Back to 0xblackskull's contests

Centrifuge - 0xblackskull's results

The institutional ecosystem for on-chain credit.

General Information

Platform: Code4rena

Start Date: 08/09/2023

Pot Size: $70,000 USDC

Total HM: 8

Participants: 84

Period: 6 days

Judge: gzeon

Total Solo HM: 2

Id: 285

League: ETH

Centrifuge

Findings Distribution

Researcher Performance

Rank: 79/84

Findings: 1

Award: $12.79

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryCentrifuge

Findings Information

🌟 Selected for report: castle_chain

Also found by: 0xAadi, 0xHelium, 0xLook, 0xblackskull, 0xfuje, 0xmystery, 0xnev, 0xpiken, 7ashraf, BARW, Bauchibred, Bughunter101, Ch_301, JP_Courses, Kaysoft, Krace, MohammedRizwan, SanketKogekar, Sathish9098, alexzoid, ast3ros, btk, catellatech, degensec, fatherOfBlocks, grearlake, imtybik, jkoppel, jolah1, klau5, lsaudit, m_Rassska, merlin, mrudenko, nobody2018, rokinot, rvierdiiev, sandy

Awards

12.7917 USDC - $12.79

Labels

bug
grade-b
QA (Quality Assurance)
sufficient quality report
Q-16

External Links

Link to GitHub issue

InvestmentManager.sol

  1. No check case for if _currencyAmount and _trancheTokenAmount is 0 in decreaseDepositRequest() and decreaseRedeemRequest() respectively https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L174-L185 https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L187-L198

  2. Silent overflow in _fromPriceDecimals if (PRICE_DECIMALS < decimals) https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L682 https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L692

  3. If currencyPayout is set to be 0 in handleExecutedCollectRedeem() then user will not be able to withdraw their funds becoz it set lpValues.maxWithdraw = 0. https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L269 Use something like, require(currencyPayout != 0)

  4. If trancheTokensPayout is set to be 0 in handleExecutedCollectInvest() then user will not be able to mint becoz it set lpValues.maxMint=0. https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L249C56-L249C56 Use something like, require(trancheTokensPayout != 0)

  5. trigger approve() before transferFrom() https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L167 https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L313 https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L474

  6. trigger approve() before safeTransferFrom() https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L136 https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L291

PoolManager.sol

  1. Zero address check missing for recipient in handleTransfer()

  2. trigger approve() before safeTransferFrom() https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/PoolManager.sol#L132

RestrictionManager.sol

  1. Duplicate address check is missing in updateMembers() https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/token/RestrictionManager.sol#L62

#0 - c4-pre-sort

2023-09-17T01:35:50Z

raymondfam marked the issue as sufficient quality report

#1 - c4-judge

2023-09-26T17:41:32Z

gzeon-c4 marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter