Back to Dewaxindo's contests

Popcorn contest - Dewaxindo's results

A multi-chain regenerative yield-optimizing protocol.

General Information

Platform: Code4rena

Start Date: 31/01/2023

Pot Size: $90,500 USDC

Total HM: 47

Participants: 169

Period: 7 days

Judge: LSDan

Total Solo HM: 9

Id: 211

League: ETH

Popcorn

Findings Distribution

Researcher Performance

Rank: 72/169

Findings: 2

Award: $105.30

QA:
grade-b
Gas:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryPopcorn

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x3b, 0xAgro, 0xBeirao, 0xMirce, 0xNineDec, 0xRobocop, 0xSmartContract, 0xTraub, 0xWeiss, 2997ms, 41i3xn, Awesome, Aymen0909, Bauer, Bnke0x0, Breeje, Cryptor, DadeKuma, Deathstore, Deekshith99, DevABDee, DevTimSch, Dewaxindo, Diana, Ermaniwe, Guild_3, H0, IceBear, Inspectah, JDeryl, Kaiziron, Kaysoft, Kenshin, Mukund, Praise, RaymondFam, Rickard, Rolezn, Ruhum, Sathish9098, SkyWalkerMan, SleepingBugs, UdarTeam, Udsen, Walter, aashar, adeolu, apvlki, arialblack14, ast3ros, btk, chaduke, chandkommanaboyina, chrisdior4, climber2002, codetilda, cryptonue, cryptostellar5, csanuragjain, ddimitrov22, descharre, dharma09, doublesharp, eccentricexit, ethernomad, fs0c, georgits, halden, hansfriese, hashminer0725, immeas, lukris02, luxartvinsec, matrix_0wl, merlin, mookimgo, mrpathfindr, nadin, olegthegoat, pavankv, rbserver, rebase, savi0ur, sayan, scokaf, seeu, shark, simon135, tnevler, tsvetanovv, ulqiorra, ustas, waldenyan20, y1cunhui, yongskiws, yosuke

Awards

35.4779 USDC - $35.48

Labels

bug
grade-b
QA (Quality Assurance)
edited-by-warden
Q-91

External Links

Link to GitHub issue

Lack of Input Validation

For defense-in-depth purposes, it is recommended to perform additional validation against the amount the user is attempting to deposit, mint, withdraw and redeem to ensure that the submitted amount is valid.

OpenZeppelinTokenizedVault.sol#L95

1. Function deposit()

Vault.sol#L134-L158

 function deposit(uint256 assets, address receiver)
        public
        nonReentrant
        whenNotPaused
        syncFeeCheckpoint
        returns (uint256 shares)
    {
       require(assets <= maxDeposit(receiver), "deposit more than max");

2. Function mint()

Vault.sol#L170-L198

 function mint(uint256 shares, address receiver)
        public
        nonReentrant
        whenNotPaused
        syncFeeCheckpoint
        returns (uint256 assets)
    {
        require(shares <= maxMint(receiver), "mint more than max");

3. Function withdraw()

Vault.sol#L211-L240

 function withdraw(
        uint256 assets,
        address receiver,
        address owner
    ) public nonReentrant syncFeeCheckpoint returns (uint256 shares) {
        require(assets <= maxWithdraw(owner), "withdraw more than max");

4. Function redeem()

Vault.sol#L253-L278

function redeem(
        uint256 shares,
        address receiver,
        address owner
    ) public nonReentrant returns (uint256 assets) {
        require(shares <= maxRedeem(owner), "redeem more than max");

5. Function deposit()

AdapterBase.sol#L110-L122

 function deposit(uint256 assets, address receiver)
        public
        virtual
        override
        returns (uint256)
    {
       require(assets <= maxDeposit(receiver), "deposit more than max");

6. Function mint()

AdapterBase.sol#L129-L141

 function mint(uint256 shares, address receiver)
        public
        virtual
        override
        returns (uint256)
    {
        require(shares <= maxMint(receiver), "mint more than max");

7. Function withdraw()

AdapterBase.sol#L173-L185

function withdraw(
        uint256 assets,
        address receiver,
        address owner
    ) public virtual override returns (uint256) {
        require(assets <= maxWithdraw(owner), "withdraw more than max");

8. Function redeem()

AdapterBase.sol#L193-L204

function redeem(
        uint256 shares,
        address receiver,
        address owner
    ) public virtual override returns (uint256) {
        require(shares <= maxRedeem(owner), "redeem more than max");
<br>

Critical Address Changes Should Use Two-Step Procedure

Context

Vault.sol#L553-L559

function setFeeRecipient(address _feeRecipient) external onlyOwner {
        if (_feeRecipient == address(0)) revert InvalidFeeRecipient();

        emit FeeRecipientUpdated(feeRecipient, _feeRecipient);

        feeRecipient = _feeRecipient;
    }

Recommendation

Lack of two-step procedure for critical operations leaves them error-prone. Consider adding two step procedure on the critical functions.

<br>

USE OWNABLE2STEPUPGRADEABLE INSTEAD OF OWNABLEUPGRADEABLE CONTRACT

Context

Recommendation

acceptOwnership function is used to accept Ownership from OwnableUpgradeable.sol.

There is another Openzeppelin Ownable contract (Ownable2StepUpgradeable.sol) has acceptOwnership function , use it is more secure due to 2-stage ownership transfer.

Ownable2StepUpgradeable.sol

#0 - c4-judge

2023-02-28T14:59:25Z

dmvt marked the issue as grade-b

Findings Information

🌟 Selected for report: c3phas

Also found by: 0xSmartContract, 0xackermann, 0xdaydream, Aymen0909, CodingNameKiki, Dewaxindo, Diana, IllIllI, Madalad, NoamYakov, Pheonix, Polaris_tow, ReyAdmirado, Rolezn, arialblack14, atharvasama, cryptostellar5, descharre, eyexploit, lukris02, saneryee

Awards

69.8247 USDC - $69.82

Labels

bug
G (Gas Optimization)
grade-b
G-15

External Links

Link to GitHub issue

Pleaser refer to this Gist link:

https://gist.github.com/BadGenius22/d39f00efe31c1cacb1f159182f4c0cce

#0 - c4-judge

2023-02-28T14:51:10Z

dmvt marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter