Platform: Code4rena
Start Date: 16/12/2021
Pot Size: $100,000 USDC
Total HM: 21
Participants: 25
Period: 7 days
Judge: alcueca
Total Solo HM: 12
Id: 66
League: ETH
Rank: 13/25
Findings: 3
Award: $1,388.11
π Selected for report: 6
π Solo Findings: 0
430.3487 USDC - $430.35
defsec
The latestRoundData function in the contract PriceFeed.sol fetches the asset price from a Chainlink aggregator using the latestRoundData function. However, there are no checks on roundID.
Stale prices could put funds at risk. According to Chainlink's documentation, This function does not error if no answer has been reached but returns 0, causing an incorrect price fed to the PriceOracle. The external Chainlink oracle, which provides index price information to the system, introduces risk inherent to any dependency on third-party data sources. For example, the oracle could fall behind or otherwise fail to be maintained, resulting in outdated data being fed to the index price calculations of the liquidity.
Example Medium Issue : https://github.com/code-423n4/2021-08-notional-findings/issues/18
if (!_response.success) {return true;} // Check for an invalid roundId that is 0 if (_response.roundId == 0) {return true;} // Check for an invalid timeStamp that is 0, or in the future if (_response.timestamp == 0 || _response.timestamp > block.timestamp) {return true;} // Check for non-positive price if (_response.answer <= 0) {return true;}
Manual Review
Consider to add checks on the return data with proper revert messages if the price is stale or the round is incomplete, for example:
(uint80 roundID, int256 price, , uint256 timeStamp, uint80 answeredInRound) = ETH_CHAINLINK.latestRoundData(); require(price > 0, "Chainlink price <= 0"); require(answeredInRound >= roundID, "..."); require(timeStamp != 0, "...");
#0 - kingyetifinance
2022-01-05T05:41:32Z
69.7165 USDC - $69.72
defsec
the teamWallet parameter are used for the onlyTeam modifier. In the state variable , proper check up should be done , other wise error in these state variable can lead to redeployment of contract. If the zero address is assigned to rebalanceManager parameter, that will fail all onlyTeam functions.
Code Review
Add proper zero address validation.
#0 - kingyetifinance
2022-01-05T08:42:34Z
@LilYeti: Duplicate #115
#1 - kingyetifinance
2022-01-05T08:43:05Z
#115 is disputed to severity 0
#2 - alcueca
2022-01-15T06:06:51Z
Duplicate of #251
defsec
++i is more gas efficient than i++ in loops forwarding.
https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/Dependencies/YetiCustomBase.sol#L36 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/YETI/BoringCrypto/BoringERC20.sol#L24 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/TeamAllocation.sol#L66
Code Review
It is recommend to use unchecked{++i} and change i declaration to uint256.
#0 - kingyetifinance
2022-01-06T07:56:43Z
@LIlyeti : DUplicate #12
defsec
Shortening revert strings to fit in 32 bytes will decrease deploy time gas and will decrease runtime gas when the revert condition has been met.
Revert strings that are longer than 32 bytes require at least one additional mstore, along with additional overhead for computing memory offset, etc.
Revert strings > 32 bytes are here:
Manual Review
Shorten the revert strings to fit in 32 bytes. That will affect gas optimization.
#0 - kingyetifinance
2022-01-06T07:45:14Z
@LilYeti: Duplicate #66
π Selected for report: defsec
531.2947 USDC - $531.29
defsec
Yeti protocol allows different tokens to be used as output token. The contracts do not appear to support rebasing/deflationary/inflationary tokens whose balance changes during transfers or over time for the collateral. The necessary checks include at least verifying the amount of tokens transferred to contracts before and after the actual transfer to infer any fees/interest.
Code Review
Make sure output token for any rebasing/inflation/deflation Add support in contracts for such tokens before accepting user-supplied tokens.
uint256 balanceBefore = getOwnBalance(outputToken); require(outputToken.safeTransfer(assetId, router, address(this), amount, "Transfer ERC20_TRANSFER_FAILED"); uint256 receivedAmount = getOwnBalance(outputToken) - balanceBefore;
#0 - kingyetifinance
2022-01-05T08:45:59Z
@LilYeti: We are using wrappers to keep track of these style of tokens where the amount changes over time.
#1 - kingyetifinance
2022-01-05T08:46:27Z
These will be vetted before adding to whitelist
#2 - alcueca
2022-01-16T06:58:30Z
That should be added to the documentation, issue is valid.
17.7859 USDC - $17.79
defsec
Using newer compiler versions and the optimizer gives gas optimizations and additional safety checks are available for free.
The advantages of versions 0.8.* over <0.8.0 are:
"All Contracts" - Pragma version 0.6.12 is used in the all contracts. (https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/YETI/sYETIToken.sol#L2)
None
Consider to upgrade pragma to at least 0.8.4.
#0 - kingyetifinance
2022-01-06T07:43:53Z
@LilYeti: Duplicate #81
π Selected for report: defsec
97.5905 USDC - $97.59
defsec
Lower than uint256 size storage instance variables are actually less gas efficient. E.g. using uint8 does not give any efficiency, actually, it is the opposite as EVM operates on default of 256-bit values so uint8 is more expensive in this case as it needs a conversion. It only gives improvements in cases where you can pack variables together, e.g. structs.
https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/AssetWrappers/WJLP/ERC20_8.sol#L11 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/YETI/sYETIToken.sol#L37
None
Consider to review all uint types. Change them with uint256 If the integer is not necessary to present with 8.
#0 - 0xtruco
2022-01-14T08:21:46Z
Nvm, seems standard for decimals to be uint8
π Selected for report: defsec
97.5905 USDC - $97.59
defsec
From Pragma 0.8.0, ABI coder v2 is activated by default. The pragma abicoder v2 can be deleted from the repository. That will provide gas optimization.
None
Upgrade pragma to 0.8.0 and After the 0.8.0, ABI coder v2 is activated by default. Upgrade pragma to 0.8.0 version. It is recommended to delete redundant codes.
From Solidity v0.8.0 Breaking Changes https://docs.soliditylang.org/en/v0.8.0/080-breaking-changes.html
43.9157 USDC - $43.92
defsec
In some cases, having function arguments in calldata instead of memory is more optimal.
Consider the following generic example:
contract C { function add(uint[] memory arr) external returns (uint sum) { uint length = arr.length; for (uint i = 0; i < arr.length; i++) { sum += arr[i]; } } }
In the above example, the dynamic array arr has the storage location memory. When the function gets called externally, the array values are kept in calldata and copied to memory during ABI decoding (using the opcode calldataload and mstore). And during the for loop, arr[i] accesses the value in memory using a mload. However, for the above example this is inefficient. Consider the following snippet instead:
contract C { function add(uint[] calldata arr) external returns (uint sum) { uint length = arr.length; for (uint i = 0; i < arr.length; i++) { sum += arr[i]; } } }
In the above snippet, instead of going via memory, the value is directly read from calldata using calldataload. That is, there are no intermediate memory operations that carries this value.
Gas savings: In the former example, the ABI decoding begins with copying value from calldata to memory in a for loop. Each iteration would cost at least 60 gas. In the latter example, this can be completely avoided. This will also reduce the number of instructions and therefore reduces the deploy time cost of the contract.
In short, use calldata instead of memory if the function argument is only read.
Note that in older Solidity versions, changing some function arguments from memory to calldata may cause "unimplemented feature error". This can be avoided by using a newer (0.8.*) Solidity compiler.
Examples Note: The following pattern is prevalent in the codebase:
function f(bytes memory data) external { (...) = abi.decode(data, (..., types, ...)); }
Here, changing to bytes calldata will decrease the gas. The total savings for this change across all such uses would be quite significant.
Examples:
https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L890
https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L699 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L873 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L920 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L929 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/ActivePool.sol#L167
None
Change memory definition with calldata.
#0 - 0xtruco
2022-01-14T09:13:26Z
Partial fix in https://github.com/code-423n4/2021-12-yetifinance/pull/31
43.9157 USDC - $43.92
defsec
!= 0 is a cheaper operation compared to > 0, when dealing with uint.
https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/BorrowerOperations.sol#L165 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/BorrowerOperations.sol#L290 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/BorrowerOperations.sol#L566 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/BorrowerOperations.sol#L572 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/BorrowerOperations.sol#L913 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/StabilityPool.sol#L656 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/StabilityPool.sol#L1090 https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/StabilityPool.sol#L1099
None
Consider to replace > 0 with != 0 for gas optimization.
#0 - alcueca
2022-01-14T21:50:39Z
Duplicate of #173
17.7859 USDC - $17.79
defsec
When doing swaps with a Uniswap router from within a contract, there's no need to compute any offset from the current block for the deadline parameter. The router just checks if deadline >= block.timestamp.
https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/YETI/sYETIToken.sol#L231
None
The most efficient way to provide deadlines for a router swap is to use a hardcoded value that is far in the future, for example, 1e10.
#0 - kingyetifinance
2022-01-06T07:51:18Z
Confirmed, related to #52 but that is kind of a duplicate of this issue
#1 - alcueca
2022-01-15T06:22:50Z
Duplicate of #211
defsec
Reading array length at each iteration of the loop takes 6 gas (3 for mload and 3 to place memory_offset) in the stack.
Caching the array length in the stack saves around 3 gas per iteration.
https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L699 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L873 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L920 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/BorrowerOperations.sol#L929 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/ActivePool.sol#L167
None
Consider to cache array length.
#0 - kingyetifinance
2022-01-06T08:52:20Z
@LilYeti: Duplicate #14
#1 - alcueca
2022-01-15T07:17:24Z
Duplicate #283
π Selected for report: defsec
Also found by: 0x1f8b, Jujic, WatchPug, broccolirob, certora, cmichel, csanuragjain, hyh, jayjonah8, kenzo, robee, sirhashalot
defsec
It is good to add a require() statement that checks the return value of token transfers or to use something like OpenZeppelinβs safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silent failures of transfers and affect token accounting in contract.
Reference: This similar medium-severity finding from Consensys Diligence Audit of Fei Protocol: https://consensys.net/diligence/audits/2021/01/fei-protocol/#unchecked-return-value-for-iweth-transfer-call
https://github.com/code-423n4/2021-12-yetifinance/blob/96d3e9a046e3d5fd12decc23c79defdc413cf8a1/packages/contracts/contracts/TroveManagerRedemptions.sol#L229 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/StabilityPool.sol#L947 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/ActivePool.sol#L156 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/DefaultPool.sol#L121 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/YETI/CommunityIssuance.sol#L125 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/TeamAllocation.sol#L77 https://github.com/code-423n4/2021-12-yetifinance/blob/1da782328ce4067f9654c3594a34014b0329130a/packages/contracts/contracts/YetiFinanceTreasury.sol#L25
Code Review
Consider using safeTransfer/safeTransferFrom or require() consistently.
#0 - kingyetifinance
2022-01-05T05:45:36Z
@LilYeti: Duplicate with issue #1 Severity was marked there to be 2 (medium)
#1 - kingyetifinance
2022-01-05T05:46:02Z
Perhaps this issue description is more in depth though than #1 and other similar ones.
#2 - alcueca
2022-01-15T07:26:27Z
Taking as main
#3 - alcueca
2022-01-15T16:12:06Z
Agree to the Low Severity rating. Assets are not at direct risk.