Back to SaharDevep's contests

Papr contest - SaharDevep's results

NFT Lending Powered by Uniswap v3.

General Information

Platform: Code4rena

Start Date: 16/12/2022

Pot Size: $60,500 USDC

Total HM: 12

Participants: 58

Period: 5 days

Judge: Trust

Total Solo HM: 4

Id: 196

League: ETH

Backed Protocol

Findings Distribution

Researcher Performance

Rank: 42/58

Findings: 1

Award: $43.54

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryBacked Protocol

Findings Information

🌟 Selected for report: yixxas

Also found by: 0x52, 0xAgro, 0xSmartContract, 0xhacksmithh, Aymen0909, Bnke0x0, Bobface, Breeje, Diana, Franfran, HE1M, HollaDieWaldfee, IllIllI, Jeiwan, RaymondFam, Rolezn, SaharDevep, Secureverse, SmartSek, ak1, bin2chen, brgltd, chrisdior4, gz627, imare, ladboy233, lukris02, oyc_109, rvierdiiev, shark, tnevler, unforgiven, wait

Awards

43.5439 USDC - $43.54

Labels

bug
grade-b
QA (Quality Assurance)
Q-27

External Links

Link to GitHub issue

c4udit Report

Unsafe ERC20 Operation(s)

Impact

Issue Information: L001

Findings:
src\PaprController.sol::101 => collateralArr[i].addr.transferFrom(msg.sender, address(this), collateralArr[i].id);
src\PaprController.sol::202 => underlying.transfer(params.swapFeeTo, fee);
src\PaprController.sol::203 => underlying.transfer(proceedsTo, amountOut - fee);
src\PaprController.sol::226 => underlying.transfer(params.swapFeeTo, amountIn * params.swapFeeBips / BIPS_ONE);
src\PaprController.sol::514 => underlying.transfer(params.swapFeeTo, fee);
src\PaprController.sol::515 => underlying.transfer(proceedsTo, amountOut - fee);
src\PaprController.sol::546 => papr.transfer(auction.nftOwner, totalOwed - debtCached);
Tools used

c4udit

Unspecific Compiler Version Pragma

Impact

Issue Information: L003

Findings:
src\EDAPrice.sol::2 => pragma solidity >=0.8.0;
src\NFTEDAStarterIncentive.sol::2 => pragma solidity >=0.8.0;
src\OracleLibrary.sol::2 => pragma solidity >=0.8.0;
src\PaprController.sol::2 => pragma solidity ^0.8.17;
src\PaprToken.sol::2 => pragma solidity ^0.8.17;
src\PoolAddress.sol::4 => pragma solidity >=0.8.0;
src\ReservoirOracleUnderwriter.sol::2 => pragma solidity ^0.8.17;
src\UniswapHelpers.sol::2 => pragma solidity >=0.8.0;
src\UniswapOracleFundingRateController.sol::2 => pragma solidity ^0.8.17;
Tools used

c4udit

Avoid using low call function ecrecover

Impact

[L004]

  • In some cases ecrecover can return a random address instead of 0 for an invalid signature. This is prevented above by the owner address inside the typed data.
  • Signature are malleable, meaning you might be able to create a second also valid signature for the same data. In our case we are not using the signature data itself (which one may do as an id for example).
  • An attacker can construct a hash and signature that look valid if the hash is not computed within the contract itself.
Findings:
src\ReservoirOracleUnderwriter.sol::68 => address signerAddress = ecrecover(
Better approach

Use the Openzeppelin contracts. Their ECDSA implementation solves all three problems and they have an EIP-712 implementation (still a draft but usable IMO).

MISSING CONTRACT-EXISTENCE CHECKS BEFORE LOW-LEVEL CALLS

Impact

[L005] Low-level calls return success if there is no code present at the specified address. In addition to the zero-address checks, add a check to verify that <address>.code.length > 0

Findings:
src\ReservoirOracleUnderwriter.sol::68 => address signerAddress = ecrecover(

Use _safeMint instead of _mint

Impact

[L006]

Findings:
src\PaprToken.sol::25 => _mint(to, amount);

Use safeTransfer instead of transfer

Impact

[L007]

Findings:
src\PaprController.sol::202 => underlying.transfer(params.swapFeeTo, fee);
src\PaprController.sol::203 => underlying.transfer(proceedsTo, amountOut - fee);
src\PaprController.sol::514 => underlying.transfer(params.swapFeeTo, fee);
src\PaprController.sol::515 => underlying.transfer(proceedsTo, amountOut - fee);
src\PaprController.sol::546 => papr.transfer(auction.nftOwner, totalOwed - debtCached);

Event is missing indexed fields

Impact

[N001]

Findings:
src\NFTEDAStarterIncentive.sol::21 => event SetAuctionCreatorDiscount(uint256 discount);

#0 - c4-judge

2022-12-25T16:38:26Z

trust1995 marked the issue as grade-b

#1 - wilsoncusack

2023-01-11T14:58:46Z

@trust1995 @Jeiwan I'm curious if you have thoughts on the suggestion to use OZ's ECDSA. As far as I can tell, we are not are risk for the things mentioned?

#2 - trust1995

2023-01-11T15:36:05Z

I believe you are correct, the check below is satisfactory:

  if (signerAddress != oracleSigner) {
            revert IncorrectOracleSigner();
        }

#3 - Jeiwan

2023-01-12T01:31:26Z

I agree. As long as oracleSigner is not set to the zero address the check should be suffice.

The OZ's ECDSA also protects against signature malleability, but the contract is not at risk since it doesn't use signatures as nonces.

#4 - wilsoncusack

2023-01-12T16:34:54Z

thanks both!

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter