Platform: Code4rena
Start Date: 07/08/2023
Pot Size: $36,500 USDC
Total HM: 11
Participants: 125
Period: 3 days
Judge: alcueca
Total Solo HM: 4
Id: 274
League: ETH
Rank: 81/125
Findings: 1
Award: $9.82
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: RED-LOTUS-REACH
Also found by: 0x3b, 0x4non, 0xCiphky, 0xDING99YA, 0xDetermination, 0xE1, 0xG0P1, 0xStalin, 0xWaitress, 0xbrett8571, 0xhacksmithh, 0xkazim, 0xmuxyz, 0xweb3boy, 14si2o_Flint, AlexCzm, Alhakista, Bube, Bughunter101, Deekshith99, Eeyore, Giorgio, HChang26, InAllHonesty, JP_Courses, KmanOfficial, MatricksDeCoder, Mike_Bello90, MrPotatoMagic, Naubit, QiuhaoLi, RHaO-sec, Raihan, Rolezn, SUPERMAN_I4G, Shubham, Silverskrrrt, Strausses, T1MOH, Topmark, Tripathi, Watermelon, _eperezok, aakansha, auditsea, audityourcontracts, ayden, carlos__alegre, castle_chain, cducrest, ch0bu, d23e, deadrxsezzz, deth, devival, erebus, fatherOfBlocks, halden, hassan-truscova, hpsb, hunter_w3b, imkapadia, immeas, jat, kaden, kaveyjoe, klau5, koxuan, kutugu, ladboy233, lanrebayode77, leasowillow, lsaudit, markus_ether, matrix_0wl, merlin, nemveer, ni8mare, nonseodion, oakcobalt, owadez, p_crypt0, pipidu83, piyushshukla, popular00, ppetrov, rjs, sandy, sl1, supervrijdag, tay054, thekmj, wahedtalash77, windhustler, zhaojie
9.8204 USDC - $9.82
GaugeController._change_gauge_weight() dose not check if old_sum + _weight > old_gauge_weight, it may cause DoS or cannot be changed afterwardshttps://github.com/code-423n4/2023-08-verwa/blob/main/src/GaugeController.sol#L196
I suggest adding the check old_sum + _weight > old_gauge_weight and revert it
LendingLedger.whiteListLendingMarket() did not check whether the market existshttps://github.com/code-423n4/2023-08-verwa/blob/main/src/LendingLedger.sol#L206
LendingLedger.whiteListLendingMarket() did not check whether the market exists.May cause some assignments to non-existing markets.
I suggest adding an array to hold the existing market and check it when calling the function
claim() revert when the contract balance is insufficient or governance is suspendedAccording to the introduction, contract LendingLedger 's CANTO comes from governance
Canto governance calls setRewards and sends CANTO to the contract to control how much CANTO is allocated for one epoch.
However, when the CANTO in the contract is not enough and the governance is suspended, it will cause users to be unable to claim I suggest adding fallbacks like depositing into weth to prevent this.When the CANTO in the contract is not enough and the governance is suspended, you can doposite the weth to user.
VotingEscrow._checkpoint() function has an underflow problem caused by division first and then multiplicationAs in the function implementation, userOldPoint.slope is calculated by userOldPoint.slope = _oldLocked.delegated / int128(int256(LOCKTIME)). And the LOCKTIME = 5 years = 157 784 630 second .This means that when _oldLocked.delegated < int128(int256(LOCKTIME), the parameter userOldPoint.slope is equal to 0,and the userOldPoint.bias is also equal to 0 .This calculation is incorrect. The same problem also has parameter userNewPoint.slope.
I suggest that the principle of multiplying first and then dividing should be followed.
#0 - 141345
2023-08-13T08:46:33Z
It may cause claim() revert when the contract balance is insufficient or governance is suspended dup of https://github.com/code-423n4/2023-08-verwa-findings/issues/308
VotingEscrow._checkpoint() function has an underflow problem caused by division first and then multiplication dup of https://github.com/code-423n4/2023-08-verwa-findings/issues/299
#1 - c4-judge
2023-08-22T14:09:24Z
alcueca marked the issue as grade-a