Platform: Code4rena
Start Date: 06/09/2022
Pot Size: $90,000 USDC
Total HM: 33
Participants: 168
Period: 9 days
Judge: GalloDaSballo
Total Solo HM: 10
Id: 157
League: ETH
Rank: 109/168
Findings: 1
Award: $62.78
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: Lambda
Also found by: 0x1337, 0x1f8b, 0x4non, 0x85102, 0xA5DF, 0xNazgul, 0xSmartContract, 0xbepresent, 0xc0ffEE, 8olidity, Aymen0909, B2, Bnke0x0, CRYP70, Captainkay, CertoraInc, Ch_301, Chom, ChristianKuri, CodingNameKiki, Deivitto, Diana, DimitarDimitrov, ElKu, EthLedger, Franfran, Funen, GimelSec, JansenC, Jeiwan, Jujic, Lead_Belly, MEP, MasterCookie, MiloTruck, Noah3o6, PPrieditis, PaludoX0, Picodes, PwnPatrol, R2, Randyyy, RaymondFam, Respx, ReyAdmirado, Rolezn, Samatak, Tointer, Tomo, V_B, Waze, _Adam, __141345__, a12jmx, ak1, asutorufos, azephiar, ballx, bharg4v, bin2chen, bobirichman, brgltd, bulej93, c3phas, cccz, ch0bu, cloudjunky, cryptonue, cryptostellar5, cryptphi, csanuragjain, d3e4, datapunk, davidbrai, delfin454000, dharma09, dic0de, dipp, djxploit, eierina, erictee, fatherOfBlocks, gogo, hansfriese, hyh, imare, indijanc, izhuer, jonatascm, ladboy233, leosathya, lucacez, lukris02, m9800, martin, minhtrng, ne0n, neumo, oyc_109, p_crypt0, pashov, pauliax, pcarranzav, pedr02b2, peritoflores, pfapostol, rbserver, ret2basic, robee, rvierdiiev, sach1r0, sahar, scaraven, sikorico, simon135, slowmoses, sorrynotsorry, tnevler, tonisives, volky, yixxas, zkhorse, zzzitron
62.7813 USDC - $62.78
transferOwnership() function.There's no check that the _newOwner is not 0 address. It is dangerous and irreversible if the owner is accidentally set to be 0 address. Recommend using the OpenZeppelin implementation of this function, which contains the zero address check:
ecrecover()EVM’s ecrecover is susceptible to signature malleability, which allows replay attacks. This is mitigated here as each recovered voter can only vote once. However, if any application logic changes, it might make signature malleability a risk for replay attacks.
See this reference: https://swcregistry.io/docs/SWC-117
Recommend using OpenZeppelin's ECDSA library: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol
None of the upgradeable contracts in the code base contains storage gap, which is not a best practice and potentially limit the ability to add new variables. This is somewhat mitigated, because most of the contracts in the code base put all the variables that take storage slot into one base contract, e.g. AuctionStorageV1.sol, and the storage contracts can be upgraded to include new variables in the future, because the contract that inherits the storage contract (e.g. Auction.sol) only has immutable or constant variables that do not take storage slots. However, there are exceptions to this. For example, the Token contract inherits the ERC721Votes contract, which in turn inherits the ERC721 contract, none of which contains storage gap. If a new variable is added to the ERC721Votes contract, it would overwrite the variable in the TokenStorageV1 contract, and if a new variable is added to the ERC721 contract, it would overwrite the variable in the ERC721Votes contract. This greatly limits the ability to upgrade base contracts. Recommend including storage gap in all the base contracts for upgradeable contracts in the code base.
#0 - GalloDaSballo
2022-09-26T20:52:56Z
3L