Platform: Code4rena
Start Date: 07/04/2022
Pot Size: $100,000 USDC
Total HM: 20
Participants: 62
Period: 7 days
Judge: LSDan
Total Solo HM: 11
Id: 107
League: ETH
Rank: 29/62
Findings: 3
Award: $259.27
🌟 Selected for report: 0
🚀 Solo Findings: 0
25.7805 USDC - $25.78
latestanswer() , this method does not error if no answer has been reached, it will simply return 0, since we have checks in function require(answer > 0, "invalid_oracle_answer"); we may not get the latest value of current price which can affect the functionality depending on this.
`function _normalizeAggregatorAnswer(IAggregatorV3Interface aggregator) internal view returns (uint256) { int256 answer = aggregator.latestAnswer(); uint8 decimals = aggregator.decimals();
require(answer > 0, "invalid_oracle_answer"); //converts the answer to have 18 decimals return decimals > 18 ? uint256(answer) / 10**(decimals - 18) : uint256(answer) * 10**(18 - decimals); }
`
https://etherscan.io/address/0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419#code#L142
manual review
use latestRoundData() to get the price
#0 - spaghettieth
2022-04-14T13:06:36Z
Duplicate of #4
🌟 Selected for report: Dravee
Also found by: 0x1f8b, 0xDjango, 0xkatana, AuditsAreUS, Cityscape, Foundation, Funen, Hawkeye, IllIllI, JC, JMukesh, Jujic, Kthere, PPrieditis, Picodes, Ruhum, TerrierLover, TrungOre, WatchPug, berndartmueller, catchup, cccz, cmichel, delfin454000, dy, ellahi, hickuphh3, horsefacts, hubble, hyh, ilan, jayjonah8, kebabsec, kenta, minhquanym, pauliax, rayn, reassor, rfa, robee, samruna
152.5804 USDC - $152.58
In NftVault.liquidate(uint) , comment says
Positions can only be liquidated once their debt amount exceeds the minimum liquidation debt to collateral value rate
but in the function position get liquidated even when it is equal to min liquidation debt
require( debtAmount >= _getLiquidationLimit(_nftIndex), "position_not_liquidatable" );
change >= to >
require( debtAmount > _getLiquidationLimit(_nftIndex), "position_not_liquidatable" );
Due to lack of access modifier in intialize() anyone can call the initialize the function with their implementation
since all the ERC20 token does not have openzeppelin implementation , due to some token may not be compatible with it. In yVault.sol constructor iniatialize the token with
token = ERC20(_token);, insteal of ERC20 it should be IERC20
Due to no checks for the duplicate values in array same categories will be added to the
nftTypeValueETH[initializer.hash]
🌟 Selected for report: Dravee
Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xNazgul, 0xkatana, Cityscape, Cr4ckM3, FSchmoede, Foundation, Funen, Hawkeye, IllIllI, JMukesh, Meta0xNull, PPrieditis, Picodes, TerrierLover, Tomio, WatchPug, berndartmueller, catchup, delfin454000, dirk_y, ellahi, hickuphh3, ilan, kebabsec, kenta, nahnah, rayn, rfa, robee, rokinot, saian, securerodd, slywaters, sorrynotsorry
80.9074 USDC - $80.91
the solidity compiler will always read the length of the array during each iteration. That is,
1. if it is a storage array, this is an extra sload operation (100 additional extra gas (EIP-2929) for each iteration except for the first), 2. if it is a memory array, this is an extra mload operation (3 additional gas for each iteration except for the first), 3. if it is a calldata array, this is an extra calldataload operation (3 additional gas for each iteration except for the first)
This extra costs can be avoided by caching the array length (in stack):
uint length = arr.length; for (uint i = 0; i < length; i++) { // do something that doesn't change arr.length }
!= 0 costs less gas compared to > 0 for in require statements