Platform: Code4rena
Start Date: 12/04/2023
Pot Size: $60,500 USDC
Total HM: 21
Participants: 199
Period: 7 days
Judge: hansfriese
Total Solo HM: 5
Id: 231
League: ETH
Rank: 144/199
Findings: 1
Award: $22.60
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: juancito
Also found by: 0xAgro, 0xNorman, 0xSmartContract, 0xStalin, 0xTheC0der, 0xWaitress, 0xhacksmithh, 0xnev, 3dgeville, 8olidity, Arz, Aymen0909, BGSecurity, BRONZEDISC, Bauchibred, Bauer, BenRai, ChainHunters, ChrisTina, CodeFoxInc, DedOhWale, DishWasher, EloiManuel, IceBear, Inspex, Jorgect, Kaysoft, LeoGold, LewisBroadhurst, Madalad, MiloTruck, MohammedRizwan, Nyx, Polaris_tow, RaymondFam, SaharDevep, SanketKogekar, Sathish9098, SolidityATL, Udsen, W0RR1O, aria, ayden, berlin-101, bin2chen, catellatech, codeslide, crc32, decade, descharre, evmboi32, eyexploit, fatherOfBlocks, georgits, giovannidisiena, joestakey, karanctf, kodyvim, ltyu, lukris02, m9800, matrix_0wl, mov, mrpathfindr, nadin, niser93, p0wd3r, parlayan_yildizlar_takimi, pavankv, pontifex, qpzm, ravikiranweb3, rbserver, santipu_, shealtielanz, slvDev, tnevler, wonjun, xmxanuel, yixxas
22.6007 USDC - $22.60
https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/MintingHub.sol#L203-L205 Checking if challenge.bid (current highest bid) is greater than 0 will always end up transferring back the bid to the current highest bidder, but at the point it is still unknown if the new bid is actually high enough to overbid the current highest bid, such a validation happens later in the code, in line: https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/MintingHub.sol#L216 If the above check turns out to be false, the entire transaction will be reverted, thus, the transfer of funds to the current highest bidder will be reverted too, thus, this indicates that the transfer of funds to the current highest bidder should be done only if the new bid has been validated to be able to overbid the current highest one, if it is not high enough there is no a real reason to first transfer the funds to the current highest bidder.
The recommendation would be to remove Lines 203-205 (https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/MintingHub.sol#L203-L205), and instead, attempt to transfer the challenge.bid to the challenge.bidder only after it has been validated that the new bid is higher than the current one
https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Equity.sol#L313
Inside the for that is intended to iterate over the addressToWipe[] parameter with the end goal to burn the FPS tokens of those addresses is using an incorrect index when determining the current address to be wiped out.
i variable, is using the 0 index, which means that all the iterations of the for loop will be trying to burn shares only from the address at the position 0i variable defined in the for loop
address current = addressesToWipe[i]
https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Equity.sol#L313#0 - 0xA5DF
2023-04-27T09:43:48Z
L2 is dupe of #941
#1 - c4-judge
2023-05-16T16:20:50Z
hansfriese marked the issue as grade-b