Open CloudEllie opened 1 year ago
CloudEllie
commented
1 year ago Staff note: this team's Analysis was submitted slightly late (1 hour after the audit closed), but since Analyses are relatively new, and may be weighed by the judge when reviewing issues, I have made the call to add this one manually. I leave it to the judge to decide whether to consider it for evaluation.
c4-judge
commented
1 year ago trust1995 marked the issue as grade-b
c4-judge
commented
1 year ago trust1995 marked the issue as satisfactory
c4-sponsor
commented
1 year ago 0xLightt marked the issue as sponsor confirmed
A. Approach to codebase evaluation:
Team members had individual approaches. Leader focused on UniswapV3 staking. Initial plan of brief overview followed by deep dives didn't work as intended. Collaboration was effective. Script used to find zero address checks and external functions. Codebase exploration prioritized over documentation.
B. Key learnings:
Team members gained knowledge of bridges and omnichain gas management. Leader learned about staking, NFT positions, gauges, and the complex contract ecosystem. Difficulty in finding vulnerabilities due to codebase size and previous audits. Importance of balancing large and small LOC contests.
C. Comments for the judge:
Limited focus on gas optimization. Efforts to find bugs in omnichain areas resulted in false flags. Spotting lack of zero address checks was straightforward. Time constraints and power interruption affected team leader's submission.
Team members' answers: Approaches included light doc review, function analysis. Extensive research on contract relationships and identifying unreachable code.