Platform: Code4rena
Start Date: 08/06/2022
Pot Size: $115,000 USDC
Total HM: 26
Participants: 72
Period: 11 days
Judge: leastwood
Total Solo HM: 14
Id: 132
League: ETH
Rank: 28/72
Findings: 1
Award: $307.64
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: BowTiedWardens
Also found by: 0x1f8b, 0x29A, 0x52, 0xNazgul, 0xNineDec, 0xf15ers, 0xkatana, 0xmint, Chom, ElKu, Funen, IllIllI, JMukesh, Jujic, Kaiziron, Lambda, MiloTruck, Ruhum, SmartSek, SooYa, TerrierLover, TomJ, WatchPug, Waze, _Adam, asutorufos, auditor0517, bardamu, c3phas, catchup, cccz, ch13fd357r0y3r, cloudjunky, cmichel, cryptphi, csanuragjain, defsec, fatherOfBlocks, hansfriese, hyh, jayjonah8, joestakey, k, kenta, obtarian, oyc_109, robee, sach1r0, shenwilly, simon135, slywaters, sorrynotsorry, tintin, unforgiven, xiaoming90, zzzitron
307.6356 USDC - $307.64
unused local variable
PortalFacet.repayAavePortal() - adopted variable in https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/PortalFacet.sol#L98
Unused function parameter
PortalFacet.repayAavePortalFor() - _router param in https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/PortalFacet.sol#L`26
dev notes documents that The router must be approved for portal and with enough liquidity, and must be the caller of this function.However a require check is missing to ensure msg.sender is the router - https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/PortalFacet.sol#L80
_local variable used instead of adopted for _backloan() call in https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/PortalFacet.sol#L112
SponsorVault.sol contract deployment could revert due to missing zero address check The construction function in SponsorVault.sol calls _setConnext() during deployment. If the _connext address is mistakenly inputed as 0, then the deployment of the contract will revert as seen in the require check in _setConnext()
Missing zero value check SponsorVault.setRate() - missing zero value check for _rate param - https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/PortalFacet.sol#L80
Missing zero address check SponsorVault.setGasTokenOracle() - https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/helpers/SponsorVault.sol#L168
RelayerFacet.addRelayer() - https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/RelayerFacet.sol#L101
_nonce param in https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/facets/BridgeFacet.sol#L391#0 - jakekidd
2022-07-02T00:44:43Z
8 is invalid, it is an interface implementation, unused parameter is required
5+6+7 should be one issue
4 is level 2: Med Risk issue! a good spot (something we also spotted/have resolved since)
#1 - 0xleastwood
2022-08-16T21:55:19Z
no. 4 is a duplicate of #103, a more severe issue, but I won't upgrade it because the impact is not detailed in any way.
#2 - 0xleastwood
2022-08-16T21:59:55Z
Although, I'll give you kudos for some of these findings. great work!