Platform: Code4rena
Start Date: 27/11/2023
Pot Size: $60,500 USDC
Total HM: 7
Participants: 72
Period: 7 days
Judge: Picodes
Total Solo HM: 2
Id: 309
League: ETH
Rank: 61/72
Findings: 1
Award: $11.32
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: osmanozdemir1
Also found by: 0xCiphky, Audinarey, Banditx0x, CRYP70, Cryptor, D1r3Wolf, KupiaSec, LokiThe5th, Sathish9098, Skylice, ThenPuli, Topmark, Udsen, ZanyBonzy, baice, ether_sky, fatherOfBlocks, foxb868, grearlake, hihen, hubble, hunter_w3b, lanrebayode77, leegh, lsaudit, minhtrng, nocoder, onchain-guardians, ptsanev, ro1sharkm, seaton0x1, sivanesh_808, t4sk, tapir, tpiliposian, ustas
11.3163 USDC - $11.32
The whitepaper describes the ERC1155 tokenId as having the following the structure:
The first 160 bits are the 4 legs with each having the following structure:
Overall each leg is 40 bits.
Then the ratio comes which is 16 bits where each 4 bits describe the nth leg's ratio. Then it's the uniswap pool id which is 80 bits
In the actual code and code documentation the tokenId has the following structure:
The first 192 bits are the 4 legs with each having the following structure:
Overall each leg is 48 bits
Then it's the uniswap pool id which is 64 bits
While the code is fully functional because everywhere where the tokenId is used, it's used in the way that is described inside of the code documentation but it's still advised to update the whitepaper or the code so they have the same implementation details so if any 3rd party decides to implement the tokenId in some way or another in their own protocol they would be able to do so by either looking at whitepaper or by looking at the code and documentation. Or if the users try to write their own smart contract implementing the tokenId it would work regardless of the source.
#0 - c4-judge
2023-12-14T16:53:27Z
Picodes marked the issue as grade-b