Platform: Code4rena
Start Date: 23/05/2022
Pot Size: $50,000 USDC
Total HM: 44
Participants: 99
Period: 5 days
Judge: hickuphh3
Total Solo HM: 11
Id: 129
League: ETH
Rank: 42/99
Findings: 2
Award: $162.75
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: berndartmueller
Also found by: 0x1f8b, 0xDjango, 0xsomeone, ACai, Bahurum, BouSalman, CertoraInc, Deivitto, Dravee, GimelSec, IllIllI, JMukesh, Kaiziron, PP1004, Ruhum, SmartSek, VAD37, WatchPug, _Adam, aez121, antonttc, blockdev, broccolirob, camden, cccz, cryptphi, defsec, dipp, ellahi, fatherOfBlocks, gzeon, horsefacts, ilan, jayjonah8, joestakey, kenta, kenzo, minhquanym, oyc_109, pauliax, pedroais, peritoflores, sashik_eth, shenwilly, simon135, throttle, xiaoming90, z3s
0.1022 USDC - $0.10
There's no check here for the return value. Many ERC20 tokens will revert on issues with the transfer, but the ERC20 standard only requires returning a boolean value for success.
You should use SafeERC20 to check return values
#0 - bghughes
2022-06-03T23:40:36Z
Duplicate of #316
🌟 Selected for report: PP1004
Also found by: GimelSec, camden, unforgiven
Because _deposit does a check for deflationary tokens and previewMint doesn't, the number of shares minted by the mint function will not be equal for deflationary tokens, causing these to always fail
The fix is to remove the require in the mint function.
#0 - bghughes
2022-06-03T23:20:40Z
Duplicate of #126