Platform: Code4rena
Start Date: 10/05/2022
Pot Size: $50,000 USDC
Total HM: 13
Participants: 100
Period: 5 days
Judge: HardlyDifficult
Total Solo HM: 1
Id: 122
League: ETH
Rank: 62/100
Findings: 2
Award: $63.10
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x52, 0xf15ers, 0xsanson, Bludya, BondiPestControl, Czar102, GimelSec, Kumpa, _Adam, berndartmueller, catchup, crispymangoes, eccentricexit, ellahi, hake, horsefacts, pedroais, peritoflores, reassor, shenwilly, shung, smiling_heretic, sseefried, throttle
8.1655 USDC - $8.17
https://github.com/code-423n4/2022-05-cally/blob/main/contracts/src/Cally.sol#L117-L121
Fee is set by an admin and can be set maliciously to steal the funds that are entitled to go to the user.
Fee can be set to a maliciously high value to unfairly extract funds from protocol users. An owner can buy options, set fee to 100% and exercise options, paying only premium for tokens locked.
Additionally, the fee can be set to more than 100% causing a DoS of the exercise function, completely breaking contract's purpose. (the revertion happens when expression msg.value - fee underflows)
Manual analysis
Set an upper limit to the fee not to go unconstrained.
Add an agreedFee parameter to createVault(...) arguments and require it is the fee in the storage, then save it as a vault parameter.
#0 - outdoteth
2022-05-15T19:27:33Z
owner can change fee at any time; https://github.com/code-423n4/2022-05-cally-findings/issues/47 owner can set fee greater than 100%: https://github.com/code-423n4/2022-05-cally-findings/issues/48
🌟 Selected for report: hubble
Also found by: 0x1337, 0x1f8b, 0x4non, 0xDjango, 0xf15ers, 0xsanson, 242, Aits, AlleyCat, Bludya, BondiPestControl, BouSalman, BowTiedWardens, CertoraInc, Cityscape, Czar102, FSchmoede, Funen, Hawkeye, IllIllI, JDeryl, Kenshin, Kumpa, MaratCerby, MiloTruck, Picodes, Ruhum, TrungOre, VAD37, WatchPug, Waze, antonttc, bobirichman, catchup, cccz, cryptphi, csanuragjain, delfin454000, dipp, dirk_y, djxploit, eccentricexit, ellahi, fatherOfBlocks, hake, hansfriese, hickuphh3, horsefacts, hyh, jah, joestakey, mics, minhquanym, pedroais, pmerkleplant, radoslav11, reassor, rfa, robee, seanamani, shenwilly, shung, sikorico, sorrynotsorry, sseefried, z3s
54.9324 USDC - $54.93
In contracts/src/Cally.sol#L169 the revert message is false - "Reserve strike too small". If reverts, it is too large. Additionally, a sharp inequality is used - someone may want just to present a price and skip the dutch auction - then equality would be useful.
!value instead of value == falseTo increase readability, negate bool values instead of ensuring they are false. This is a best practice.
In Cally.getDutchAuctionStrike(...) there are fixed-point calculations. At first progress is approximated, then used in calculations. It would be more precise to inline the calculation in the strike calculation.
Instead of:
uint256 progress = (1e18 * delta) / AUCTION_DURATION; uint256 auctionStrike = (progress * progress * startingStrike) / (1e18 * 1e18);
write:
uint256 auctionStrike = (delta * delta * startingStrike) / (AUCTION_DURATION * AUCTION_DURATION);
#0 - HardlyDifficult
2022-05-19T00:38:29Z