Platform: Code4rena
Start Date: 20/09/2022
Pot Size: $100,000 USDC
Total HM: 4
Participants: 109
Period: 7 days
Judge: GalloDaSballo
Id: 163
League: ETH
Rank: 54/109
Findings: 1
Award: $55.20
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0x52, 0x5rings, 0xNazgul, 0xRobocop, 0xSmartContract, 0xdeadbeef, 0xsanson, 8olidity, Amithuddar, Aymen0909, B2, B353N, CertoraInc, Ch_301, Chom, CodingNameKiki, Deivitto, ElKu, Funen, JC, JohnnyTime, Kresh, Lambda, Noah3o6, RaymondFam, ReyAdmirado, RockingMiles, Rolezn, Sm4rty, SuldaanBeegsi, Tadashi, TomJ, Tomio, V_B, Waze, __141345__, a12jmx, ak1, arcoun, asutorufos, aviggiano, berndartmueller, bharg4v, bin2chen, brgltd, bulej93, c3phas, catchup, cccz, ch0bu, cryptonue, cryptphi, csanuragjain, delfin454000, devtooligan, djxploit, durianSausage, eighty, erictee, exd0tpy, fatherOfBlocks, giovannidisiena, hansfriese, ignacio, joestakey, ladboy233, lukris02, m9800, malinariy, martin, minhtrng, obront, oyc_109, pedr02b2, pedroais, pfapostol, philogy, prasantgupta52, rbserver, ronnyx2017, rotcivegaf, rvierdiiev, sach1r0, shung, simon135, throttle, tnevler, tonisives, wagmi, yixxas, zkhorse, zzykxx, zzzitron
55.1985 USDC - $55.20
The rate of Goo issuance is defined by the documentation as $g'=\sqrt{mg}$ with $g(t)$ the Goo balance at time $t$, and $m$ the multiplier.
The solution of $g(t)$, given the initial balance $g_0$, is provided in the computeGooBalance function (link).
This solution however is wrong in the case $g_0 = 0$, since the correct solution would be $g(t) = 0$. It's clear that when the rate of issuance is $0$, the balance can't go up. The mistake rises when solving the differential equation by dividing both sides by $g$, which can't be done if it's zero.
The impact is that according to the documentation someone with 0 Goo wouldn't be able to mint. They will however mint extra Goo which may not be accounted by the protocol.
The correct implementation would be adding the following line before L27.
if (lastBalanceWad == 0) return 0;
If you implement this however there would be no way to mint Goo in the first place. My recommendation is to just modify the documentation to account for this abnormal behaviour.
#0 - GalloDaSballo
2022-10-08T23:54:39Z
Adding a 0 will cause a revert / underflow.
<img width="629" alt="Screenshot 2022-10-09 at 01 51 41" src="https://user-images.githubusercontent.com/13383782/194731508-c6e170a4-cc5f-46d2-ab9b-32bf2aed4a25.png">function testgoo() public { require(gobblers.gooBalance(address(0)) == 0); }
I think this is valid, but cannot imagine any specific scenario, where a Loss of value or a DOS can happen.
If the library was out of scope, i believe that the revert would still be a valid finding, specifically a Refactoring (as the revert is ungraceful vs a more UX friendly "Insufficient Goo Balance")
Because the library is in scope, in lack of a specific POC am downgrading to it Low
#1 - GalloDaSballo
2022-10-08T23:54:41Z
L
#2 - hrkrshnn
2022-10-09T20:16:03Z
This solution however is wrong in the case $g_0 = 0$ , since the correct solution would be $g(t) = 0$
There is no issue with the solution for the initial value $g(0) = 0$. The solution they are using is still correct. It's just that the differential equation has non-unique solutions for this initial value.
if (lastBalanceWad == 0) return 0;
I think adding this would mean that you would never be able to kick-start Goo production. An account will need to have initial Goo to accrue more Goo, but Goo starts with total supply of 0, so nobody would ever be able to kick-start the production.