Back to Fulum's contests

Venus Prime - Fulum's results

Earn, borrow & lend on the #1 Decentralized Money Market on the BNB chain.

General Information

Platform: Code4rena

Start Date: 28/09/2023

Pot Size: $36,500 USDC

Total HM: 5

Participants: 115

Period: 6 days

Judge: 0xDjango

Total Solo HM: 1

Id: 290

League: ETH

Venus Protocol

Findings Distribution

Researcher Performance

Rank: 92/115

Findings: 1

Award: $4.37

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryVenus Protocol

Findings Information

🌟 Selected for report: Bauchibred

Also found by: 0x3b, 0xDetermination, 0xMosh, 0xScourgedev, 0xTheC0der, 0xTiwa, 0xWaitress, 0xdice91, 0xfusion, 0xpiken, 0xprinc, 0xweb3boy, ArmedGoose, Aymen0909, Breeje, Brenzee, Daniel526, DavidGiladi, DeFiHackLabs, Flora, Fulum, HChang26, Hama, IceBear, J4X, Krace, KrisApostolov, Maroutis, Mirror, MohammedRizwan, Norah, PwnStars, SPYBOY, TangYuanShen, Testerbot, ThreeSigma, Tricko, al88nsk, alexweb3, ast3ros, berlin-101, bin2chen, blutorque, btk, d3e4, deth, e0d1n, ether_sky, ge6a, gkrastenov, glcanvas, hals, imare, inzinko, jkoppel, jnforja, joaovwfreire, josephdara, kutugu, lotux, lsaudit, mahdirostami, merlin, n1punp, nadin, neumo, nisedo, nobody2018, oakcobalt, orion, peanuts, pep7siup, pina, ptsanev, rokinot, rvierdiiev, said, santipu_, sashik_eth, seerether, squeaky_cactus, terrancrypt, tonisives, twicek, vagrant, xAriextz, y4y

Awards

4.3669 USDC - $4.37

Labels

bug
grade-b
low quality report
QA (Quality Assurance)
Q-15

External Links

Link to GitHub issue

01 Prime::updateScores() can be reverted if a user changes status to !tokens[user].exists.

On the Prime::updateScores() executed by your script to update the scores of all users when an update of aplha values or multipliers values are made, you have this line:

    function updateScores(address[] memory users) external {
       ...
            if (!tokens[user].exists) revert UserHasNoPrimeToken();
            ...
    }

This line revert the function if one user in the batch doesn't exist, make all the updates in the batch revert. I don't know what is exactly the process of the script, but you say you take all the users existing in the block who the updates of alpha or multipliers are made to make the update. But if a user exist in the list and he is revoked in the block just after but before the execution of the script, the user is send in Prime::updateScores() but he doesn't exist and trigger the line of the function, and the function revert. If you intend the script work well, the scores of a part of users are not updated well and the offset of the sumOfMembersScore are not well updated.

Recommendations:

Simply use the continue instead of revert to let the function continue if a user no longer exists:

-- if (!tokens[user].exists) revert UserHasNoPrimeToken();
++ if (!tokens[user].exists) continue;

#0 - c4-pre-sort

2023-10-07T02:02:30Z

0xRobocop marked the issue as low quality report

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter