Platform: Code4rena
Start Date: 26/09/2022
Pot Size: $50,000 USDC
Total HM: 13
Participants: 113
Period: 5 days
Judge: 0xean
Total Solo HM: 6
Id: 166
League: ETH
Rank: 71/113
Findings: 1
Award: $52.04
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xNazgul
Also found by: 0x1f8b, 0x52, 0xDecorativePineapple, 0xSmartContract, 0xmatt, Aeros, Aymen0909, Bnke0x0, Chom, CodingNameKiki, Deivitto, DimitarDimitrov, IllIllI, JC, Jeiwan, Lambda, Matin, Migue, Mukund, Ocean_Sky, Olivierdem, RaymondFam, RockingMiles, Rolezn, Ruhum, Satyam_Sharma, Shinchan, Tomo, Trabajo_de_mates, V_B, Waze, __141345__, a12jmx, ajtra, asutorufos, aysha, brgltd, bulej93, carrotsmuggler, catchup, cccz, chrisdior4, cryptonue, cryptphi, d3e4, defsec, delfin454000, durianSausage, erictee, fatherOfBlocks, gogo, kaden, karanctf, ladboy233, lukris02, mahdikarimi, martin, mics, natzuu, oyc_109, p_crypt0, pedr02b2, rbserver, reassor, rotcivegaf, rvierdiiev, sikorico, slowmoses, sorrynotsorry, tnevler, trustindistrust
52.0351 USDC - $52.04
There are several require() sentences without message that explain revert's root cause.
One I would like to point is at DataStorageOperator contract: ``
function changeFeeConfiguration(AdaptiveFee.Configuration calldata _feeConfig) external override { require(msg.sender == factory || msg.sender == IAlgebraFactory(factory).owner()); (....) }
`` I consider this relevant because it is an external call and I didn't get any explanation in the documentation that caller must be the factory.
You can find others similar in AlgebraFactory contract. The previous suggestion applies to the following methods: setOwner, setFarmingAddress, setVaultAddress.
Consider those validation will cause revert and it is not documented anywhere. So I should read the code to understand what is going on in case a revert.
I understand the responsibility could be split between the caller and the protocol but the protocol should manage it by itself.