Maia DAO Ecosystem - its_basu's results

Efficient liquidity renting and management across chains with Curvenized Uniswap V3.

General Information

Platform: Code4rena

Start Date: 30/05/2023

Pot Size: $300,500 USDC

Total HM: 79

Participants: 101

Period: about 1 month

Judge: Trust

Total Solo HM: 36

Id: 242

League: ETH

Maia DAO Ecosystem

Findings Distribution

Researcher Performance

Rank: 71/101

Findings: 1

Award: $86.41

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Maia DAO Ecosystem

Findings Information

🌟 Selected for report: zzebra83

Also found by: 0xMilenov, Fulum, bin2chen, its_basu

Labels

bug

2 (Med Risk)

downgraded by judge

partial-50

edited-by-warden

duplicate-372

Awards

86.4119 USDC - $86.41

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-05-maia/blob/cfed0dfa3bebdac0993b1b42239b4944eb0b196c/src/ulysses-omnichain/RootPort.sol#L405-L411

Vulnerability details

Impact

This function will increase bridgeAgentsLenght rather than bridgeAgentFactoriesLenght which will lead to improper state update in bridgeAgentFactories[] array.
Also it will lead to improper state change in bridgeAgents[] as bridgeAgentsLenght is changed unexpectedly.
This can have severe impact while traversing and fetching addresses from both arrays.

Proof of Concept

https://github.com/code-423n4/2023-05-maia/blob/cfed0dfa3bebdac0993b1b42239b4944eb0b196c/src/ulysses-omnichain/RootPort.sol#L405-L411

Tools Used

Manual Review

Recommended Mitigation Steps

Remove bridgeAgentsLenght and add bridgeAgentFactoriesLenght instead in the function.

Assessed type

Error

#0 - c4-judge
2023-07-11T14:31:56Z

trust1995 marked the issue as duplicate of #372

#1 - c4-judge
2023-07-11T14:32:06Z

trust1995 marked the issue as satisfactory

#2 - c4-judge
2023-07-11T17:10:29Z

trust1995 changed the severity to 2 (Med Risk)

#3 - c4-judge
2023-07-25T13:31:08Z

trust1995 marked the issue as partial-50

Maia DAO Ecosystem - its_basu's results

Efficient liquidity renting and management across chains with Curvenized Uniswap V3.

General Information

Findings Distribution

Researcher Performance

External Links

[M-28] RootPort.addBridgeAgentFactory() is taking bridgeAgentLenght into account rather than bridgeAgentFactoriesLength - $86.41

Findings Information

Labels

Awards

External Links

Lines of code

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Assessed type

#0 - c4-judge2023-07-11T14:31:56Z

#1 - c4-judge2023-07-11T14:32:06Z

#2 - c4-judge2023-07-11T17:10:29Z

#3 - c4-judge2023-07-25T13:31:08Z

#0 - c4-judge
2023-07-11T14:31:56Z

#1 - c4-judge
2023-07-11T14:32:06Z

#2 - c4-judge
2023-07-11T17:10:29Z

#3 - c4-judge
2023-07-25T13:31:08Z