Platform: Code4rena
Start Date: 01/09/2023
Pot Size: $36,500 USDC
Total HM: 4
Participants: 70
Period: 6 days
Judge: kirk-baird
Id: 281
League: ETH
Rank: 59/70
Findings: 1
Award: $7.08
π Selected for report: 0
π Solo Findings: 0
π Selected for report: adriro
Also found by: 0x6980, 0xStalin, 0xanmol, 0xmystery, 0xpanicError, Arz, Aymen0909, BenRai, Breeje, Lalanda, MohammedRizwan, Raihan, SovaSlava, Stormreckson, Udsen, ast3ros, bin2chen, castle_chain, catellatech, codegpt, dev0cloo, gkrastenov, hals, klau5, kutugu, ladboy233, matrix_0wl, nirlin, ohm, peanuts, pipidu83, sandy, wahedtalash77
7.08 USDC - $7.08
Q1 - Different token name. Factory emit event with wrong token name, when deploy new token contract. https://github.com/code-423n4/2023-09-ondo/blob/47d34d6d4a5303af5f46e907ac2292e6a7745f6c/contracts/usdy/rUSDYFactory.sol#L105 https://github.com/code-423n4/2023-09-ondo/blob/47d34d6d4a5303af5f46e907ac2292e6a7745f6c/contracts/usdy/rUSDY.sol#L195
Q2 - Event has wrong amount of transfered shares. Function wrap() mint shares with amount - _USDYAmount * BPS_DENOMINATOR. But emit event TransferShares with value of _USDYAmount. Without multiplying by BPS_DENOMINATOR. Correct code:
emit TransferShares(address(0), msg.sender, _USDYAmount * BPS_DENOMINATOR);
Q3 - Function dont round derived price to the 8th decimal. https://github.com/code-423n4/2023-09-ondo/blob/47d34d6d4a5303af5f46e907ac2292e6a7745f6c/contracts/rwaOracles/RWADynamicOracle.sol#L282C18-L282C18
Q4 - User cant see own token balance, when oracle now has pause mode enabled. Function balanceOf() call oracle.getPrice(). Function getPrice() has modifier whenNotPaused. It is normal that in pause mode the user cannot move their tokens, but viewing the balance should be available. For example, you can display the last price in pause modeΡ https://github.com/code-423n4/2023-09-ondo/blob/47d34d6d4a5303af5f46e907ac2292e6a7745f6c/contracts/usdy/rUSDY.sol#L227
Q5 - Approver can't revoke his vote There is not opportunity revoke vote for tx in DestinationBridge.sol https://github.com/code-423n4/2023-09-ondo/blob/47d34d6d4a5303af5f46e907ac2292e6a7745f6c/contracts/bridge/DestinationBridge.sol#L197
Q6 - Insufficient verification of threshold amount in setThresholds(). Function dont checks, that chainToThresholds[srcChain][i - 1].amount is equal to amounts[i]. If these values are equal, should be revert error - ThresholdsNotInAscendingOrder(). https://github.com/code-423n4/2023-09-ondo/blob/47d34d6d4a5303af5f46e907ac2292e6a7745f6c/contracts/bridge/DestinationBridge.sol#L270
#0 - c4-pre-sort
2023-09-08T08:26:58Z
raymondfam marked the issue as sufficient quality report
#1 - c4-judge
2023-09-21T10:30:50Z
kirk-baird marked the issue as grade-b