Platform: Code4rena
Start Date: 11/11/2021
Pot Size: $50,000 USDC
Total HM: 9
Participants: 27
Period: 7 days
Judge: alcueca
Total Solo HM: 5
Id: 53
League: ETH
Rank: 24/27
Findings: 1
Award: $104.12
๐ Selected for report: 1
๐ Solo Findings: 0
85.2873 USDC - $85.29
elprofesor
The use of _token.transfer() in NestedFactory.unlockTokens may have unintended consequences. ERC20 tokens can implement contra to the EIP20 spec (USDT for instance returns VOID). This may result in tokens that return anything from false to void and these return values would not throw on failure. As a result transfer's in unlockTokens may not appropriately throw on failure.
We recommend using OpenZeppelinโs SafeERC20 versions with the safeTransfer function that handles the return value check as well as non-standard-compliant tokens.
๐ Selected for report: hyh
Also found by: MaCree, elprofesor, fatima_naz, gpersoon, gzeon, loop, palina, pauliax, pmerkleplant, xYrYuYx, ye0lde
elprofesor
NestedFactory implements inappropriate validation preventing the removal of 0th index operator in operators array. This prevents the removal of any malicious or compromised operators which compromises could potentially break other functions within the NestedFactory contract.
Details listed above can be seen in the following:
require(i > 0, "NestedFactory::removeOperator: Cant remove non-existent operator"); // @audit - LOW: can't remove 0'th element operator delete operators[i];
click here for link to git repo
An example of more accurate removal process can be seen below:
/// @inheritdoc INestedFactory function removeOperator(bytes32 operator) external override onlyOwner { uint256 i = 0; for (uint index=0 ; index < operators.length ; index++) { if(operators[i] == operator) i = index } require(i > 0, "NestedFactory::removeOperator: Cant remove non-existent operator"); delete operators[i]; }
#0 - maximebrugel
2021-11-16T11:29:15Z
Duplicated : #58
#1 - alcueca
2021-12-03T11:16:50Z
Using #220 instead