Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Certik Audit Recommendations #151

Merged
merged 6 commits into from
May 18, 2020
Merged

Certik Audit Recommendations #151

merged 6 commits into from
May 18, 2020

Conversation

brandoniles
Copy link
Member

Exhibit 1-
Remove Orchestrator address initialization in the policy.

Exhibit 2-
Reorder Transaction struct elements to pack values and save storage.

Exhibit 3-
No action. I'm ok with leaving the index in the TransactionFailed event, since risk is minimal and it aids potential debugging.

Exhibit 4-
No action needed.

Exhibit 5-
Removed unnecessary delete call.

Exhibit 6-
Removed transferValueWei parameter in external_call.

Exhibit 7-
Remove dataLength parameter in external_call. Load directly from array's storage.

Exhibit 8-
No action. It doesn't save gas, and I think it's more legible as is.

Exhibit 9-
Renamed transactionsLength to transactionsSize to follow market-oracle repo's convention.

Exhibit 10-
No action needed, since we mitigated Exhibit 2.

@brandoniles brandoniles self-assigned this May 15, 2020
@aalavandhan
Copy link
Member

aalavandhan commented May 18, 2020
edited
Loading

Looks good. Thanks 👍

ahnaguib
ahnaguib approved these changes May 18, 2020
View reviewed changes
contracts/Orchestrator.sol
@@ -90,7 +90,6 @@ contract Orchestrator is Ownable {
transactions[index] = transactions[transactions.length - 1];
}

delete transactions[transactions.length - 1];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's hidden and good to know! we have this delete pattern in multiple places in our codebase.

contracts/Orchestrator.sol
@@ -147,9 +144,9 @@ contract Orchestrator is Ownable {


destination,
transferValueWei,
0, // transfer value in wei
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought we already did this when I left a comment for it in the original PR.

@brandoniles brandoniles merged commit 0b717a0 into master May 18, 2020
@brandoniles brandoniles deleted the certik-1 branch May 18, 2020 22:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahnaguib ahnaguib ahnaguib approved these changes

@aalavandhan aalavandhan aalavandhan approved these changes

Assignees

@brandoniles brandoniles

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@brandoniles @aalavandhan @ahnaguib