Platform: Code4rena
Start Date: 26/09/2022
Pot Size: $50,000 USDC
Total HM: 13
Participants: 113
Period: 5 days
Judge: 0xean
Total Solo HM: 6
Id: 166
League: ETH
Rank: 63/113
Findings: 1
Award: $52.54
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xNazgul
Also found by: 0x1f8b, 0x52, 0xDecorativePineapple, 0xSmartContract, 0xmatt, Aeros, Aymen0909, Bnke0x0, Chom, CodingNameKiki, Deivitto, DimitarDimitrov, IllIllI, JC, Jeiwan, Lambda, Matin, Migue, Mukund, Ocean_Sky, Olivierdem, RaymondFam, RockingMiles, Rolezn, Ruhum, Satyam_Sharma, Shinchan, Tomo, Trabajo_de_mates, V_B, Waze, __141345__, a12jmx, ajtra, asutorufos, aysha, brgltd, bulej93, carrotsmuggler, catchup, cccz, chrisdior4, cryptonue, cryptphi, d3e4, defsec, delfin454000, durianSausage, erictee, fatherOfBlocks, gogo, kaden, karanctf, ladboy233, lukris02, mahdikarimi, martin, mics, natzuu, oyc_109, p_crypt0, pedr02b2, rbserver, reassor, rotcivegaf, rvierdiiev, sikorico, slowmoses, sorrynotsorry, tnevler, trustindistrust
52.5375 USDC - $52.54
There is 1 instance of this issue: ================= file: AlgebraFactory.sol
ERC20 operations can be unsafe due to different implementations and vulnerabilities in the standard.
It is therefore recommended to always either use OpenZeppelin's SafeERC20 library or at t to wrap each operation in a require statement.
To circumvent ERC20's approve functions race-condition vulnerability use
OpenZeppelin's SafeERC20 library's safe{Increase|Decrease}Allowance
functions.
In case the vulnerability is of no danger for your implementation, provide enough documentation explaining the reasonings.
function setOwner(address _owner) external override onlyOwner {require(owner != _owner); emit Owner(_owner); owner = _owner; }
address owner; address pendingOwner;
// ...
function setPendingOwner(address newPendingOwner) external { require(msg.sender == owner, "!owner"); emit NewPendingOwner(newPendingOwner); pendingOwner = newPendingOwner; }
function acceptOwnership() external { require(msg.sender == pendingOwner, "!pendingOwner"); emit NewOwner(pendingOwner); owner = pendingOwner; pendingOwner = address(0); }
=================
=================
There are 10 instances of this issue:
require(tokenA != tokenB);
(address token0, address token1) = tokenA < tokenB ? (tokenA, tokenB) : (tokenB, tokenA);
2.require(token0 != address(0));
3.require(poolByPair[token0][token1] == address(0));
4.require(farmingAddress != _farmingAddress);
5.require(vaultAddress != _vaultAddress);
https://github.com/code-423n4/2022-09-quickswap/blob/15ea643c85ed936a92d2676a7aabf739b210af39/src/core/contracts/AlgebraFactory.sol#L63 4. https://github.com/code-423n4/2022-09-quickswap/blob/15ea643c85ed936a92d2676a7aabf739b210af39/src/core/contracts/AlgebraFactory.sol#L85
1.require(tokenA != tokenB, “REVERT MESSAGE”); (address token0, address token1) = tokenA < tokenB ? (tokenA, tokenB) : (tokenB, tokenA); 2.require(token0 != address(0), “REVERT MESSAGE”); 3.require(poolByPair[token0][token1] == address(0), “REVERT MESSAGE”); 4.require(farmingAddress != _farmingAddress, “REVERT MESSAGE”); 5.require(vaultAddress != _vaultAddress, “REVERT MESSAGE”);
=================
1.require((communityFee0 <= Constants.MAX_COMMUNITY_FEE) && (communityFee1 <= Constants.MAX_COMMUNITY_FEE));
2.require(msg.sender == IAlgebraFactory(factory).farmingAddress());
3.require(newLiquidityCooldown <= Constants.MAX_LIQUIDITY_COOLDOWN && liquidityCooldown != newLiquidityCooldown);
### Should be:
1.require((communityFee0 <= Constants.MAX_COMMUNITY_FEE) && (communityFee1 <= Constants.MAX_COMMUNITY_FEE), “REVERT MESSAGE”); 2.require(msg.sender == IAlgebraFactory(factory).farmingAddress(), “REVERT MESSAGE”); 3.require(newLiquidityCooldown <= Constants.MAX_LIQUIDITY_COOLDOWN && liquidityCooldown != newLiquidityCooldown, “REVERT MESSAGE”);
=================
### Should be:
==================