress != address(0), "Router Address cannot be zero address");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L210
File: ulysses-omnichain/RootPort.sol
115: require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");
130: require(_bridgeAgentFactory != address(0), "Bridge Agent Factory cannot be 0 address.");
131: require(_coreRootRouter != address(0), "Core Root Router cannot be 0 address.");
147: require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0 address.");
148: require(_coreLocalBranchBridgeAgent != address(0), "Core Local Branch Bridge Agent cannot be 0 address.");
149: require(_localBranchPortAddress != address(0), "Local Branch Port Address cannot be 0 address.");
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L115
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
84: require(
85: msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
86: );
87: require(
88: _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
89: "Root Bridge Agent Factory Address does not match."
90: );
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
64: require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");
68: require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");
84: require(_coreRootBridgeAgent != address(0), "Core Root Bridge Agent cannot be 0");
118: require(
119: msg.sender == localCoreBranchRouterAddress, "Only the Core Branch Router can create a new Bridge Agent."
120: );
121: require(
122: _rootBridgeAgentFactoryAddress == rootBridgeAgentFactoryAddress,
123: "Root Bridge Agent Factory Address does not match."
124: );
Not inlining costs 20 to 40 gas because of two extra JUMP
instructions and additional stack operations needed for function calls.
There are 38 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
80: function average(uint256 a, uint256 b) internal pure returns (uint256) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L80
File: governance/GovernorBravoDelegateMaia.sol
190: function queueOrRevertInternal(
536: function getChainIdInternal() internal view returns (uint256) {
File: governance/GovernorBravoDelegator.sol
59: function delegateTo(address callee, bytes memory data) internal {
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L59
File: rewards/base/FlywheelCore.sol
115: function _addStrategyForRewards(ERC20 strategy) internal {
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L115
File: talos/TalosStrategyStaked.sol
164: function _unstake(uint256 _tokenId) internal {
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L164
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
75: function _receiveAddBridgeAgent(
File: ulysses-omnichain/BranchBridgeAgent.sol
857: function _createDepositSingle(
903: function _createDepositMultiple(
946: function _redeemDeposit(uint32 _depositNonce) internal {
1099: function _gasSwapIn(bytes memory gasData) internal virtual returns (uint256 gasAmount) {
1386: function _requiresExecutor() internal view virtual {
1399: function _requiresRouter() internal view {
File: ulysses-omnichain/BranchPort.sol
137: function _reservesLacking(address _token) internal view returns (uint256) {
193: function _checkTimeLimit(address _token, uint256 _amount) internal {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L137
File: ulysses-omnichain/CoreBranchRouter.sol
95: function _receiveAddGlobalToken(
125: function _receiveAddBridgeAgent(
163: function _toggleBranchBridgeAgentFactory(address _newBridgeAgentFactoryAddress) internal {
177: function _removeBranchBridgeAgent(address _branchBridgeAgent) internal {
189: function _manageStrategyToken(address _underlyingToken, uint256 _minimumReservesRatio) internal {
206: function _managePortStrategy(
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L95
File: ulysses-omnichain/CoreRootRouter.sol
125: function _syncBranchBridgeAgent(address _newBranchBridgeAgent, address _rootBridgeAgent, uint24 _fromChain)
143: function _addGlobalToken(uint128 _remoteExecutionGas, address _globalAddress, address _gasReceiver, uint24 _toChain)
178: function _addLocalToken(
208: function _setLocalToken(address _globalAddress, address _localAddress, uint24 _toChain) internal {
452: function _requiresExecutor() internal view {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L125
File: ulysses-omnichain/MulticallRootRouter.sol
508: function _requiresExecutor() internal view {
File: ulysses-omnichain/RootBridgeAgent.sol
483: function _createSettlement(
550: function _retrySettlement(uint32 _settlementNonce) internal returns (bool) {
591: function _redeemSettlement(uint32 _settlementNonce) internal {
659: function _gasSwapIn(uint256 _amount, uint24 _fromChain) internal returns (uint256) {
831: function _payFallbackGas(uint32 _settlementNonce, uint256 _initialGas) internal virtual {
1287: function _requiresExecutor() internal view {
1302: function _requiresRouter() internal view {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L483
File: ulysses-omnichain/RootPort.sol
203: function _getUnderlyingTokenFromGlobal(address _globalAddress, uint24 _fromChain) internal view returns (address) {
218: function _isGlobalToken(address _globalAddress, uint24 _fromChain) internal view returns (bool) {
233: function _isLocalToken(address _localAddress, uint24 _fromChain, uint24 _toChain) internal view returns (bool) {
349: function addVirtualAccount(address _user) internal returns (VirtualAccount newAccount) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L203
Use uint256(1) and uint256(2) for true/false to avoid a Gwarmaccess (100 gas), and to avoid Gsset (20000 gas) when changing from ‘false’ to ‘true’, after having been ‘true’ in the past. See source.
There are 71 instances of this issue:
File: gauges/BaseV2Gauge.sol
137: isActive[bribeFlywheel] = true;
138: added[bribeFlywheel] = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L137
File: gauges/factories/BaseV2GaugeFactory.sol
118: activeGauges[gauge] = true;
File: gauges/factories/BaseV2GaugeManager.sol
115: activeGaugeFactories[gaugeFactory] = true;
File: gauges/factories/BribesFactory.sol
94: activeBribeFlywheels[flywheel] = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L94
File: governance/GovernorBravoDelegateMaia.sol
159: newProposal.canceled = false;
160: newProposal.executed = false;
214: proposal.executed = true;
250: proposal.canceled = true;
377: receipt.hasVoted = true;
File: rewards/depots/MultiRewardsDepot.sol
49: _isAsset[asset] = true;
50: _isRewardsContract[rewardsContract] = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L49
File: talos/TalosManager.sol
102: upkeepNeeded = true;
104: upkeepNeeded = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L102
File: talos/TalosStrategyStaked.sol
52: bool private stakeFlag = false;
168: stakeFlag = false;
178: stakeFlag = true; // flag to store staking state to avoid failing to unstake when it is not staked
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L52
File: talos/base/TalosBaseStrategy.sol
163: initialized = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L163
File: talos/boost-aggregator/BoostAggregator.sol
144: whitelistedAddresses[user] = true;
File: ulysses-omnichain/BranchBridgeAgent.sol
1156: (success, result) = (true, res);
1162: executionHistory[nonce] = true;
1180: (success, result) = (true, res);
1186: executionHistory[nonce] = true;
1204: (success, result) = (true, res);
1210: executionHistory[nonce] = true;
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
112: success = true;
155: success = true;
File: ulysses-omnichain/BranchPort.sol
107: isBridgeAgentFactory[_bridgeAgentFactory] = true;
291: isBridgeAgent[_bridgeAgent] = true;
309: isBridgeAgentFactory[_newBridgeAgentFactory] = true;
336: isStrategyToken[_token] = true;
357: isPortStrategy[_portStrategy][_token] = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L107
File: ulysses-omnichain/RootBridgeAgent.sol
671: if (!approvedGasPool[poolAddress]) approvedGasPool[poolAddress] = true;
712: if (!approvedGasPool[poolAddress]) approvedGasPool[poolAddress] = true;
929: (success, result) = (true, res);
932: (success, result) = (false, reason);
936: executionHistory[fromChainId][nonce] = true;
954: (success, result) = (true, res);
957: (success, result) = (true, reason);
961: executionHistory[fromChainId][nonce] = true;
979: (success, result) = (true, res);
985: executionHistory[fromChainId][nonce] = true;
1003: (success, result) = (true, res);
1009: executionHistory[fromChainId][nonce] = true;
1035: (success, result) = (true, res);
1038: (success, result) = (true, reason);
1045: executionHistory[fromChainId][nonce] = true;
1071: (success, result) = (true, res);
1080: executionHistory[fromChainId][nonce] = true;
1106: (success, result) = (true, res);
1115: executionHistory[fromChainId][nonce] = true;
1132: (success, result) = (true, res);
1138: executionHistory[fromChainId][nonce] = true;
1148: executionHistory[fromChainId][nonce] = true;
1151: (success, result) = (false, "");
1250: isBranchBridgeAgentAllowed[_branchChainId] = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L671
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
141: success = true;
187: success = true;
245: success = true;
296: success = true;
316: (success, result) = (true, "");
File: ulysses-omnichain/RootPort.sol
120: isChainId[_localChainId] = true;
123: _setup = true;
133: isBridgeAgentFactory[_bridgeAgentFactory] = true;
161: _setup = false;
251: isGlobalAddress[_globalAddress] = true;
447: isChainId[_chainId] = true;
448: isGlobalAddress[newGlobalToken] = true;
464: zeroForOneOnInflow = true;
468: zeroForOneOnInflow = false;
498: isGlobalAddress[_ecoTokenGlobalAddress] = true;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L120
Saves a storage slot for the mapping. Depending on the circumstances and sizes of types, can avoid a Gsset (20000 gas) per mapping combined. Reads and subsequent writes can also be cheaper when a function requires both values and they both fit in the same storage slot.
There are 56 instances of this issue:
File: erc-20/ERC20Boost.sol
28: mapping(address => mapping(address => GaugeState)) public override getUserGaugeBoost;
31: mapping(address => uint256) public override getUserBoost;
33: mapping(address => EnumerableSet.AddressSet) internal _userGauges;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L28
File: erc-20/ERC20Gauges.sol
45: mapping(address => mapping(address => uint112)) public override getUserGaugeWeight;
49: mapping(address => uint112) public override getUserWeight;
53: mapping(address => Weight) internal _getGaugeWeight;
58: mapping(address => EnumerableSet.AddressSet) internal _userGauges;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L45
File: erc-20/ERC20MultiVotes.sol
117: mapping(address => mapping(address => uint256)) private _delegatesVotesCount;
120: mapping(address => uint256) public userDelegatedVotes;
123: mapping(address => EnumerableSet.AddressSet) private _delegates;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L117
File: gauges/BaseV2Gauge.sol
35: mapping(FlywheelCore => bool) public override isActive;
38: mapping(FlywheelCore => bool) public override added;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L35
File: gauges/factories/BaseV2GaugeFactory.sol
36: mapping(BaseV2Gauge => uint256) public override gaugeIds;
39: mapping(BaseV2Gauge => bool) public override activeGauges;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L36
File: gauges/factories/BaseV2GaugeManager.sol
32: mapping(BaseV2GaugeFactory => uint256) public gaugeFactoryIds;
35: mapping(BaseV2GaugeFactory => bool) public activeGaugeFactories;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L32
File: gauges/factories/BribesFactory.sol
32: mapping(FlywheelCore => uint256) public bribeFlywheelIds;
35: mapping(FlywheelCore => bool) public activeBribeFlywheels;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L32
File: rewards/base/FlywheelCore.sol
30: mapping(ERC20 => uint256) public override strategyIds;
151: mapping(ERC20 => uint256) public strategyIndex;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L30
File: rewards/depots/MultiRewardsDepot.sol
17: mapping(address => address) private _assets;
20: mapping(address => bool) private _isRewardsContract;
23: mapping(address => bool) private _isAsset;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L17
File: talos/boost-aggregator/BoostAggregator.sol
42: mapping(uint256 => address) public tokenIdToUser;
45: mapping(uint256 => uint256) public tokenIdRewards;
File: ulysses-amm/factories/UlyssesFactory.sol
55: mapping(uint256 => UlyssesPool) public pools;
58: mapping(uint256 => UlyssesToken) public tokens;
File: ulysses-omnichain/BranchPort.sol
54: mapping(address => bool) public isStrategyToken;
63: mapping(address => uint256) public getStrategyTokenDebt;
66: mapping(address => uint256) public getMinimumTokenReserveRatio;
71: mapping(address => mapping(address => bool)) public isPortStrategy;
80: mapping(address => mapping(address => uint256)) public getPortStrategyTokenDebt;
83: mapping(address => mapping(address => uint256)) public lastManaged;
86: mapping(address => mapping(address => uint256)) public strategyDailyLimitAmount;
89: mapping(address => mapping(address => uint256)) public strategyDailyLimitRemaining;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L54
File: ulysses-omnichain/RootBridgeAgent.sol
154: mapping(uint256 => address) public getBranchBridgeAgent;
157: mapping(uint256 => bool) public isBranchBridgeAgentAllowed;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L154
File: ulysses-omnichain/RootPort.sol
58: mapping(uint256 => bool) public isChainId;
61: mapping(address => bool) public isBridgeAgent;
70: mapping(address => address) public getBridgeAgentManager;
90: mapping(address => bool) public isGlobalAddress;
93: mapping(address => mapping(uint256 => address)) public getGlobalTokenFromLocal;
96: mapping(address => mapping(uint256 => address)) public getLocalTokenFromGlobal;
99: mapping(address => mapping(uint256 => address)) public getLocalTokenFromUnder;
102: mapping(address => mapping(uint256 => address)) public getUnderlyingTokenFromLocal;
109: mapping(uint256 => address) public getWrappedNativeToken;
112: mapping(uint256 => GasPoolInfo) public getGasPoolInfo;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L58
File: uni-v3-staker/UniswapV3Staker.sol
37: mapping(IUniswapV3Pool => UniswapV3Gauge) public gauges;
40: mapping(IUniswapV3Pool => address) public bribeDepots;
43: mapping(IUniswapV3Pool => uint24) public poolsMinimumWidth;
49: mapping(uint256 => Deposit) public override deposits;
52: mapping(address => mapping(IUniswapV3Pool => uint256)) private _userAttachements;
55: mapping(uint256 => mapping(bytes32 => Stake)) private _stakes;
58: mapping(uint256 => IncentiveKey) private stakedIncentiveKey;
81: mapping(address => uint256) public override rewards;
84: mapping(uint256 => uint256) public tokenIdRewards;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L37
The msg.sender
is the address of the account that initiated the current call. This is the address where the current (external) function call came from. It is possible to delegatecall()
to another contract, which means that msg.sender
will be the address of the current contract, not the original caller (as defined by CALLER
in the yellow paper).\n\nThe tx.origin
is the address of the account that sent the transaction, which started it all. It is never an account with code, and for any externally owned account, it is the same as msg.sender
.
There are 57 instances of this issue:
File: gauges/UniswapV3Gauge.sol
33: constructor(
34: FlywheelGaugeRewards _flywheelGaugeRewards,
35: address _uniswapV3Staker,
36: address _uniswapV3Pool,
37: uint24 _minimumWidth,
38: address _owner
39: ) BaseV2Gauge(_flywheelGaugeRewards, _uniswapV3Pool, _owner) {
40: uniswapV3Staker = _uniswapV3Staker;
41: minimumWidth = _minimumWidth;
42:
43: emit NewMinimumWidth(_minimumWidth);
44:
45: rewardToken.safeApprove(_uniswapV3Staker, type(uint256).max);
46: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L33-L46
File: gauges/factories/BaseV2GaugeManager.sol
43: constructor(bHermes _bHermes, address _owner, address _admin) {
44: admin = _admin;
45: _initializeOwner(_owner);
46: bHermesGaugeWeight = _bHermes.gaugeWeight();
47: bHermesGaugeBoost = _bHermes.gaugeBoost();
48: }
File: gauges/factories/BribesFactory.sol
50: constructor(
51: BaseV2GaugeManager _gaugeManager,
52: FlywheelBoosterGaugeWeight _flywheelGaugeWeightBooster,
53: uint256 _rewardsCycleLength,
54: address _owner
55: ) {
56: _initializeOwner(_owner);
57: gaugeManager = _gaugeManager;
58: flywheelGaugeWeightBooster = _flywheelGaugeWeightBooster;
59: rewardsCycleLength = _rewardsCycleLength;
60: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L50-L60
File: gauges/factories/UniswapV3GaugeFactory.sol
50: constructor(
51: BaseV2GaugeManager _gaugeManager,
52: bHermesBoost _bHermesBoost,
53: IUniswapV3Factory _factory,
54: INonfungiblePositionManager _nonfungiblePositionManager,
55: FlywheelGaugeRewards _flywheelGaugeRewards,
56: BribesFactory _bribesFactory,
57: address _owner
58: ) BaseV2GaugeFactory(_gaugeManager, _bHermesBoost, _bribesFactory, _owner) {
59: flywheelGaugeRewards = _flywheelGaugeRewards;
60: uniswapV3Staker = new UniswapV3Staker(
61: _factory,
62: _nonfungiblePositionManager,
63: this,
64: _bHermesBoost,
65: 52 weeks,
66: address(_flywheelGaugeRewards.minter()),
67: address(_flywheelGaugeRewards.rewardToken())
68: );
69: }
File: governance/GovernorBravoDelegator.sol
8: constructor(
9: address timelock_,
10: address govToken_,
11: address admin_,
12: address implementation_,
13: uint256 votingPeriod_,
14: uint256 votingDelay_,
15: uint256 proposalThreshold_
16: ) public {
17: // Admin set to msg.sender for initialization
18: admin = msg.sender;
19:
20: delegateTo(
21: implementation_,
22: abi.encodeWithSignature(
23: "initialize(address,address,uint256,uint256,uint256)",
24: timelock_,
25: govToken_,
26: votingPeriod_,
27: votingDelay_,
28: proposalThreshold_
29: )
30: );
31:
32: _setImplementation(implementation_);
33:
34: admin = admin_;
35: }
File: hermes/bHermes.sol
55: constructor(ERC20 _hermes, address _owner, uint32 _gaugeCycleLength, uint32 _incrementFreezeWindow)
56: UtilityManager(
57: address(new bHermesGauges(_owner, _gaugeCycleLength, _incrementFreezeWindow)),
58: address(new bHermesBoost(_owner)),
59: address(new bHermesVotes(_owner))
60: )
61: ERC4626DepositOnly(_hermes, "Burned Hermes: Gov + Yield + Boost", "bHermes")
62: {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L55-L62
File: hermes/minters/BaseV2Minter.sol
53: constructor(
54: address _vault, // the B(3,3) system that will be locked into
55: address _dao,
56: address _owner
57: ) {
58: _initializeOwner(_owner);
59: initializer = msg.sender;
60: dao = _dao;
61: underlying = address(ERC4626(_vault).asset());
62: vault = ERC4626(_vault);
63: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L53-L63
File: hermes/tokens/HERMES.sol
48: constructor(address _owner) ERC20("Hermes", "HERMES", 18) {
49: _initializeOwner(_owner);
50: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L48-L50
File: hermes/tokens/bHermesBoost.sol
22: constructor(address _owner) ERC20("bHermes Boost", "bHERMES-B", 18) {
23: _initializeOwner(_owner);
24: bHermes = msg.sender;
25: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L22-L25
File: hermes/tokens/bHermesGauges.sol
26: constructor(address _owner, uint32 _rewardsCycleLength, uint32 _incrementFreezeWindow)
27: ERC20Gauges(_rewardsCycleLength, _incrementFreezeWindow)
28: ERC20("bHermes Gauges", "bHERMES-G", 18)
29: {
30: _initializeOwner(_owner);
31: bHermes = msg.sender;
32: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L26-L32
File: hermes/tokens/bHermesVotes.sol
20: constructor(address _owner) ERC20("bHermes Votes", "bHERMES-V", 18) {
21: _initializeOwner(_owner);
22: bHermes = msg.sender;
23: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L20-L23
File: maia/factories/PartnerManagerFactory.sol
37: constructor(ERC20 _bHermes, address _owner) {
38: _initializeOwner(_owner);
39: bHermes = _bHermes;
40: partners.push(PartnerManager(address(0)));
41: }
File: maia/tokens/Maia.sol
41: constructor(address _owner) ERC20("Maia", "MAIA", 18) {
42: _initializeOwner(_owner);
43: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L41-L43
File: maia/vMaia.sol
48: constructor(
49: PartnerManagerFactory _factory,
50: uint256 _bHermesRate,
51: ERC20 _partnerAsset,
52: string memory _name,
53: string memory _symbol,
54: address _bhermes,
55: address _partnerVault,
56: address _owner
57: ) ERC4626PartnerManager(_factory, _bHermesRate, _partnerAsset, _name, _symbol, _bhermes, _partnerVault, _owner) {
58: // Set the current month to the current month.
59: currentMonth = DateTimeLib.getMonth(block.timestamp);
60: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L48-L60
File: rewards/FlywheelCoreInstant.sol
33: constructor(
34: address _rewardToken,
35: IFlywheelRewards _flywheelRewards,
36: IFlywheelBooster _flywheelBooster,
37: address _owner
38: ) Core(_rewardToken, address(_flywheelRewards), _flywheelBooster, _owner) {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L33-L38
File: rewards/FlywheelCoreStrategy.sol
32: constructor(
33: address _rewardToken,
34: IFlywheelRewards _flywheelRewards,
35: IFlywheelBooster _flywheelBooster,
36: address _owner
37: ) Core(_rewardToken, address(_flywheelRewards), _flywheelBooster, _owner) {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L32-L37
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
48: constructor(bHermesGauges _bHermesGauges) {
49: bhermes = _bHermesGauges;
50: }
File: rewards/depots/MultiRewardsDepot.sol
29: constructor(address _owner) {
30: _initializeOwner(_owner);
31: }
File: rewards/depots/SingleRewardsDepot.sol
22: constructor(address _asset) {
23: asset = _asset;
24: rewardsContract = msg.sender;
25: }
File: rewards/rewards/FlywheelBribeRewards.sol
27: constructor(FlywheelCore _flywheel, uint256 _rewardsCycleLength)
28: FlywheelAcummulatedRewards(_flywheel, _rewardsCycleLength)
29: {}
File: rewards/rewards/FlywheelGaugeRewards.sol
53: constructor(address _rewardToken, address _owner, ERC20Gauges _gaugeToken, IBaseV2Minter _minter) {
54: _initializeOwner(_owner);
55: rewardToken = _rewardToken;
56:
57: gaugeCycleLength = _gaugeToken.gaugeCycleLength();
58:
59: // seed initial gaugeCycle
60: gaugeCycle = (block.timestamp.toUint32() / gaugeCycleLength) * gaugeCycleLength;
61:
62: gaugeToken = _gaugeToken;
63:
64: minter = _minter;
65: }
File: rewards/rewards/FlywheelInstantRewards.sol
28: constructor(FlywheelCore _flywheel) BaseFlywheelRewards(_flywheel) {
29: rewardsDepot = new SingleRewardsDepot(rewardToken);
30: }
File: talos/TalosManager.sol
44: constructor(
45: address _strategy,
46: int24 _ticksFromLowerRebalance,
47: int24 _ticksFromUpperRebalance,
48: int24 _ticksFromLowerRerange,
49: int24 _ticksFromUpperRerange
50: ) {
51: strategy = ITalosBaseStrategy(_strategy);
52: ticksFromLowerRebalance = _ticksFromLowerRebalance;
53: ticksFromUpperRebalance = _ticksFromUpperRebalance;
54: ticksFromLowerRerange = _ticksFromLowerRerange;
55: ticksFromUpperRerange = _ticksFromUpperRerange;
56: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L44-L56
File: talos/TalosOptimizer.sol
34: constructor(
35: uint32 _twapDuration,
36: int24 _maxTwapDeviation,
37: int24 _tickRangeMultiplier,
38: uint24 _priceImpactPercentage,
39: uint256 _maxTotalSupply,
40: address _owner
41: ) {
42: if (_maxTwapDeviation < 20) revert MaxTwapDeviationTooLow();
43: if (_twapDuration < 100) revert TwapDurationTooLow();
44: if (_priceImpactPercentage >= 1e6 || _priceImpactPercentage == 0) {
45: revert PriceImpactPercentageInvalid();
46: }
47: if (_maxTotalSupply == 0) revert MaxTotalSupplyIsZero();
48:
49: _initializeOwner(_owner);
50: twapDuration = _twapDuration;
51: maxTwapDeviation = _maxTwapDeviation;
52: tickRangeMultiplier = _tickRangeMultiplier;
53: priceImpactPercentage = _priceImpactPercentage;
54: maxTotalSupply = _maxTotalSupply;
55: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L34-L55
File: talos/TalosStrategyStaked.sol
63: constructor(
64: IUniswapV3Pool _pool,
65: ITalosOptimizer _optimizer,
66: BoostAggregator _boostAggregator,
67: address _strategyManager,
68: FlywheelCoreInstant _flywheel,
69: address _owner
70: )
71: TalosStrategySimple(
72: _pool,
73: _optimizer,
74: _boostAggregator.nonfungiblePositionManager(),
75: _strategyManager,
76: _owner
77: )
78: {
79: flywheel = _flywheel;
80:
81: boostAggregator = _boostAggregator;
82: _boostAggregator.setOwnRewardsDepot(address(FlywheelInstantRewards(_flywheel.flywheelRewards()).rewardsDepot()));
83: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L63-L83
File: talos/TalosStrategyVanilla.sol
58: constructor(
59: IUniswapV3Pool _pool,
60: ITalosOptimizer _optimizer,
61: INonfungiblePositionManager _nonfungiblePositionManager,
62: address _strategyManager,
63: address _owner
64: ) TalosStrategySimple(_pool, _optimizer, _nonfungiblePositionManager, _strategyManager, _owner) {}
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L58-L64
File: talos/boost-aggregator/BoostAggregator.sol
64: constructor(UniswapV3Staker _uniswapV3Staker, ERC20 _hermes, address _owner) {
65: _initializeOwner(_owner);
66: uniswapV3Staker = _uniswapV3Staker;
67: hermesGaugeBoost = uniswapV3Staker.hermesGaugeBoost();
68: nonfungiblePositionManager = uniswapV3Staker.nonfungiblePositionManager();
69: hermes = _hermes;
70: }
File: talos/factories/BoostAggregatorFactory.sol
34: constructor(UniswapV3Staker _uniswapV3Staker) {
35: uniswapV3Staker = _uniswapV3Staker;
36: hermes = ERC20(_uniswapV3Staker.hermes());
37:
38: boostAggregators.push(BoostAggregator(address(0)));
39: }
File: talos/factories/OptimizerFactory.sol
26: constructor() {
27: optimizers.push(TalosOptimizer(address(0)));
28: }
File: talos/factories/TalosStrategyStakedFactory.sol
40: constructor(
41: INonfungiblePositionManager _nonfungiblePositionManager,
42: OptimizerFactory _optimizerFactory,
43: BoostAggregatorFactory _boostAggregatorFactory
44: ) TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory) {
45: boostAggregatorFactory = _boostAggregatorFactory;
46:
47: flywheel = new FlywheelCoreInstant(
48: address(_boostAggregatorFactory.hermes()),
49: IFlywheelRewards(address(0)),
50: IFlywheelBooster(address(0)),
51: address(this)
52: );
53: rewards = new FlywheelInstantRewards(flywheel);
54: flywheel.setFlywheelRewards(address(rewards));
55: }
File: talos/factories/TalosStrategyVanillaFactory.sol
24: constructor(INonfungiblePositionManager _nonfungiblePositionManager, OptimizerFactory _optimizerFactory)
25: TalosBaseStrategyFactory(_nonfungiblePositionManager, _optimizerFactory)
26: {}
File: ulysses-amm/UlyssesPool.sol
80: constructor(
81: uint256 _id,
82: address _asset,
83: string memory _name,
84: string memory _symbol,
85: address _owner,
86: address _factory
87: ) UlyssesERC4626(_asset, _name, _symbol) {
88: require(_owner != address(0));
89: factory = UlyssesFactory(_factory);
90: _initializeOwner(_owner);
91: require(_id != 0);
92: id = _id;
93:
94: bandwidthStateList.push(BandwidthState({bandwidth: 0, destination: UlyssesPool(address(0)), weight: 0}));
95: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L80-L95
File: ulysses-amm/UlyssesRouter.sol
20: constructor(UlyssesFactory _ulyssesFactory) {
21: ulyssesFactory = _ulyssesFactory;
22: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L20-L22
File: ulysses-amm/UlyssesToken.sol
21: constructor(
22: uint256 _id,
23: address[] memory _assets,
24: uint256[] memory _weights,
25: string memory _name,
26: string memory _symbol,
27: address _owner
28: ) ERC4626MultiToken(_assets, _weights, _name, _symbol) {
29: _initializeOwner(_owner);
30: require(_id != 0);
31: id = _id;
32: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L21-L32
File: ulysses-amm/factories/UlyssesFactory.sol
60: constructor(address _owner) {
61: require(_owner != address(0), "Owner cannot be 0");
62: _initializeOwner(_owner);
63: }
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
71: constructor(
72: WETH9 _wrappedNativeToken,
73: uint256 _localChainId,
74: address _rootBridgeAgentAddress,
75: address _localAnyCallAddress,
76: address _localAnyCallExecutorAddress,
77: address _localRouterAddress,
78: address _localPortAddress
79: )
80: BranchBridgeAgent(
81: _wrappedNativeToken,
82: _localChainId,
83: _localChainId,
84: _rootBridgeAgentAddress,
85: _localAnyCallAddress,
86: _localAnyCallExecutorAddress,
87: _localRouterAddress,
88: _localPortAddress
89: )
90: {}
File: ulysses-omnichain/ArbitrumBranchPort.sol
33: constructor(uint24 _localChainId, address _rootPortAddress, address _owner) BranchPort(_owner) {
34: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
35:
36: localChainId = _localChainId;
37: rootPortAddress = _rootPortAddress;
38: }
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
38: constructor(address _hTokenFactoryAddress, address _localPortAddress)
39: CoreBranchRouter(_hTokenFactoryAddress, _localPortAddress)
40: {}
File: ulysses-omnichain/BaseBranchRouter.sol
28: constructor() {
29: _initializeOwner(msg.sender);
30: }
File: ulysses-omnichain/BranchBridgeAgent.sol
141: constructor(
142: WETH9 _wrappedNativeToken,
143: uint256 _rootChainId,
144: uint256 _localChainId,
145: address _rootBridgeAgentAddress,
146: address _localAnyCallAddress,
147: address _localAnyCallExecutorAddress,
148: address _localRouterAddress,
149: address _localPortAddress
150: ) {
151: require(_rootBridgeAgentAddress != address(0), "Root Bridge Agent Address cannot be the zero address.");
152: require(_localAnyCallAddress != address(0), "AnyCall Address cannot be the zero address.");
153: require(_localAnyCallExecutorAddress != address(0), "AnyCall Executor Address cannot be the zero address.");
154: require(_localRouterAddress != address(0), "Local Router Address cannot be the zero address.");
155: require(_localPortAddress != address(0), "Local Port Address cannot be the zero address.");
156:
157: wrappedNativeToken = _wrappedNativeToken;
158: localChainId = _localChainId;
159: rootChainId = _rootChainId;
160: rootBridgeAgentAddress = _rootBridgeAgentAddress;
161: localAnyCallAddress = _localAnyCallAddress;
162: localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
163: localRouterAddress = _localRouterAddress;
164: localPortAddress = _localPortAddress;
165: bridgeAgentExecutorAddress = DeployBranchBridgeAgentExecutor.deploy();
166: depositNonce = 1;
167: }
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
54: constructor() {
55: _initializeOwner(msg.sender);
56: }
File: ulysses-omnichain/BranchPort.sol
94: constructor(address _owner) {
95: require(_owner != address(0), "Owner is zero address");
96: _initializeOwner(_owner);
97: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L94-L97
File: ulysses-omnichain/CoreBranchRouter.sol
26: constructor(address _hTokenFactoryAddress, address _localPortAddress) BaseBranchRouter() {
27: localPortAddress = _localPortAddress;
28: hTokenFactoryAddress = _hTokenFactoryAddress;
29: }
File: ulysses-omnichain/CoreRootRouter.sol
56: constructor(uint24 _rootChainId, address _wrappedNativeToken, address _rootPortAddress) {
57: rootChainId = _rootChainId;
58: wrappedNativeToken = WETH9(_wrappedNativeToken);
59: rootPortAddress = _rootPortAddress;
60: _initializeOwner(msg.sender);
61: }
File: ulysses-omnichain/MulticallRootRouter.sol
64: constructor(uint256 _localChainId, address _localPortAddress, address _multicallAddress) {
65: require(_localPortAddress != address(0), "Local Port Address cannot be 0");
66: require(_multicallAddress != address(0), "Multicall Address cannot be 0");
67:
68: localChainId = _localChainId;
69: localPortAddress = _localPortAddress;
70: multicallAddress = _multicallAddress;
71: _initializeOwner(msg.sender);
72: }
File: ulysses-omnichain/RootBridgeAgent.sol
201: constructor(
202: WETH9 _wrappedNativeToken,
203: uint24 _localChainId,
204: address _daoAddress,
205: address _localAnyCallAddress,
206: address _localAnyCallExecutorAddress,
207: address _localPortAddress,
208: address _localRouterAddress
209: ) {
210: require(address(_wrappedNativeToken) != address(0), "Wrapped native token cannot be zero address");
211: require(_daoAddress != address(0), "DAO cannot be zero address");
212: require(_localAnyCallAddress != address(0), "Anycall Address cannot be zero address");
213: require(_localAnyCallExecutorAddress != address(0), "Anycall Executor Address cannot be zero address");
214: require(_localPortAddress != address(0), "Port Address cannot be zero address");
215: require(_localRouterAddress != address(0), "Router Address cannot be zero address");
216:
217: wrappedNativeToken = _wrappedNativeToken;
218: factoryAddress = msg.sender;
219: daoAddress = _daoAddress;
220: localChainId = _localChainId;
221: localAnyCallAddress = _localAnyCallAddress;
222: localPortAddress = _localPortAddress;
223: localRouterAddress = _localRouterAddress;
224: bridgeAgentExecutorAddress = DeployRootBridgeAgentExecutor.deploy(address(this));
225: localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
226: settlementNonce = 1;
227: accumulatedFees = 1; //Avoid paying 20k gas in first `payExecutionGas` making MIN_EXECUTION_OVERHEAD constant.
228: }
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
61: constructor(address owner) {
62: _initializeOwner(owner);
63: }
File: ulysses-omnichain/RootPort.sol
114: constructor(uint24 _localChainId, address _wrappedNativeToken) {
115: require(_wrappedNativeToken != address(0), "Invalid wrapped native token address.");
116:
117: localChainId = _localChainId;
118: wrappedNativeTokenAddress = _wrappedNativeToken;
119:
120: isChainId[_localChainId] = true;
121:
122: _initializeOwner(msg.sender);
123: _setup = true;
124: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L114-L124
File: ulysses-omnichain/VirtualAccount.sol
25: constructor(address _userAddress, address _localPortAddress) {
26: userAddress = _userAddress;
27: localPortAddress = _localPortAddress;
28: }
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
31: constructor(
32: uint256 _rootChainId,
33: address _rootBridgeAgentFactoryAddress,
34: WETH9 _wrappedNativeToken,
35: address _localAnyCallAddress,
36: address _localAnyCallExecutorAddress,
37: address _localCoreBranchRouterAddress,
38: address _localPortAddress,
39: address _owner
40: )
41: BranchBridgeAgentFactory(
42: _rootChainId,
43: _rootChainId,
44: _rootBridgeAgentFactoryAddress,
45: _wrappedNativeToken,
46: _localAnyCallAddress,
47: _localAnyCallExecutorAddress,
48: _localCoreBranchRouterAddress,
49: _localPortAddress,
50: _owner
51: )
52: {}
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
53: constructor(
54: uint256 _localChainId,
55: uint256 _rootChainId,
56: address _rootBridgeAgentFactoryAddress,
57: WETH9 _wrappedNativeToken,
58: address _localAnyCallAddress,
59: address _localAnyCallExecutorAddress,
60: address _localCoreBranchRouterAddress,
61: address _localPortAddress,
62: address _owner
63: ) {
64: require(_rootBridgeAgentFactoryAddress != address(0), "Root Bridge Agent Factory Address cannot be 0");
65: require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
66: require(_localAnyCallAddress != address(0), "Anycall Address cannot be 0");
67: require(_localAnyCallExecutorAddress != address(0), "Anyexec Address cannot be 0");
68: require(_localCoreBranchRouterAddress != address(0), "Core Branch Router Address cannot be 0");
69: require(_localPortAddress != address(0), "Port Address cannot be 0");
70: require(_owner != address(0), "Owner cannot be 0");
71:
72: localChainId = _localChainId;
73: rootChainId = _rootChainId;
74: rootBridgeAgentFactoryAddress = _rootBridgeAgentFactoryAddress;
75: wrappedNativeToken = _wrappedNativeToken;
76: localAnyCallAddress = _localAnyCallAddress;
77: localAnyCallExecutorAddress = _localAnyCallExecutorAddress;
78: localCoreBranchRouterAddress = _localCoreBranchRouterAddress;
79: localPortAddress = _localPortAddress;
80: _initializeOwner(_owner);
81: }
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
27: constructor(uint24 _localChainId, address _localPortAddress) {
28: require(_localPortAddress != address(0), "Port address cannot be 0");
29:
30: localChainId = _localChainId;
31: localPortAddress = _localPortAddress;
32: _initializeOwner(msg.sender);
33: }
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
33: constructor(uint256 _localChainId, address _rootPortAddress) {
34: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
35: localChainId = _localChainId;
36: rootPortAddress = _rootPortAddress;
37: _initializeOwner(msg.sender);
38: }
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
48: constructor(
49: uint24 _rootChainId,
50: WETH9 _wrappedNativeToken,
51: address _localAnyCallAddress,
52: address _rootPortAddress,
53: address _daoAddress
54: ) {
55: require(address(_wrappedNativeToken) != address(0), "Wrapped Native Token cannot be 0");
56: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
57: require(_daoAddress != address(0), "DAO Address cannot be 0");
58:
59: rootChainId = _rootChainId;
60: wrappedNativeToken = _wrappedNativeToken;
61: localAnyCallAddress = _localAnyCallAddress;
62: localAnyCallExecutorAddress = IAnycallProxy(localAnyCallAddress).executor();
63: rootPortAddress = _rootPortAddress;
64: daoAddress = _daoAddress;
65: }
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
12: constructor(string memory _name, string memory _symbol, address _owner)
13: ERC20(string(string.concat("Hermes - ", _name)), string(string.concat("h-", _symbol)), 18)
14: {
15: _initializeOwner(_owner);
16: }
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
38: constructor(
39: uint256 _localChainId,
40: address _factoryAddress,
41: address _rootPortAddress,
42: string memory _name,
43: string memory _symbol
44: ) ERC20(string(string.concat("Hermes ", _name)), string(string.concat("h-", _symbol)), 18) {
45: require(_rootPortAddress != address(0), "Root Port Address cannot be 0");
46: require(_factoryAddress != address(0), "Factory Address cannot be 0");
47: localChainId = _localChainId;
48: factoryAddress = _factoryAddress;
49: rootPortAddress = _rootPortAddress;
50: }
File: uni-v3-staker/UniswapV3Staker.sol
114: constructor(
115: IUniswapV3Factory _factory,
116: INonfungiblePositionManager _nonfungiblePositionManager,
117: IUniswapV3GaugeFactory _uniswapV3GaugeFactory,
118: bHermesBoost _hermesGaugeBoost,
119: uint256 _maxIncentiveStartLeadTime,
120: address _minter,
121: address _hermes
122: ) {
123: factory = _factory;
124: nonfungiblePositionManager = _nonfungiblePositionManager;
125: maxIncentiveStartLeadTime = _maxIncentiveStartLeadTime;
126: uniswapV3GaugeFactory = _uniswapV3GaugeFactory;
127: hermesGaugeBoost = _hermesGaugeBoost;
128: minter = _minter;
129: hermes = _hermes;
130: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L114-L130
Using unchecked
blocks saves just a tiny bit of gas, but in instances where its clearly safe already it’s possible to avoid this unnecessary check.
There are 16 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
328: for (uint256 i = 0; i < size && (userFreeVotes + totalFreed) < votes; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L328
File: governance/GovernorBravoDelegateMaia.sol
181: for (uint256 i = 0; i < proposal.targets.length; i++) {
215: for (uint256 i = 0; i < proposal.targets.length; i++) {
251: for (uint256 i = 0; i < proposal.targets.length; i++) {
File: rewards/rewards/FlywheelGaugeRewards.sol
176: for (uint256 i = 0; i < size; i++) {
File: ulysses-amm/UlyssesPool.sol
130: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
175: for (uint256 i = 1; i < index; i++) {
211: for (uint256 i = 1; i <= index; i++) {
232: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
296: for (uint256 i = 1; i < bandwidthStateList.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L130
File: ulysses-amm/UlyssesToken.sol
95: for (uint256 i = 0; i < assets.length; i++) {
111: for (uint256 i = 0; i < assets.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L95
File: ulysses-omnichain/BranchBridgeAgent.sol
283: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
719: for (uint256 i = 0; i < _dParams.hTokens.length; i++) {
1354: for (uint256 i = 0; i < _deposits.length; i++) {
File: ulysses-omnichain/VirtualAccount.sol
48: for (uint256 i = 0; i < calls.length; i++) {
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L48
See: OpenZeppelin/ERC20.sol#L336 OpenZeppelin/openzeppelin-contracts#3085
There are 5 instances of this issue:
File: erc-20/ERC20Boost.sol
323: function transferFrom(address from, address to, uint256 amount)
324: public
325: override
326: notAttached(from, amount)
327: returns (bool)
328: {
329: return super.transferFrom(from, to, amount);
330: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L323-L330
File: erc-20/ERC20Gauges.sol
508: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
509: _decrementWeightUntilFree(from, amount);
510: return super.transferFrom(from, to, amount);
511: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L508-L511
File: erc-20/ERC20MultiVotes.sol
303: function transferFrom(address from, address to, uint256 amount) public virtual override returns (bool) {
304: _decrementVotesUntilFree(from, amount);
305: return super.transferFrom(from, to, amount);
306: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L303-L306
File: maia/tokens/ERC4626PartnerManager.sol
279: function transferFrom(address from, address to, uint256 amount)
280: public
281: virtual
282: override
283: checkTransfer(from, amount)
284: returns (bool)
285: {
286: return super.transferFrom(from, to, amount);
287: }
File: talos/TalosStrategyStaked.sol
94: function transferFrom(address _from, address _to, uint256 _amount) public override returns (bool) {
95: flywheel.accrue(ERC20(address(this)), _from, _to);
96: return super.transferFrom(_from, _to, _amount);
97: }
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyStaked.sol#L94-L97
If data can fit into 32 bytes, then you should use bytes32 datatype rather than bytes or strings as it is cheaper in solidity.
There are 1 instances of this issue:
File: governance/GovernorBravoDelegateMaia.sol
9: string public constant name = "vMaia Governor Bravo";
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L9
Saves 5 gas per iteration.1
There are 2 instances of this issue:
File: talos/libraries/PoolVariables.sol
98: if (tick < 0 && tick % tickSpacing != 0) compressed--;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L98
File: uni-v3-staker/UniswapV3Staker.sol
428: incentive.numberOfStakes--;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L428
The Solidity compiler does not optimize the <x> += <y>
operation for
state variables. This means that every time the state variable is
updated, the entire value is copied to memory, the operation is
performed, and then the value is copied back to storage. This is
expensive and can be avoided by using <x> = <x> + <y>
instead.
There are 6 instances of this issue:
File: hermes/minters/BaseV2Minter.sol
130: weekly += newWeeklyEmission;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L130
File: rewards/rewards/FlywheelGaugeRewards.sol
134: nextCycleQueuedRewards += uint112(newRewards); // in case a previous incomplete cycle had rewards, add on
File: talos/base/TalosBaseStrategy.sol
216: liquidity += liquidityDifference;
277: liquidity -= liquidityToDecrease;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/base/TalosBaseStrategy.sol#L216
File: talos/boost-aggregator/BoostAggregator.sol
121: protocolRewards += newProtocolRewards;
File: ulysses-omnichain/RootBridgeAgent.sol
823: accumulatedFees += availableGas - minExecCost;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L823
There are 142 instances of this issue:
File: erc-20/ERC20Boost.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Boost.sol#L3
File: erc-20/ERC20Gauges.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20Gauges.sol#L3
File: erc-20/ERC20MultiVotes.sol
4: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L4
File: erc-20/interfaces/Errors.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/Errors.sol#L2
File: erc-20/interfaces/IERC20Boost.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Boost.sol#L2
File: erc-20/interfaces/IERC20Gauges.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20Gauges.sol#L3
File: erc-20/interfaces/IERC20MultiVotes.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/interfaces/IERC20MultiVotes.sol#L3
File: erc-4626/interfaces/IERC4626DepositOnly.sol
2: pragma solidity ^0.8.0;
File: erc-4626/interfaces/IERC4626MultiToken.sol
2: pragma solidity ^0.8.0;
File: erc-4626/interfaces/IUlyssesERC4626.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-4626/interfaces/IUlyssesERC4626.sol#L2
File: gauges/BaseV2Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/BaseV2Gauge.sol#L2
File: gauges/UniswapV3Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/UniswapV3Gauge.sol#L2
File: gauges/factories/BaseV2GaugeFactory.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeFactory.sol#L3
File: gauges/factories/BaseV2GaugeManager.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BaseV2GaugeManager.sol#L3
File: gauges/factories/BribesFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/factories/BribesFactory.sol#L2
File: gauges/factories/UniswapV3GaugeFactory.sol
3: pragma solidity ^0.8.0;
File: gauges/interfaces/IBaseV2Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBaseV2Gauge.sol#L2
File: gauges/interfaces/IBaseV2GaugeFactory.sol
3: pragma solidity ^0.8.0;
File: gauges/interfaces/IBaseV2GaugeManager.sol
3: pragma solidity ^0.8.0;
File: gauges/interfaces/IBribesFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IBribesFactory.sol#L2
File: gauges/interfaces/IUniswapV3Gauge.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/gauges/interfaces/IUniswapV3Gauge.sol#L2
File: gauges/interfaces/IUniswapV3GaugeFactory.sol
3: pragma solidity ^0.8.0;
File: governance/GovernorBravoDelegateMaia.sol
2: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegateMaia.sol#L2
File: governance/GovernorBravoDelegator.sol
2: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoDelegator.sol#L2
File: governance/GovernorBravoInterfaces.sol
2: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/governance/GovernorBravoInterfaces.sol#L2
File: hermes/UtilityManager.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/UtilityManager.sol#L3
File: hermes/bHermes.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/bHermes.sol#L2
File: hermes/interfaces/IBaseV2Minter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IBaseV2Minter.sol#L2
File: hermes/interfaces/IUtilityManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IUtilityManager.sol#L2
File: hermes/interfaces/IbHermesUnderlying.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/interfaces/IbHermesUnderlying.sol#L2
File: hermes/minters/BaseV2Minter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/minters/BaseV2Minter.sol#L2
File: hermes/tokens/HERMES.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/HERMES.sol#L2
File: hermes/tokens/bHermesBoost.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesBoost.sol#L2
File: hermes/tokens/bHermesGauges.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesGauges.sol#L2
File: hermes/tokens/bHermesVotes.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/hermes/tokens/bHermesVotes.sol#L2
File: maia/PartnerUtilityManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/PartnerUtilityManager.sol#L2
File: maia/factories/PartnerManagerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/factories/PartnerManagerFactory.sol#L2
File: maia/interfaces/IBaseVault.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/interfaces/IBaseVault.sol#L3
File: maia/interfaces/IERC4626PartnerManager.sol
2: pragma solidity ^0.8.0;
File: maia/interfaces/IPartnerManagerFactory.sol
2: pragma solidity ^0.8.0;
File: maia/interfaces/IPartnerUtilityManager.sol
2: pragma solidity ^0.8.0;
File: maia/libraries/DateTimeLib.sol
2: pragma solidity ^0.8.4;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L2
File: maia/tokens/ERC4626PartnerManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/ERC4626PartnerManager.sol#L2
File: maia/tokens/Maia.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/tokens/Maia.sol#L2
File: maia/vMaia.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/vMaia.sol#L3
File: rewards/FlywheelCoreInstant.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreInstant.sol#L2
File: rewards/FlywheelCoreStrategy.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/FlywheelCoreStrategy.sol#L2
File: rewards/base/BaseFlywheelRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/BaseFlywheelRewards.sol#L3
File: rewards/base/FlywheelCore.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/base/FlywheelCore.sol#L3
File: rewards/booster/FlywheelBoosterGaugeWeight.sol
3: pragma solidity ^0.8.0;
File: rewards/depots/MultiRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/MultiRewardsDepot.sol#L2
File: rewards/depots/RewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/RewardsDepot.sol#L2
File: rewards/depots/SingleRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/depots/SingleRewardsDepot.sol#L2
File: rewards/interfaces/IFlywheelAcummulatedRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/interfaces/IFlywheelBooster.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelBooster.sol#L3
File: rewards/interfaces/IFlywheelBribeRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/interfaces/IFlywheelCore.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelCore.sol#L3
File: rewards/interfaces/IFlywheelGaugeRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/interfaces/IFlywheelInstantRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/interfaces/IFlywheelRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IFlywheelRewards.sol#L3
File: rewards/interfaces/IMultiRewardsDepot.sol
2: pragma solidity ^0.8.0;
File: rewards/interfaces/IRewardsDepot.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/interfaces/IRewardsDepot.sol#L2
File: rewards/rewards/FlywheelAcummulatedRewards.sol
3: pragma solidity ^0.8.0;
File: rewards/rewards/FlywheelBribeRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelBribeRewards.sol#L3
File: rewards/rewards/FlywheelGaugeRewards.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/rewards/rewards/FlywheelGaugeRewards.sol#L3
File: rewards/rewards/FlywheelInstantRewards.sol
3: pragma solidity ^0.8.0;
File: talos/TalosManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosManager.sol#L2
File: talos/TalosOptimizer.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosOptimizer.sol#L3
File: talos/factories/BoostAggregatorFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/OptimizerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/factories/OptimizerFactory.sol#L2
File: talos/factories/TalosBaseStrategyFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/TalosStrategyStakedFactory.sol
2: pragma solidity ^0.8.0;
File: talos/factories/TalosStrategyVanillaFactory.sol
3: pragma solidity ^0.8.0;
File: talos/interfaces/AutomationCompatibleInterface.sol
2: pragma solidity ^0.8.0;
File: talos/interfaces/IBoostAggregatorFactory.sol
2: pragma solidity ^0.8.0;
File: talos/interfaces/IOptimizerFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/IOptimizerFactory.sol#L2
File: talos/interfaces/ITalosBaseStrategy.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosBaseStrategy.sol#L3
File: talos/interfaces/ITalosBaseStrategyFactory.sol
2: pragma solidity ^0.8.0;
File: talos/interfaces/ITalosManager.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosManager.sol#L2
File: talos/interfaces/ITalosOptimizer.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/interfaces/ITalosOptimizer.sol#L3
File: talos/interfaces/ITalosStrategyStaked.sol
2: pragma solidity ^0.8.0;
File: talos/interfaces/ITalosStrategyStakedFactory.sol
2: pragma solidity ^0.8.0;
File: talos/libraries/PoolActions.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolActions.sol#L3
File: talos/libraries/PoolVariables.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L3
File: ulysses-amm/UlyssesPool.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L2
File: ulysses-amm/UlyssesRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesRouter.sol#L2
File: ulysses-amm/UlyssesToken.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesToken.sol#L2
File: ulysses-amm/factories/UlyssesFactory.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/factories/UlyssesFactory.sol#L2
File: ulysses-amm/interfaces/IUlyssesFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-amm/interfaces/IUlyssesPool.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesPool.sol#L2
File: ulysses-amm/interfaces/IUlyssesRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-amm/interfaces/IUlyssesToken.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/interfaces/IUlyssesToken.sol#L2
File: ulysses-omnichain/ArbitrumBranchBridgeAgent.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/ArbitrumBranchPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/ArbitrumBranchPort.sol#L3
File: ulysses-omnichain/ArbitrumCoreBranchRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/BaseBranchRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BaseBranchRouter.sol#L2
File: ulysses-omnichain/BranchBridgeAgent.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchBridgeAgent.sol#L2
File: ulysses-omnichain/BranchBridgeAgentExecutor.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/BranchPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/BranchPort.sol#L3
File: ulysses-omnichain/CoreBranchRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreBranchRouter.sol#L2
File: ulysses-omnichain/CoreRootRouter.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/CoreRootRouter.sol#L2
File: ulysses-omnichain/MulticallRootRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/RootBridgeAgent.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L2
File: ulysses-omnichain/RootBridgeAgentExecutor.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/RootPort.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootPort.sol#L3
File: ulysses-omnichain/VirtualAccount.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/VirtualAccount.sol#L3
File: ulysses-omnichain/factories/ArbitrumBranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/BranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/ERC20hTokenBranchFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/ERC20hTokenRootFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/factories/RootBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IAnycallConfig.sol
3: pragma solidity ^0.8.10;
File: ulysses-omnichain/interfaces/IAnycallExecutor.sol
3: pragma solidity ^0.8.10;
File: ulysses-omnichain/interfaces/IAnycallProxy.sol
3: pragma solidity ^0.8.10;
File: ulysses-omnichain/interfaces/IApp.sol
3: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IApp.sol#L3
File: ulysses-omnichain/interfaces/IArbitrumBranchPort.sol
3: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IBranchBridgeAgent.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IBranchBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IBranchPort.sol
3: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IBranchRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/ICoreBranchRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IERC20hTokenBranch.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IERC20hTokenBranchFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IERC20hTokenRoot.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IERC20hTokenRootFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IMulticall2.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IPortStrategy.sol
3: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IRootBridgeAgent.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IRootBridgeAgentFactory.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IRootPort.sol
3: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IRootRouter.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IVirtualAccount.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/interfaces/IWETH9.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/interfaces/IWETH9.sol#L2
File: ulysses-omnichain/lib/AnycallFlags.sol
3: pragma solidity ^0.8.10;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/lib/AnycallFlags.sol#L3
File: ulysses-omnichain/token/ERC20hTokenBranch.sol
2: pragma solidity ^0.8.0;
File: ulysses-omnichain/token/ERC20hTokenRoot.sol
2: pragma solidity ^0.8.0;
File: uni-v3-staker/UniswapV3Staker.sol
3: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/UniswapV3Staker.sol#L3
File: uni-v3-staker/interfaces/IUniswapV3Staker.sol
3: pragma solidity ^0.8.0;
File: uni-v3-staker/libraries/IncentiveId.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/IncentiveId.sol#L2
File: uni-v3-staker/libraries/IncentiveTime.sol
2: pragma solidity ^0.8.0;
File: uni-v3-staker/libraries/NFTPositionInfo.sol
3: pragma solidity ^0.8.0;
File: uni-v3-staker/libraries/RewardMath.sol
2: pragma solidity ^0.8.0;
https://github.com/code-423n4/2023-05-maia/tree/main/src/uni-v3-staker/libraries/RewardMath.sol#L2
[G-31] Variable names that consist of all capital letters should be reserved for constant/immutable variables
If the variable needs to be different based on which class it comes from, a view/pure function should be used instead (e.g. like this).
There are 1 instances of this issue:
File: talos/TalosStrategyVanilla.sol
117: uint24 _GLOBAL_DIVISIONER = GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/TalosStrategyVanilla.sol#L117
<x> / 2
is the same as <x> >> 1
. While the compiler uses the SHR
opcode to accomplish both, the version that uses division incurs an overhead of 20 gas due to JUMP
s to and from a compiler utility function that introduces checks which can be avoided by using unchecked {}
around the division by two.
There are 9 instances of this issue:
File: erc-20/ERC20MultiVotes.sol
82: return (a & b) + (a ^ b) / 2;
https://github.com/code-423n4/2023-05-maia/tree/main/src/erc-20/ERC20MultiVotes.sol#L82
File: maia/libraries/DateTimeLib.sol
40: uint256 epochDay = timestamp / 86400;
57: uint256 day = timestamp / 86400;
https://github.com/code-423n4/2023-05-maia/tree/main/src/maia/libraries/DateTimeLib.sol#L40
File: talos/libraries/PoolVariables.sol
247: ? int256((cache.amount0Desired - cache.amount0) / 2)
248: : int256((cache.amount1Desired - cache.amount1) / 2); // always positive. "overflow" safe convertion cuz we are dividing by 2
251: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (_strategy.priceImpactPercentage() / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/talos/libraries/PoolVariables.sol#L247
File: ulysses-amm/UlyssesPool.sol
312: if (_fees.lambda1 + _fees.lambda2 != DIVISIONER / 2) revert InvalidFee();
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-amm/UlyssesPool.sol#L312
File: ulysses-omnichain/RootBridgeAgent.sol
677: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
720: uint160 exactSqrtPriceImpact = (sqrtPriceX96 * (priceImpactPercentage / 2)) / GLOBAL_DIVISIONER;
https://github.com/code-423n4/2023-05-maia/tree/main/src/ulysses-omnichain/RootBridgeAgent.sol#L677