Platform: Code4rena
Start Date: 25/01/2022
Pot Size: $50,000 USDT
Total HM: 17
Participants: 39
Period: 3 days
Judge: LSDan
Total Solo HM: 9
Id: 79
League: ETH
Rank: 32/39
Findings: 2
Award: $75.50
π Selected for report: 0
π Solo Findings: 0
π Selected for report: cccz
Also found by: 0x1f8b, Dravee, TomFrenchBlockchain, UncleGrandpa925, WatchPug, bobi, byterocket, hack3r-0m, sirhashalot
byterocket
Issue Information: L001
contracts/LaunchEvent.sol::457 => token.transfer(msg.sender, amount); contracts/LaunchEvent.sol::463 => pair.transfer(msg.sender, balance); contracts/LaunchEvent.sol::489 => token.transfer(msg.sender, amount); contracts/LaunchEvent.sol::513 => token.transfer(issuer, balance); contracts/LaunchEvent.sol::537 => token.transfer(penaltyCollector, excessToken); contracts/LaunchEvent.sol::542 => WAVAX.transfer(penaltyCollector, excessWavax); contracts/RocketJoeFactory.sol::132 => IERC20(_token).transferFrom(msg.sender, launchEvent, _tokenAmount); contracts/RocketJoeStaking.sol::184 => rJoe.transfer(_to, rJoeBal); contracts/RocketJoeStaking.sol::186 => rJoe.transfer(_to, _amount);
#0 - cryptofish7
2022-02-10T23:47:02Z
Duplicate of #12
#1 - dmvt
2022-02-22T10:51:07Z
This could result in a loss of funds given the right external conditions.
2 β Med (M): vulns have a risk of 2 and are considered βMediumβ severity when assets are not at direct risk, but the function of the protocol or its availability could be impacted, or leak value with a hypothetical attack path with stated assumptions, but external requirements.
byterocket
Issue Information: G003
contracts/LaunchEvent.sol::313 => msg.value > 0, contracts/LaunchEvent.sol::337 => if (rJoeNeeded > 0) { contracts/LaunchEvent.sol::354 => require(_amount > 0, "LaunchEvent: invalid withdraw amount"); contracts/LaunchEvent.sol::369 => if (feeAmount > 0) { contracts/LaunchEvent.sol::389 => require(wavaxReserve > 0, "LaunchEvent: no wavax balance"); contracts/LaunchEvent.sol::454 => if (tokenReserve > 0) { contracts/LaunchEvent.sol::485 => require(amount > 0, "LaunchEvent: caller has no incentive to claim"); contracts/LaunchEvent.sol::497 => user.balance > 0, contracts/LaunchEvent.sol::536 => if (excessToken > 0) { contracts/LaunchEvent.sol::541 => if (excessWavax > 0) { contracts/LaunchEvent.sol::546 => if (excessAvax > 0) _safeTransferAVAX(penaltyCollector, excessAvax); contracts/RocketJoeFactory.sol::118 => _tokenAmount > 0, contracts/RocketJoeStaking.sol::101 => if (user.amount > 0) {
#0 - cryptofish7
2022-02-10T23:48:12Z
Duplicate of #240
π Selected for report: WatchPug
Also found by: Czar102, Dravee, Jujic, Meta0xNull, byterocket, defsec, p4st13r4, pauliax, robee, sirhashalot
byterocket
Issue Information: G007
contracts/LaunchEvent.sol::164 => "LaunchEvent: you can't send AVAX directly to this contract" contracts/LaunchEvent.sol::182 => "LaunchEvent: can't withdraw before issuer's timelock" contracts/LaunchEvent.sol::187 => "LaunchEvent: can't withdraw before user's timelock" contracts/LaunchEvent.sol::238 => "LaunchEvent: maxWithdrawPenalty too big" contracts/LaunchEvent.sol::242 => "LaunchEvent: fixedWithdrawPenalty too big" contracts/LaunchEvent.sol::246 => "LaunchEvent: can't lock user LP for more than 7 days" contracts/LaunchEvent.sol::250 => "LaunchEvent: issuer can't withdraw before users" contracts/LaunchEvent.sol::254 => "LaunchEvent: start of phase 1 cannot be in the past" contracts/LaunchEvent.sol::311 => require(msg.sender != issuer, "LaunchEvent: issuer cannot participate"); contracts/LaunchEvent.sol::314 => "LaunchEvent: expected non-zero AVAX to deposit" contracts/LaunchEvent.sol::321 => "LaunchEvent: amount exceeds max allocation" contracts/LaunchEvent.sol::354 => require(_amount > 0, "LaunchEvent: invalid withdraw amount"); contracts/LaunchEvent.sol::358 => "LaunchEvent: withdrawn amount exceeds balance" contracts/LaunchEvent.sol::387 => "LaunchEvent: liquid pair already exists" contracts/LaunchEvent.sol::443 => "LaunchEvent: liquidity already withdrawn" contracts/LaunchEvent.sol::473 => "LaunchEvent: incentives already withdrawn" contracts/LaunchEvent.sol::485 => require(amount > 0, "LaunchEvent: caller has no incentive to claim"); contracts/LaunchEvent.sol::498 => "LaunchEvent: expected user to have non-zero balance to perform emergency withdraw" contracts/LaunchEvent.sol::522 => "LaunchEvent: caller is not RocketJoeFactory owner" contracts/LaunchEvent.sol::621 => require(success, "LaunchEvent: avax transfer failed"); contracts/RocketJoeFactory.sol::59 => "RJFactory: Addresses can't be null address" contracts/RocketJoeFactory.sol::112 => "RJFactory: token has already been issued" contracts/RocketJoeFactory.sol::114 => require(_issuer != address(0), "RJFactory: issuer can't be 0 address"); contracts/RocketJoeFactory.sol::115 => require(_token != address(0), "RJFactory: token can't be 0 address"); contracts/RocketJoeFactory.sol::119 => "RJFactory: token amount needs to be greater than 0" contracts/RocketJoeFactory.sol::126 => "RJFactory: liquid pair already exists" contracts/RocketJoeFactory.sol::207 => "RJFactory: phase one duration lower than no fee duration" contracts/RocketJoeFactory.sol::224 => "RJFactory: no fee duration bigger than phase one duration" contracts/RocketJoeStaking.sol::67 => "RocketJoeStaking: rJOE minting needs to start after the current timestamp" contracts/RocketJoeStaking.sol::120 => "RocketJoeStaking: withdraw amount exceeds balance" contracts/RocketJoeToken.sol::19 => "RocketJoeToken: caller is not a RJLaunchEvent" contracts/RocketJoeToken.sol::28 => "RocketJoeToken: already initialized"
#0 - cryptofish7
2022-02-10T23:47:52Z
Duplicate of #242
π Selected for report: Czar102
Also found by: Dravee, byterocket, d4rk
byterocket
Issue Information: G008
contracts/LaunchEvent.sol::450 => balance = lpSupply / 2; contracts/LaunchEvent.sol::584 => return (user.balance * lpSupply) / wavaxAllocated / 2;
#0 - cryptofish7
2022-02-10T23:47:29Z
Duplicate of #271
π Selected for report: WatchPug
Also found by: Ruhum, TomFrenchBlockchain, WatchPug, byterocket, hyh, kirk-baird
byterocket
The functions RocketJoeFactory::createJRLaunchEvent and LaunchEvent::createPair
both call IJoeFactory::getPair each two times (see here and here).
The pair address could be cached in a local variable to circumvent the second
call, i.e. save gas.
#0 - cryptofish7
2022-01-31T00:47:04Z
Duplicate of #236
byterocket
Issue Information: L003
contracts/LaunchEvent.sol::3 => pragma solidity ^0.8.0; contracts/RocketJoeFactory.sol::3 => pragma solidity ^0.8.0; contracts/RocketJoeStaking.sol::3 => pragma solidity ^0.8.0; contracts/RocketJoeToken.sol::3 => pragma solidity ^0.8.0;
#0 - cryptofish7
2022-02-10T23:46:37Z
Duplicate of #181
#1 - dmvt
2022-02-22T14:10:31Z
Typically I'd consider this a non-critical issue, but in this case I'm going to call it a gas issue given the savings available by locking in a higher version of solidity.