Platform: Code4rena
Start Date: 20/01/2022
Pot Size: $50,000 USDC
Total HM: 3
Participants: 35
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 2
Id: 77
League: ETH
Rank: 4/35
Findings: 2
Award: $1,551.19
π Selected for report: 1
π Solo Findings: 0
π Selected for report: Meta0xNull
1545.4995 USDC - $1,545.50
Meta0xNull
Surprisingly User Need to Input _tokenRecipient When Call removeLiquidity(). A wrong user input or wallets defaulting to the zero addresses for a missing input can lead to Users Lose Fund Permanently.
Manual Review
Requires Addresses is not zero. require(_tokenRecipient != address(0), "Address Can't Be Zero")
Fund Send Back to msg.sender rather than input address manually.
#0 - 0xean
2022-01-31T14:52:48Z
lack of input validation doesn't equate to a high risk issue and a zero address check only guards against 1 single incorrect input out of an essentially unlimited number of addresses that could be input incorrectly.
#1 - GalloDaSballo
2022-02-05T13:43:09Z
As per the latest quantstamp audit we got at Badger, lack of address 0 check is a low severity finding. Until C4 agrees on a different valuation, am downgrading to Low
π Selected for report: sorrynotsorry
Also found by: 0v3rf10w, Dravee, Meta0xNull, WatchPug, byterocket, defsec, robee, sirhashalot, ye0lde
Meta0xNull
Shortening revert strings to fit in 32 bytes will decrease deployment time gas and will decrease runtime gas when the revert condition has been met.
Revert strings that are longer than 32 bytes require at least one additional mstore, along with additional overhead for computing memory offset, etc.
https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/ExchangeFactory.sol#L44 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/ExchangeFactory.sol#L47 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/ExchangeFactory.sol#L52 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/ExchangeFactory.sol#L75
Manual Review
Shorten the revert strings to fit in 32 bytes.
Or consider using Custom Errors (solc >=0.8.4).
#0 - 0xean
2022-01-31T14:08:49Z
dupe of #159
Meta0xNull
"> 0 " Use a bit more gas than "!= 0"
https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/Exchange.sol#L113 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/Exchange.sol#L176 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/Exchange.sol#L178 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/Exchange.sol#L235 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/Exchange.sol#L267 https://github.com/code-423n4/2022-01-elasticswap/blob/main/elasticswap/src/contracts/Exchange.sol#L304
Manual Review
Change "> 0" to "!=0" for small gas savings.
#0 - 0xean
2022-01-31T14:03:21Z
dupe of #161