Organization
- @Ondofinance
Engagement Type
Cantina Reviews
Period
-
Repositories
Researchers
Findings
Informational
1 findings
1 fixed
0 acknowledged
Gas Optimizations
4 findings
4 fixed
0 acknowledged
Informational1 finding
User may be removed from registry between order creation and execution
Description
A user may be removed from registry some time between order creation and execution.
Recommendation
Consider checking that the user is still registered upon order execution.
Gas Optimizations4 findings
Redundant condition checked in isOrderActive()
Severity
- Severity: Gas optimization
Submitted by
HickupHH3
Description
The referenced condition is redundant because of the checks in place that results in a couple of state invariants:
OrderStatus.ACTIVE(&OrderStatus.CANCELLED) =>order.filledQuantity < order.totalQuantityOrderStatus.EXECUTED<=>order.filledQuantity == order.totalQuantity
As such, checking
order.status == OrderStatus.ACTIVEwill suffice in asserting the latter.Recommendation
Remove the referenced condition.
Cheaper conditional check for isOrderFullyFilled()
Severity
- Severity: Gas optimization
Submitted by
HickupHH3
Description & Recommendation
A cheaper check is
order.status == OrderStatus.EXECUTED.executorUserId is check per iteration for batch calls
Severity
- Severity: Gas optimization
Submitted by
HickupHH3
Description & Recommendation
The compliance check on the executor should be refactored into a separate function because it's called every iteration for batch orders.
msg.sender emission in OrderCancelled is redundant
Description & Recommendation
Orders can only be cancelled by its creators, ie.
order.user, so emitting it in theOrderCancelledis redundant.Ondo
Another function for cancelling orders by authorized addresses was added, so the address emitted here becomes relevant.
Cantina
Fixed.