Platform: Code4rena
Start Date: 27/01/2022
Pot Size: $75,000 USDC
Total HM: 10
Participants: 26
Period: 7 days
Judge: pauliax
Total Solo HM: 5
Id: 81
League: ETH
Rank: 9/26
Findings: 1
Award: $1,196.74
🌟 Selected for report: 1
🚀 Solo Findings: 0
🌟 Selected for report: GeekyLumberjack
1196.7365 USDC - $1,196.74
GeekyLumberjack
There is a fairly decent chance that setReserveCashBalance will mistakenly be set too low. Unlike the case for addresses, the number required is more likely to be manually typed. This will lead to higher chance of a mistype causing unusable reserves. With some functions risks like these are unavoidable. However, in this case, the actions are already performed with a trusted party.
require(newBalance < reserveBalance, "cannot increase reserve balance");Manual Analysis
Consider removing require(newBalance < reserveBalance, "cannot increase reserve balance");
https://github.com/code-423n4/2022-01-notional/blob/main/contracts/TreasuryAction.sol#L88
#0 - pauliax
2022-02-14T19:38:59Z
I think this should be of low severity, a fat finger type of error. The sponsor did not explain why they had this check in the first place though.