Platform: Code4rena
Start Date: 20/01/2023
Pot Size: $90,500 USDC
Total HM: 10
Participants: 59
Period: 7 days
Judge: Picodes
Total Solo HM: 4
Id: 206
League: ETH
Rank: 42/59
Findings: 1
Award: $65.35
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rbserver
Also found by: 0x1f8b, 0xAgro, 0xGusMcCrae, 0xSmartContract, Awesome, Breeje, DadeKuma, Diana, IllIllI, Josiah, Moksha, RaymondFam, Rolezn, SaeedAlipoor01988, Udsen, Viktor_Cortess, brgltd, btk, chaduke, cryptonue, ddimitrov22, delfin454000, descharre, fatherOfBlocks, georgits, hansfriese, lukris02, luxartvinsec, martin, matrix_0wl, mookimgo, oberon, popular00, shark, tnevler
65.3481 USDC - $65.35
| Issue | Instances | |
|---|---|---|
| L-1 | USE OF FLOATING PRAGMA | 8 |
| L-2 | DUMMY URI USED IN TimeswapV2Token AND TimeswapV2LiquidityToken | 2 |
| L-3 | NO ZERO ADDRESS CHECK | 1 |
| NC-1 | INCORRECT NATSPEC | 1 |
| NC-2 | SPELLING ERROR IN NATSPEC | 76 |
| NC-3 | INCORRECT ERROR TYPE | 1 |
| NC-4 | 4 METHODS WITH durationForward AS SECOND PARAMETER CAN BE REMOVED | 4 |
Impact: swcregistry
Instances (8):
File: v2-token/src/TimeswapV2LiquidityToken.sol 2: pragma solidity ^0.8.8;
File: v2-token/src/TimeswapV2Token.sol 2: pragma solidity ^0.8.8;
File: v2-token/src/base/ERC1155Enumerable.sol 4: pragma solidity ^0.8.8;
File: v2-token/src/interfaces/IERC1155Enumerable.sol 4: pragma solidity ^0.8.8;
File: v2-token/src/structs/CallbackParam.sol 2: pragma solidity ^0.8.8;
File: v2-token/src/structs/FeesPosition.sol 2: pragma solidity ^0.8.8;
File: v2-token/src/structs/Param.sol 2: pragma solidity ^0.8.8;
File: v2-token/src/structs/Position.sol 2: pragma solidity ^0.8.8;
TimeswapV2Token AND TimeswapV2LiquidityTokenInstead of setting the Real URI, Dummy URI is used.
Instance (2):
File: packages/v2-token/src/TimeswapV2Token.sol 41: constructor(address chosenOptionFactory) ERC1155("Timeswap V2 address") {
File: packages/v2-token/src/TimeswapV2LiquidityToken.sol 36: constructor(address chosenOptionFactory, address chosenPoolFactory) ERC1155("Timeswap V2 uint160 address") {
Instance (1):
File: packages/v2-token/src/TimeswapV2Token.sol 42: optionFactory = chosenOptionFactory;
Replace IsSubToken0 if false to IsSubToken1 if false.
Instance (1):
File: packages/v2-option/src/structs/Process.sol 32: /// @param isAddToken1 IsAddToken1 if true. IsSubToken0 if false.
Correct the spelling of "multiple".
Instances:
File: packages/v2-option/src/structs/Process.sol 4: /// @dev Processing information required for interacting multple options in a single contract.
Correct the spelling of "to".
File: packages/v2-library/src/StrikeConversion.sol 22: /// @param amount The amount ot be converted. Token0 amount when zeroToOne. Token1 amount when oneToZero.
Correct the spelling of "position".
File: packages/v2-token/src/interfaces/ITimeswapV2Token.sol 27: /// @dev mints TimeswapV2Token as per postion and amount 32: /// @dev burns TimeswapV2Token as per postion and amount
Spelling of recipient is wrongly spelled as receipient in entire codebase (72 Instances).
Zero Address Error thrown when Address is not Zero.
Instances (1):
File: packages/v2-pool/src/TimeswapV2PoolFactory.sol 63: if (pair != address(0)) Error.zeroAddress();
In TimeswapV2Pool Contract, mint, burn, deleverage and leverage methods are used with 2 Parameters: param and durationForward.
File: packages/v2-pool/src/TimeswapV2Pool.sol function mint( TimeswapV2PoolMintParam calldata param, uint96 durationForward ) external override returns (uint160 liquidityAmount, uint256 long0Amount, uint256 long1Amount, uint256 shortAmount, bytes memory data) { return mint(param, true, durationForward); } 286: if (isQuote) revert Quote(); function burn( TimeswapV2PoolBurnParam calldata param, uint96 durationForward ) external override returns (uint160 liquidityAmount, uint256 long0Amount, uint256 long1Amount, uint256 shortAmount, bytes memory data) { return burn(param, true, durationForward); } 355: if (isQuote) revert Quote(); function deleverage( TimeswapV2PoolDeleverageParam calldata param, uint96 durationForward ) external override returns (uint256 long0Amount, uint256 long1Amount, uint256 shortAmount, bytes memory data) { return deleverage(param, true, durationForward); } 407: if (isQuote) revert Quote(); function leverage(TimeswapV2PoolLeverageParam calldata param, uint96 durationForward) external override returns (uint256 long0Amount, uint256 long1Amount, uint256 shortAmount, bytes memory data) { return leverage(param, true, durationForward); } 457: if (isQuote) revert Quote();
But because of a condition in mint (at Line: 289), burn (at Line: 355), deleverage (at Line: 407) and leverage (at Line: 457) method, the function will always revert. So it is recommended to remove these functions.
#0 - c4-judge
2023-02-01T22:26:16Z
Picodes marked the issue as grade-b