Back to Maroutis's contests

Venus Prime - Maroutis's results

Earn, borrow & lend on the #1 Decentralized Money Market on the BNB chain.

General Information

Platform: Code4rena

Start Date: 28/09/2023

Pot Size: $36,500 USDC

Total HM: 5

Participants: 115

Period: 6 days

Judge: 0xDjango

Total Solo HM: 1

Id: 290

League: ETH

Venus Protocol

Findings Distribution

Researcher Performance

Rank: 88/115

Findings: 1

Award: $4.37

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryVenus Protocol

Findings Information

🌟 Selected for report: Bauchibred

Also found by: 0x3b, 0xDetermination, 0xMosh, 0xScourgedev, 0xTheC0der, 0xTiwa, 0xWaitress, 0xdice91, 0xfusion, 0xpiken, 0xprinc, 0xweb3boy, ArmedGoose, Aymen0909, Breeje, Brenzee, Daniel526, DavidGiladi, DeFiHackLabs, Flora, Fulum, HChang26, Hama, IceBear, J4X, Krace, KrisApostolov, Maroutis, Mirror, MohammedRizwan, Norah, PwnStars, SPYBOY, TangYuanShen, Testerbot, ThreeSigma, Tricko, al88nsk, alexweb3, ast3ros, berlin-101, bin2chen, blutorque, btk, d3e4, deth, e0d1n, ether_sky, ge6a, gkrastenov, glcanvas, hals, imare, inzinko, jkoppel, jnforja, joaovwfreire, josephdara, kutugu, lotux, lsaudit, mahdirostami, merlin, n1punp, nadin, neumo, nisedo, nobody2018, oakcobalt, orion, peanuts, pep7siup, pina, ptsanev, rokinot, rvierdiiev, said, santipu_, sashik_eth, seerether, squeaky_cactus, terrancrypt, tonisives, twicek, vagrant, xAriextz, y4y

Awards

4.3669 USDC - $4.37

Labels

bug
grade-b
QA (Quality Assurance)
sufficient quality report
Q-03

External Links

Link to GitHub issue

QA Report: Analyzing ln Function Implementation

Link : https://github.com/code-423n4/2023-09-venus/blob/b11d9ef9db8237678567e66759003138f2368d23/contracts/Tokens/Prime/libs/FixedMath0x.sol#L117-L136

Issue Summary:
  • Topic: Precision Concern in Taylor's Expansion
  • Impact: Potential precision loss in ln function implementation
  • Function: ln(int256 x) internal pure returns (int256 r)
Detailed Analysis:
Taylor Series Expansion for Logarithm:

The Taylor Series Expansion for (\ln(1+x)) around (x=0) is given by: \ln(1 + x) = x - \frac{x^2}{2} + \frac{x^3}{3} - \frac{x^4}{4} + \frac{x^5}{5} - \frac{x^6}{6} + \ldots

The series converges for when x is close to 0, but as identified, may lack precision when x is close to 1.

Code Review:

The ln(int256 x) function employs Taylor Series Expansion to approximate the natural logarithm, including certain range-based corrections to enhance accuracy. However, it may lack safeguards against potential precision loss, necessitating a detailed analysis to propose improvements.

Potential Risks:
  • Precision Loss: Imprecise results may arise, especially when x approaches 1 (or the residual is close to 2)
  • Exploitation: Malicious actors may exploit precision loss to induce miscalculations or to gain unintended benefits.
Mitigation Strategies:
  1. Use a Better Approximation for Values Near 1:
    • Before applying the taylor expansion, it would be more precise to add more condition to check for the values of x. Maby rather than dividing by 2 (e^-1, e^-0.5...), try working with smaller intervals
    • change the algorithm and apply something similar to the exponential function using the modulo function. This way the residual will always be smaller to a certain number.
  2. Range Checks:
    • Implement strict range checks for x to signal or revert transactions that approach critical ranges, thereby avoiding the usage of imprecise results.
Exploitation Considerations:
  • An attacker could leverage values that lead to imprecise results, influencing financial metrics to their advantage.

#0 - c4-pre-sort

2023-10-07T01:28:49Z

0xRobocop marked the issue as sufficient quality report

#1 - c4-judge

2023-11-03T02:50:52Z

fatherGoose1 marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter