Platform: Code4rena
Start Date: 28/10/2021
Pot Size: $30,000 ETH
Total HM: 8
Participants: 19
Period: 3 days
Judge: leastwood
Total Solo HM: 4
Id: 47
League: ETH
Rank: 11/19
Findings: 2
Award: $757.16
🌟 Selected for report: 1
🚀 Solo Findings: 0
🌟 Selected for report: pants
503.2365 USDC - $503.24
pants
ibbtc is ERC20Upgradeable. Not all ERC20 contracts supports "blind" transfer method - i.e transfer that you can ignore the return value. You should either check the return value or use openzeppilin safeTransfer
44.0601 USDC - $44.06
pants
You can change line 75 to: emit SetPricePerShare(pricePerShare, now); and remove lines 73 and 18. This value will be the second argument of SetPricePerShare which is publicly accessible. This function will be called a lot - thus this optimization is important
#0 - 0xleastwood
2021-12-04T05:14:24Z
#48
26.436 USDC - $26.44
pants
The public state variable WrappedIbbtcEth : ibbtc can be set immutable to save GAS.
#0 - 0xleastwood
2021-12-04T05:04:55Z
Duplicate of #81
91.7149 USDC - $91.71
pants
initialize function doesn't check that the input addresses aren't 0.
#0 - 0xleastwood
2021-12-04T09:57:07Z
#41
91.7149 USDC - $91.71
pants
The WrappedIbbtcEth.initialize function can be frontrun. We suggest to declare the governance at construction time and add onlyGoverance. The attacker need to frontrun the contract once to stuck it - due to the initializer modifier
#0 - 0xleastwood
2021-12-04T09:00:58Z
#40