Platform: Code4rena
Start Date: 05/05/2022
Pot Size: $125,000 DAI
Total HM: 17
Participants: 62
Period: 14 days
Judge: leastwood
Total Solo HM: 15
Id: 120
League: ETH
Rank: 27/62
Findings: 2
Award: $278.33
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xkatana, 0xsomeone, AuditsAreUS, BouSalman, BowTiedWardens, Cityscape, Funen, GimelSec, Hawkeye, JC, MaratCerby, MiloTruck, Picodes, Ruhum, TerrierLover, WatchPug, Waze, bobirichman, catchup, cccz, cryptphi, csanuragjain, delfin454000, ellahi, fatherOfBlocks, hake, horsefacts, hyh, jayjonah8, joestakey, kebabsec, kenta, mics, oyc_109, robee, samruna, shenwilly, sikorico, simon135, throttle, tintin
188.8964 DAI - $188.90
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/StakingPools.sol#L382 Function _deposit: The function is not considering if any transfer fees is present. If a transfer fees is present then incorrect deposit amount of x will be entertained even though actual received amount will be x-fees. Always use before and after balance to deduce the actual amount received
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/gALCX.sol#L39 Function transferOwnership: Add a check to see whether new owner has valid address
require(_owner!=address(0),"Incorrect address");
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/AlchemicTokenV2.sol#L92 Function setFlashFee: Add a check to see if new fees is in correct range
require(newFee>0 && newFee<=BPS, "Too high/Low fees")
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/StakingPools.sol#L130 Function acceptGovernance: pendingGovernance should be set to address(0) once governance has been accepted
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/EthAssetManager.sol#L509 Function sweepToken: Admin is allowed to sweep any token present in the contracts. Ideally Admin should not be allowed to sweep reward token (_claimRewards function) which are meant for rewardReceiver
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/libraries/Tick.sol#L68 Function getWeight: Add a check
require(endingAccumulatedWeight>startingAccumulatedWeight, "end weight is lower than start weight");
https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/TransmuterBuffer.sol#L221 Function setTransmuter: Add a check
require(newTransmuter!=address(0), "Invalid address");
🌟 Selected for report: IllIllI
Also found by: 0v3rf10w, 0x1f8b, 0x4non, 0xDjango, 0xNazgul, 0xf15ers, 0xkatana, 0xsomeone, AlleyCat, BowTiedWardens, Cityscape, Fitraldys, Funen, GimelSec, Hawkeye, JC, MaratCerby, MiloTruck, Randyyy, TerrierLover, Tomio, UnusualTurtle, WatchPug, Waze, _Adam, augustg, bobirichman, catchup, csanuragjain, ellahi, fatherOfBlocks, hake, hansfriese, horsefacts, ignacio, joestakey, kenta, mics, oyc_109, robee, samruna, sashik_eth, sikorico, simon135, throttle
89.4325 DAI - $89.43
Function createPool: This can be revised from
uint256 _poolId = _pools.length(); _pools.push(Pool.Data({ token: _token, totalDeposited: 0, rewardWeight: 0, accumulatedRewardWeight: FixedPointMath.Number(0), lastUpdatedBlock: block.number })); tokenPoolIds[_token] = _poolId + 1;
to:
_pools.push(Pool.Data({ token: _token, totalDeposited: 0, rewardWeight: 0, accumulatedRewardWeight: FixedPointMath.Number(0), lastUpdatedBlock: block.number })); tokenPoolIds[_token] = _pools.length();
Function _claimRewards: Function is duplicate of claimRewards and is never called by any other function even though marked as internal Same goes for https://github.com/code-423n4/2022-05-alchemix/blob/main/contracts-full/ThreePoolAssetManager.sol#L1008
Function stake: Add a check for require(amount!=0,"Incorrect amount")
Function unstake: Add a check for require(gAmount!=0,"Incorrect amount")
Function deposit: Add a check for require(_depositAmount!=0,"Incorrect amount")
Function claimExact: Add a check for require(_claimAmount!=0,"Incorrect amount")
Function withdraw: Add a check for require(_withdrawAmount!=0,"Incorrect amount")