Back to idkwhatimdoing's contests

Inverse Finance contest - idkwhatimdoing's results

Rethink the way you borrow.

General Information

Platform: Code4rena

Start Date: 25/10/2022

Pot Size: $50,000 USDC

Total HM: 18

Participants: 127

Period: 5 days

Judge: 0xean

Total Solo HM: 9

Id: 175

League: ETH

Inverse Finance

Findings Distribution

Researcher Performance

Rank: 35/127

Findings: 2

Award: $198.81

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryInverse Finance

Findings Information

🌟 Selected for report: gs8nrv

Also found by: Holmgren, idkwhatimdoing, immeas, kaden, rvierdiiev, yamapyblack

Labels

bug
2 (Med Risk)
satisfactory
duplicate-469

Awards

198.4346 USDC - $198.43

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2022-10-inverse/blob/main/src/Oracle.sol#L112-L144

Vulnerability details

Impact

If getPrice is never called for 2 days, the price will be directly from the feed

Consider reverting getPrice if previous day low is missing. Create a separate function to update low price separately.

#0 - c4-judge

2022-11-05T20:54:58Z

0xean marked the issue as duplicate

#1 - Simon-Busch

2022-12-05T15:32:14Z

Issue marked as satisfactory as requested by 0xean

#2 - c4-judge

2022-12-07T08:20:12Z

Simon-Busch marked the issue as duplicate of #469

Findings Information

🌟 Selected for report: rbserver

Also found by: 0x1f8b, 0xNazgul, 0xc0ffEE, 8olidity, Aymen0909, Chom, Franfran, Jeiwan, Jujic, Lambda, M4TZ1P, Olivierdem, Rolezn, Ruhum, TomJ, Wawrdog, __141345__, bin2chen, c7e7eff, carlitox477, catchup, cccz, codexploder, cuteboiz, d3e4, dipp, djxploit, eierina, elprofesor, hansfriese, horsefacts, idkwhatimdoing, imare, immeas, joestakey, ladboy233, leosathya, martin, minhtrng, pashov, peanuts, pedroais, rokinot, rvierdiiev, saneryee, sorrynotsorry, tonisives

Awards

0.385 USDC - $0.38

Labels

bug
2 (Med Risk)
satisfactory
duplicate-584

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2022-10-inverse/blob/main/src/Oracle.sol#L82 https://github.com/code-423n4/2022-10-inverse/blob/main/src/Oracle.sol#L116

Vulnerability details

Impact

The token price is obtained using Chainlink feed. However, the timestamp associated with the price data is not verified; therefore it is possible to use a stale token price.

Proof of Concept

    (uint80 roundID, int256 price, , uint256 timeStamp, uint80 answeredInRound) = oracle.latestRoundData();
    require(answeredInRound >= roundID, "...");
    require(timeStamp != 0, "...");

Instead of using deprecated method latestAnswer, use latestRoundData to obtain price. Add checks on the return data with proper revert messages if the price is stale or the round is incomplete.

#0 - neumoxx

2022-10-31T08:49:15Z

Duplicate of #601

#1 - c4-judge

2022-11-05T17:50:31Z

0xean marked the issue as duplicate

#2 - Simon-Busch

2022-12-05T15:26:26Z

Issue marked as satisfactory as requested by 0xean

#3 - c4-judge

2022-12-07T08:14:13Z

Simon-Busch marked the issue as duplicate of #584

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter