Back to gzeon's contests

Sublime contest - gzeon's results

Democratizing credit via Web3.

General Information

Platform: Code4rena

Start Date: 29/03/2022

Pot Size: $30,000 USDC

Total HM: 6

Participants: 24

Period: 3 days

Judge: HardlyDifficult

Total Solo HM: 4

Id: 101

League: ETH

Sublime

Findings Distribution

Researcher Performance

Rank: 13/24

Findings: 2

Award: $124.06

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositorySublime

Findings Information

🌟 Selected for report: hickuphh3

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xkatana, BouSalman, Dravee, IllIllI, Meta0xNull, WatchPug, defsec, dirk_y, gzeon, hake, kyliek, rayn, robee, sseefried

Awards

74.8935 USDC - $74.89

Labels

bug
question
QA (Quality Assurance)

External Links

Link to GitHub issue

Low

Lack sanity check when updating oracle

Perform basic check before updating oracle as it is critical to all logic https://github.com/sublime-finance/sublime-v1/blob/46536a6d25df4264c1b217bd3232af30355dcb95/contracts/PooledCreditLine/PooledCreditLine.sol#L497

Non-Critical

Upgrade Solidity version to 0.8.12

It is recommended to use the latest Solidity version, but understand that the breaking change in safe math might be a blocker

#0 - ritik99

2022-04-12T19:51:29Z

  1. It is not clear what sanity checks the warden is suggesting. Would like some clarity here
  2. This is not possible for us because of a dependency issue (see #67 )

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xNazgul, 0xkatana, Dravee, Funen, Meta0xNull, Tomio, csanuragjain, defsec, gzeon, hake, hickuphh3, kenta, rayn, rfa, robee

Awards

49.1731 USDC - $49.17

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Use seperate LimitsUpdated event

Instead of using the first event argument to store a string, use seperate event to track individual limit https://github.com/sublime-finance/sublime-v1/blob/46536a6d25df4264c1b217bd3232af30355dcb95/contracts/PooledCreditLine/PooledCreditLine.sol#L233

Unnecessary safemath when div(SCALING_FACTOR)

https://github.com/sublime-finance/sublime-v1/blob/46536a6d25df4264c1b217bd3232af30355dcb95/contracts/PooledCreditLine/LenderPool.sol#L319

Check fromBalance != 0 then proceed without safemath

https://github.com/sublime-finance/sublime-v1/blob/46536a6d25df4264c1b217bd3232af30355dcb95/contracts/PooledCreditLine/LenderPool.sol#L707

#0 - ritik99

2022-04-12T19:06:14Z

All suggestions are valid

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter