Open code423n4 opened 2 years ago
Duplicate https://github.com/code-423n4/2022-06-nibbl-findings/issues/2, https://github.com/code-423n4/2022-06-nibbl-findings/issues/3, https://github.com/code-423n4/2022-06-nibbl-findings/issues/6, https://github.com/code-423n4/2022-06-nibbl-findings/issues/7, https://github.com/code-423n4/2022-06-nibbl-findings/issues/8, https://github.com/code-423n4/2022-06-nibbl-findings/issues/82
Project
Nibbl contest
Contracts in Scope
Report files
Low risk, non-critical, and gas optimization findings
Use != 0 instead of > 0. The variable is uint256, so it will not be below 0 so it can just check != 0. https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L227 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L243
Splitting require() statements that use
&&
saves gas https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L107 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L131 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L149 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L166X = X + Y is cheaper than X += Y and X = X - Y is cheaper than X -= Y https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L219 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L225 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L242 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L320 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L322 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L380 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L383 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L428 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L429 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L457
Use of block.timestamp in NibblVault.sol and NibblVaultFactory.sol. Weak PRNG due to a modulo on block.timestamp. It can be influenced by miners to some extent so they should be avoided.