GalloDaSballo
commented
2 years ago Not sufficient, in terms of impact, explanations and benchmarks, this is not what a professional report looks like
Closed code423n4 closed 2 years ago
GalloDaSballo
commented
2 years ago Not sufficient, in terms of impact, explanations and benchmarks, this is not what a professional report looks like
Call to KECCAK256 should use IMMUTABLE rather than constant EIP712.sol#L20 EIP712.sol#L23 EIP712.sol#L26 EIP712.sol#L29 EIP712.sol#L33
Require / Revert strings longer than 32 bytes cost extra gas BlurExchange.sol#L482 ExecutionDelegate.sol#L22
X++ is more expensive than ++X BlurExchange.sol#L199 BlurExchange.sol#L476 EIP712.sol#L77 MerkleVerifier.sol#L38 PolicyManager.sol#L77
X += Y is more expensive than X = X + Y BlurExchange.sol#L208 BlurExchange.sol#L479
Using bools for storage incurs overhead ReentrancyGuarded.sol#L10 BlurExchange.sol#L71 BlurExchange.sol#L421 ExecutionDelegate.sol#L18 ExecutionDelegate.sol#L19
Using return and function return names is redundant BlurExchange.sol#L416-L434
Use unchecked { i++; } / unchecked{ ++i; } in loops when it's not possible to overflow BlurExchange.sol#L199 BlurExchange.sol#L476 EIP712.sol#L77 MerkleVerifier.sol#L38 PolicyManager.sol#L77