Platform: Code4rena
Start Date: 03/11/2022
Pot Size: $115,500 USDC
Total HM: 17
Participants: 120
Period: 7 days
Judge: LSDan
Total Solo HM: 1
Id: 174
League: ETH
Rank: 85/120
Findings: 1
Award: $61.35
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0xNazgul, 0xRoxas, 0xSmartContract, Awesome, Aymen0909, B2, BClabs, Bnke0x0, Deekshith99, Deivitto, Diana, Dinesh11G, Funen, HE1M, HardlyCodeMan, Josiah, Nyx, Rahoz, RaymondFam, RedOneN, ReyAdmirado, Rolezn, Saintcode_, TomJ, Trust, __141345__, a12jmx, adriro, ajtra, aphak5010, apostle0x01, brgltd, btk, bulej93, c3phas, carlitox477, catwhiskeys, ch0bu, chaduke, chrisdior4, cryptonue, cryptostellar5, csanuragjain, ctf_sec, delfin454000, djxploit, durianSausage, erictee, fatherOfBlocks, gogo, i_got_hacked, immeas, joestakey, jumpdest7d, lukris02, martin, mcwildy, merlin, minhquanym, oyc_109, pashov, peanuts, pedr02b2, rbserver, rotcivegaf, rvierdiiev, sakman, saneryee, seyni, shark, slowmoses, tnevler, trustindistrust, w0Lfrum, yurahod, zaskoh
61.3462 USDC - $61.35
https://swcregistry.io/docs/SWC-103
/contracts/modules/credit/LineOfCredit.sol Line(s): 1
1: pragma solidity ^0.8.9;
/contracts/modules/credit/SpigotedLine.sol Line(s): 1
1: pragma solidity ^0.8.9;
/contracts/modules/credit/SecuredLine.sol Line(s): 1
1: pragma solidity ^0.8.9;
/contracts/modules/oracle/Oracle.sol Line(s): 2
2: pragma solidity ^0.8.9;
Error messages help with troubleshooting, some require statements are missing error messages.
/contracts/modules/credit/LineOfCredit.sol Line(s): 112, 326
112: require(uint(status) >= uint( LineLib.STATUS.ACTIVE)); 326: require(amount <= credit.principal + credit.interestAccrued);
/contracts/modules/credit/SpigotedLine.sol Line(s): 62, 143, 160, 239
62: require(defaultRevenueSplit_ <= SpigotedLineLib.MAX_SPLIT); 143: require(amount <= unusedTokens[credit.token]); 160: require(msg.sender == borrower); 239: require(msg.sender == arbiter);
/contracts/modules/credit/EscrowedLine.sol Line(s): 90
90: require(escrow.updateLine(newLine));
/contracts/utils/EscrowLib.sol Line(s): 91, 105, 161, 198, 216
91: require(amount > 0); 105: require(msg.sender == ILineOfCredit(self.line).arbiter()); 161: require(amount > 0); 198: require(amount > 0); 216: require(msg.sender == self.line);
/contracts/utils/SpigotLib.sol Line(s): 128, 130, 155, 180, 189, 201
128: require(revenueContract != address(this)); 130: require(self.settings[revenueContract].transferOwnerFunction == bytes4(0)); 155: require(success); 180: require(newOwner != address(0)); 189: require(newOperator != address(0)); 201: require(newTreasury != address(0));
Solidity allows for the use of _ between every 3 digits of large numbers.
/contracts/modules/interest-rate/InterestRateCredit.sol Line(s): 9
9: uint256 constant BASE_DENOMINATOR = 10000;
/contracts/modules/factories/LineFactory.sol Line(s): 14
14: uint32 constant defaultMinCRatio = 3000;
A magic number 18 is used. Consider making a variable in 18's place.
/contracts/utils/EscrowLib.sol Line(s): 113, 137
113: deposit.assetDecimals = 18; 137: deposit.assetDecimals = 18;
/contracts/utils/CreditLib.sol Line(s): 140, 145
140: decimals = 18; 145: decimals = !passed ? 18 : abi.decode(result, (uint8));
1157...9935 Used Instead of type(uint256).max / inconsistency/contracts/utils/EscrowLib.sol Line(s): 25-26
Using 115792089237316195423570985008687907853269984665640564039457584007913129639935 instead of type(uint256).max can lead to mistyping and degrades readability. Note also that this is not consistant with L27 of /contracts/utils/SpigotLib.sol
25: uint256 constant MAX_INT = 26: 115792089237316195423570985008687907853269984665640564039457584007913129639935;
#0 - c4-judge
2022-12-06T20:54:49Z
dmvt marked the issue as grade-b