Back to gs8nrv's contests

Lybra Finance - gs8nrv's results

A protocol building the first interest-bearing omnichain stablecoin backed by LSD.

General Information

Platform: Code4rena

Start Date: 23/06/2023

Pot Size: $60,500 USDC

Total HM: 31

Participants: 132

Period: 10 days

Judge: 0xean

Total Solo HM: 10

Id: 254

League: ETH

Lybra Finance

Findings Distribution

Researcher Performance

Rank: 90/132

Findings: 2

Award: $47.71

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryLybra Finance

Findings Information

🌟 Selected for report: hl_

Also found by: 0xRobocop, Co0nan, CrypticShepherd, DedOhWale, Iurii3, Kenshin, Musaka, OMEN, RedOneN, SpicyMeatball, Toshii, Vagner, bytes032, cccz, gs8nrv, hl_, kenta, lanrebayode77, mahdikarimi, max10afternoon, peanuts, pep7siup

Awards

5.5262 USDC - $5.53

Labels

bug
2 (Med Risk)
downgraded by judge
satisfactory
duplicate-532

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/base/LybraPeUSDVaultBase.sol#L192

Vulnerability details

Impact

The debt when repaying is not updated correctly it doesn't take into account the fees paid. After computing the updated fees, the code check whether the repayment is larger than the fees that must be paid or not. It then decreases the stored fee, but does not update the updated repayment amount. Leading to decrease more than expected the borrowed amount (not taking into account the fees paid).

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.

The code should be:

        if (amount >= totalFee) {
            feeStored[_onBehalfOf] = 0;
            PeUSD.transferFrom(_provider, address(configurator), totalFee);
            PeUSD.burn(_provider, amount - totalFee);
            amount-=totalFee;
        } else {
            feeStored[_onBehalfOf] = totalFee - amount;
            PeUSD.transferFrom(_provider, address(configurator), amount);
            amount=0;
        }

Assessed type

Other

#0 - c4-pre-sort

2023-07-11T20:14:57Z

JeffCX marked the issue as duplicate of #532

#1 - c4-judge

2023-07-28T15:39:33Z

0xean marked the issue as satisfactory

#2 - c4-judge

2023-07-28T19:41:44Z

0xean changed the severity to 2 (Med Risk)

Findings Information

🌟 Selected for report: 0xRobocop

Also found by: Kenshin, RedTiger, caventa, gs8nrv, josephdara, smaul

Labels

bug
2 (Med Risk)
partial-50
duplicate-3

Awards

42.1781 USDC - $42.18

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/configuration/LybraConfigurator.sol#L127 https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/configuration/LybraConfigurator.sol#L202

Vulnerability details

Impact

The check made is not coherent with link #2 in setSafeCollateralRatio. It allows to set the bad collateral ratio larger than the safe collateral ratio, and would allow full liquidation to unwanted collateral ratio.

The

Proof of Concept

Link #1

The line should be

require(newRatio >= 130 * 1e18 && newRatio <= 150 * 1e18 && newRatio+ 1e19 <= vaultSafeCollateralRatio[pool],"LNA");

Assessed type

Governance

#0 - c4-pre-sort

2023-07-09T13:30:58Z

JeffCX marked the issue as duplicate of #3

#1 - c4-judge

2023-07-28T15:44:47Z

0xean marked the issue as satisfactory

#2 - c4-judge

2023-07-29T18:43:24Z

0xean marked the issue as partial-50

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter