Lybra Finance - mrudenko's results

A protocol building the first interest-bearing omnichain stablecoin backed by LSD.

General Information

Platform: Code4rena

Start Date: 23/06/2023

Pot Size: $60,500 USDC

Total HM: 31

Participants: 132

Period: 10 days

Judge: 0xean

Total Solo HM: 10

Id: 254

League: ETH

Lybra Finance

Findings Distribution

Researcher Performance

Rank: 95/132

Findings: 2

Award: $30.89

Gas:

grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Lybra Finance

Findings Information

🌟 Selected for report: alexweb3

Also found by: D_Auditor, DedOhWale, DelerRH, LuchoLeonel1, Musaka, Neon2835, Silvermist, Timenov, TorpedoPistolIXC41, adeolu, cartlex_, hals, josephdara, koo, lanrebayode77, mahyar, mladenov, mrudenko, pep7siup, zaevlad, zaggle

Awards

18.4208 USDC - $18.42

Labels

bug

3 (High Risk)

satisfactory

edited-by-warden

duplicate-704

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/configuration/LybraConfigurator.sol#L86

Vulnerability details

Impact

Modifiers onlyRole and checkRole do not work, if user has no role, this GovernanceTimelock.checkOnlyRole(role, msg.sender) returns false and code will continue execute. Anyone can call access restricted function

Tools Used

Manual testing

Recommended Mitigation Steps

wrap GovernanceTimelock.checkOnlyRole(role, msg.sender) and GovernanceTimelock.checkRole(role, msg.sender); in require statement, or use custom errors

Assessed type

Access Control

#0 - c4-pre-sort
2023-07-08T23:29:02Z

JeffCX marked the issue as duplicate of #704

#1 - c4-judge
2023-07-28T17:18:52Z

0xean marked the issue as satisfactory

Findings Information

🌟 Selected for report: JCN

Also found by: 0xAnah, DavidGiladi, MohammedRizwan, Rageur, Raihan, ReyAdmirado, Rolezn, SAAJ, SAQ, SM3_SS, Sathish9098, ayo_dev, dharma09, fatherOfBlocks, hunter_w3b, mgf15, mrudenko, naman1778, shamsulhaq123, souilos, turvy_fuzz

Awards

12.4743 USDC - $12.47

Labels

bug

G (Gas Optimization)

grade-b

high quality report

sponsor acknowledged

edited-by-warden

G-16

External Links

Link to GitHub issue

Optimise loops, by moving _contracts.length in variable, and moving increment in unchecked, unchecked { i++ }

https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/configuration/LybraConfigurator.sol#L236 https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/miner/EUSDMiningIncentives.sol#L94 - the same approach to optimise loop https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/miner/EUSDMiningIncentives.sol#L138 - the same approach to optimise loop

Move custom functions/literals in const

https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/configuration/LybraConfigurator.sol#L357 move 10_000 in const
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/governance/LybraGovernance.sol#L52 move 3 in const
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/governance/LybraGovernance.sol#L143 - remove function, create VOTING_PERIOD const with value 3
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/governance/LybraGovernance.sol#L147 - remove function, create VOTING_PERIOD const with value 1
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/governance/LybraGovernance.sol#L156 - remove function COUNTING_MODE, create COUNTING_MODE const with value "support=bravo&quorum=for,abstain"
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/governance/LybraGovernance.sol#L172 - remove function, create PROPOSAL_THRESHOLD const with value 1e23
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/token/EUSD.sol#L99 - name function is not a part of standard IERC20, so function name can be removed, and you can use name const instead
https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/token/EUSD.sol#L107 - symbol function is not a part of standard IERC20, so function name can be removed, and you can use symbol const instead

Remove duplicated required statements, use modifiers

Place 1

Place 2

Place 3

Place 4

Place 5

Place 6

Add custom modifier to withdraw, mint, burn function and move duplicated require statements there require(onBehalfOf != address(0), "TZA"); require(amount > 0, "ZA");

Use constant modifier instead of immutable

https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/miner/ProtocolRewardsPool.sol#L39 https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/pools/base/LybraEUSDVaultBase.sol#L21 https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/pools/base/LybraPeUSDVaultBase.sol#L18 https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/pools/base/LybraEUSDVaultBase.sol#L30

Remove circulatingSupply function, use `totalSupply` directly, this will reduce code size

Remove commented code

https://github.com/code-423n4/2023-06-lybra/blob/5d70170f2c68dbd3f7b8c0c8fd6b0b2218784ea6/contracts/lybra/governance/GovernanceTimelock.sol#L9

#0 - c4-pre-sort
2023-07-27T22:43:48Z

JeffCX marked the issue as high quality report

#1 - c4-judge
2023-07-27T23:42:20Z

0xean marked the issue as grade-a

#2 - c4-judge
2023-07-27T23:45:15Z

0xean marked the issue as grade-b

#3 - c4-sponsor
2023-07-29T10:59:45Z

LybraFinance marked the issue as sponsor acknowledged

Lybra Finance - mrudenko's results

A protocol building the first interest-bearing omnichain stablecoin backed by LSD.

General Information

Findings Distribution

Researcher Performance

External Links

[H-03] Modifier hasRole works incorrectrly! - $18.42

Findings Information

Awards

Labels

External Links

Lines of code

Vulnerability details

Impact

Tools Used

Recommended Mitigation Steps

Assessed type

#0 - c4-pre-sort2023-07-08T23:29:02Z

#1 - c4-judge2023-07-28T17:18:52Z

[G-16] Gas Report - $12.47

Findings Information

Awards

Labels

External Links

Optimise loops, by moving _contracts.length in variable, and moving increment in unchecked, unchecked { i++ }

Move custom functions/literals in const

Remove duplicated required statements, use modifiers

Place 1

Place 2

Place 3

Place 4

Place 5

Place 6

Use constant modifier instead of immutable

Remove circulatingSupply function, use totalSupply directly, this will reduce code size

Remove commented code

#0 - c4-pre-sort2023-07-27T22:43:48Z

#1 - c4-judge2023-07-27T23:42:20Z

#2 - c4-judge2023-07-27T23:45:15Z

#3 - c4-sponsor2023-07-29T10:59:45Z

#0 - c4-pre-sort
2023-07-08T23:29:02Z

#1 - c4-judge
2023-07-28T17:18:52Z

Remove circulatingSupply function, use `totalSupply` directly, this will reduce code size

#0 - c4-pre-sort
2023-07-27T22:43:48Z

#1 - c4-judge
2023-07-27T23:42:20Z

#2 - c4-judge
2023-07-27T23:45:15Z

#3 - c4-sponsor
2023-07-29T10:59:45Z