Back to gz627's contests

Tigris Trade contest - gz627's results

A multi-chain decentralized leveraged exchange featuring instant settlement and guaranteed price execution on 30+ pairs.

General Information

Platform: Code4rena

Start Date: 09/12/2022

Pot Size: $90,500 USDC

Total HM: 35

Participants: 84

Period: 7 days

Judge: GalloDaSballo

Total Solo HM: 12

Id: 192

League: ETH

Tigris Trade

Findings Distribution

Researcher Performance

Rank: 82/84

Findings: 1

Award: $1.15

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryTigris Trade

Findings Information

🌟 Selected for report: 0xA5DF

Also found by: 0xA5DF, 0xNazgul, 0xSmartContract, 0xbepresent, 0xdeadbeef0x, 8olidity, Englave, Faith, HE1M, JohnnyTime, Madalad, Mukund, Ruhum, SmartSek, __141345__, aviggiano, carlitox477, cccz, chaduke, francoHacker, gz627, gzeon, hansfriese, hihen, imare, jadezti, kwhuo68, ladboy233, orion, peanuts, philogy, rbserver, wait, yjrwkk

Awards

1.1472 USDC - $1.15

Labels

bug
2 (Med Risk)
downgraded by judge
satisfactory
duplicate-377

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/PairsContract.sol#L142

Vulnerability details

Impact

In Contract PairsContract, when updating the max open interest limit _idToOi[_asset][_tigAsset].maxOi, the contract did not check the long open interests of existing assets. This may result in the fact that some long open interests of existing assets will be higher than the allowed max open interest limit. This confuses the market.

Proof of Concept

Put the below test under describe('Protocol-only functions', function () { in test file: 02.PairsContract.js.

	it('Succeed if reducing max open interest limit to values lower than existing long open interest', async function () {
		await pairscontract.connect(owner).addAsset(99, 'XYZ/ABC', ethers.constants.AddressZero, ethers.utils.parseEther('1'), ethers.utils.parseEther('100'), 1e10, 3e9);
		await pairscontract.connect(owner).setProtocol(NewTrading.address);
		await pairscontract.connect(owner).setMaxOi(99, StableToken.address, ethers.utils.parseEther('2000')); //@audit - set initial max open interest limit
		await pairscontract.connect(NewTrading).modifyLongOi(99, StableToken.address, true, ethers.utils.parseEther('500'));  //@audit - set long open interest of asset
		let [longOi, shortOi] = await pairscontract.idToOi(99, StableToken.address);
		expect(longOi).to.equal(ethers.utils.parseEther('500'));
		await expect(pairscontract.connect(owner).setMaxOi(99, StableToken.address, ethers.utils.parseEther('1'))).to.be.not.reverted; //@audit - update max open interest limit to a level lower than exist long open interest
	});

Tools Used

Manual audit.

Set the max open interest limit as constant/immutable, or adopt some strategies that can keep consistency between existing long open interests and the max open interest limit.

#0 - c4-judge

2022-12-23T17:41:41Z

GalloDaSballo marked the issue as duplicate of #370

#1 - c4-judge

2023-01-15T13:57:18Z

GalloDaSballo marked the issue as duplicate of #377

#2 - c4-judge

2023-01-15T13:57:26Z

GalloDaSballo changed the severity to 2 (Med Risk)

#3 - c4-judge

2023-01-23T09:05:06Z

GalloDaSballo marked the issue as satisfactory

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter