Platform: Code4rena
Start Date: 30/09/2021
Pot Size: $75,000 ETH
Total HM: 9
Participants: 15
Period: 7 days
Judge: 0xean
Total Solo HM: 2
Id: 39
League: ETH
Rank: 9/15
Findings: 3
Award: $2,275.36
🌟 Selected for report: 0
🚀 Solo Findings: 0
nikitastupin
The return value of multiple external transfer / transferFrom calls is not checked. At least at these lines:
Some tokens do not revert in case of failure and return false instead. If one of these tokens is used in Swivel, it may lead to free minting of n- and zc- tokens.
Use SafeERC20, or ensure that the transfer / transferFrom return value is checked.
#0 - 0xean
2021-10-16T23:07:16Z
dupe of #155
🌟 Selected for report: gpersoon
Also found by: 0xRajeev, cmichel, nikitastupin
0.6024 ETH - $1,786.10
nikitastupin
ecrecover function returns 0x0 address if a signature is invalid. However, this case is never checked (https://github.com/Swivel-Finance/gost/blob/ac304f22fd6c1500aa895e21e8787139afc4e1c7/test/swivel/Sig.sol#L22-L22). This may lead to creating dummy actions from 0x0 address.
In current version of the contract I don't see a direct impact. However, in the future this may lead to creating dummy actions from 0x0 address.
Revert if ecrecover returns 0x0.
#0 - JTraversa
2021-10-10T06:13:59Z
Not sure if it counts or not 🤷.
Id say this is noteable, but because all actions require approvals from o.maker, having 0x00 as o.maker with an "invalid" but valid signature should not be impactful.
The suggestion would be to filter 0x00 makers from the orderbook? (which we do)
#1 - 0xean
2021-10-16T23:22:06Z
dupe of #61
🌟 Selected for report: 0xRajeev
Also found by: 0xsanson, nikitastupin, pauliax
0.0602 ETH - $178.61
nikitastupin
The domain is defined in constructor https://github.com/Swivel-Finance/gost/blob/8483e265dfe4be81847a7844f9c298b9938db653/test/swivel/Swivel.sol#L44-L44. As noted in https://eips.ethereum.org/EIPS/eip-2612#security-considerations this may lead to replay attacks in case of a future chain split.
Possible replay attacks in case of a future chain split.
As noted in https://eips.ethereum.org/EIPS/eip-2612#security-considerations retrieve DOMAIN_SEPARATOR each time via function DOMAIN_SEPARATOR() external view returns (bytes32)with fresh chain ID.
#0 - JTraversa
2021-10-07T15:54:15Z
We acknowledge this might be an extreme edge case issue. However the gas savings are likely worth the edge case given the larger issues that would exist in the case of a chain split.
#1 - 0xean
2021-10-16T23:14:32Z
dupe of #98