Platform: Code4rena
Start Date: 08/06/2022
Pot Size: $115,000 USDC
Total HM: 26
Participants: 72
Period: 11 days
Judge: leastwood
Total Solo HM: 14
Id: 132
League: ETH
Rank: 60/72
Findings: 1
Award: $141.86
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: BowTiedWardens
Also found by: 0x1f8b, 0x29A, 0x52, 0xNazgul, 0xNineDec, 0xf15ers, 0xkatana, 0xmint, Chom, ElKu, Funen, IllIllI, JMukesh, Jujic, Kaiziron, Lambda, MiloTruck, Ruhum, SmartSek, SooYa, TerrierLover, TomJ, WatchPug, Waze, _Adam, asutorufos, auditor0517, bardamu, c3phas, catchup, cccz, ch13fd357r0y3r, cloudjunky, cmichel, cryptphi, csanuragjain, defsec, fatherOfBlocks, hansfriese, hyh, jayjonah8, joestakey, k, kenta, obtarian, oyc_109, robee, sach1r0, shenwilly, simon135, slywaters, sorrynotsorry, tintin, unforgiven, xiaoming90, zzzitron
141.8552 USDC - $141.86
Wrong implementation of PortalFacet.getAavePortalFeeDebt(). contracts\core\connext\facets\PortalFacet.sol#L38-L40
Different validations of adminFee and swapFee. contracts\core\connext\helpers\StableSwap.sol#L97-98 contracts\core\connext\libraries\SwapUtils.sol#L1071 contracts\core\connext\libraries\SwapUtils.sol#L1084
Recommend to use safeIncreaseAllowance(), safeDecreaseAllowance() as safeApprove() is deprecated. contracts\core\connext\libraries\AssetLogic.sol#L347
Wrong comments contracts\core\connext\helpers\StableSwap.sol#L223 contracts\core\connext\helpers\StableSwap.sol#L227 contracts\core\connext\helpers\StableSwap.sol#L240 contracts\core\connext\libraries\SwapUtils.sol#L790 contracts\core\connext\libraries\LibConnextStorage.sol#L299
#0 - jakekidd
2022-07-02T01:10:13Z
safeApprove method in order to do sovery little to work with here in comparison to other QA reports