Back to Infect3d's contests

Asymmetry contest - Infect3d's results

A protocol to help diversify and decentralize liquid staking derivatives.

General Information

Platform: Code4rena

Start Date: 24/03/2023

Pot Size: $49,200 USDC

Total HM: 20

Participants: 246

Period: 6 days

Judge: Picodes

Total Solo HM: 1

Id: 226

League: ETH

Asymmetry Finance

Findings Distribution

Researcher Performance

Rank: 197/246

Findings: 1

Award: $13.13

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryAsymmetry Finance

Findings Information

🌟 Selected for report: brgltd

Also found by: 0x3b, 0xAgro, 0xGusMcCrae, 0xNorman, 0xRajkumar, 0xSmartContract, 0xTraub, 0xWagmi, 0xWaitress, 0xffchain, 0xhacksmithh, 0xkazim, 0xnev, 3dgeville, ArbitraryExecution, Aymen0909, BRONZEDISC, Bason, Bloqarl, BlueAlder, Brenzee, CodeFoxInc, CodingNameKiki, Cryptor, DadeKuma, DevABDee, Diana, Dug, Englave, Gde, Haipls, HollaDieWaldfee, Ignite, Infect3d, Jerry0x, Josiah, Kaysoft, Koko1912, KrisApostolov, Lavishq, LeoGold, Madalad, PNS, Rappie, RaymondFam, RedTiger, Rickard, Rolezn, Sathish9098, SunSec, T1MOH, UdarTeam, Udsen, Viktor_Cortess, Wander, adriro, ak1, alejandrocovrr, alexzoid, arialblack14, ayden, bin2chen, brevis, btk, c3phas, carlitox477, catellatech, ch0bu, chaduke, ck, climber2002, codeslide, descharre, dingo2077, ernestognw, fatherOfBlocks, favelanky, georgits, helios, hl_, inmarelibero, juancito, ks__xxxxx, lopotras, lukris02, m_Rassska, mahdirostami, maxper, nadin, navinavu, nemveer, p_crypt0, peanuts, pipoca, pixpi, qpzm, rbserver, reassor, roelio, rotcivegaf, scokaf, siddhpurakaran, slvDev, smaul, tnevler, tsvetanovv, turvy_fuzz, vagrant, wen, yac, zzzitron

Awards

13.1298 USDC - $13.13

Labels

bug
grade-b
QA (Quality Assurance)
sponsor acknowledged
edited-by-warden
Q-13

External Links

Link to GitHub issue

Low Risk and Non-Critical Issues

N-01 Better to use __ownable_init() instead of _transferOwnership() as this is the recommended way to initialize the Ownable contract.

https://github.com/code-423n4/2023-03-asymmetry/blob/main/contracts/SafEth/SafEth.sol#L53

SafEth::initialize
File: contracts\SafeEth.sol
48:     function initialize(
49:         string memory _tokenName,
50:         string memory _tokenSymbol
51:     ) external initializer {
52:         ERC20Upgradeable.__ERC20_init(_tokenName, _tokenSymbol);
53:         _transferOwnership(msg.sender);

N-02 No event triggered when minAmount and maxAmount are set

https://github.com/code-423n4/2023-03-asymmetry/blob/main/contracts/SafEth/SafEth.sol#L54-L55 Importnat changes to the protocol should be emitted through events

SafeEth::initialize
File: contracts\SafeEth.sol
48:     function initialize(
49:         string memory _tokenName,
50:         string memory _tokenSymbol
51:     ) external initializer {
52:         ERC20Upgradeable.__ERC20_init(_tokenName, _tokenSymbol);
53:         _transferOwnership(msg.sender);
54:         minAmount = 5 * 10 ** 17; // initializing with .5 ETH as minimum
55:         maxAmount = 200 * 10 ** 18; // initializing with 200 ETH as maximum
56:     }

#0 - c4-sponsor

2023-04-07T22:03:51Z

toshiSat marked the issue as sponsor acknowledged

#1 - c4-judge

2023-04-24T17:20:11Z

Picodes marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter