Back to pontifex's contests

Frankencoin - pontifex's results

A decentralized and fully collateralized stablecoin.

General Information

Platform: Code4rena

Start Date: 12/04/2023

Pot Size: $60,500 USDC

Total HM: 21

Participants: 199

Period: 7 days

Judge: hansfriese

Total Solo HM: 5

Id: 231

League: ETH

Frankencoin

Findings Distribution

Researcher Performance

Rank: 141/199

Findings: 1

Award: $22.60

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryFrankencoin

Findings Information

🌟 Selected for report: juancito

Also found by: 0xAgro, 0xNorman, 0xSmartContract, 0xStalin, 0xTheC0der, 0xWaitress, 0xhacksmithh, 0xnev, 3dgeville, 8olidity, Arz, Aymen0909, BGSecurity, BRONZEDISC, Bauchibred, Bauer, BenRai, ChainHunters, ChrisTina, CodeFoxInc, DedOhWale, DishWasher, EloiManuel, IceBear, Inspex, Jorgect, Kaysoft, LeoGold, LewisBroadhurst, Madalad, MiloTruck, MohammedRizwan, Nyx, Polaris_tow, RaymondFam, SaharDevep, SanketKogekar, Sathish9098, SolidityATL, Udsen, W0RR1O, aria, ayden, berlin-101, bin2chen, catellatech, codeslide, crc32, decade, descharre, evmboi32, eyexploit, fatherOfBlocks, georgits, giovannidisiena, joestakey, karanctf, kodyvim, ltyu, lukris02, m9800, matrix_0wl, mov, mrpathfindr, nadin, niser93, p0wd3r, parlayan_yildizlar_takimi, pavankv, pontifex, qpzm, ravikiranweb3, rbserver, santipu_, shealtielanz, slvDev, tnevler, wonjun, xmxanuel, yixxas

Awards

22.6007 USDC - $22.60

Labels

bug
grade-b
QA (Quality Assurance)
Q-21

External Links

Link to GitHub issue

Low Issues

L-1 Position_#251_onlyOwner modifier double check

The withdraw function is an universal function to withdraw collateral and sweeping of other ERC20-like tokens. There is a double check onlyOwner in case of collateral because of the same modifier in the withdrawCollateral function. I suggest just reverting calls with collateral addresses in the arguments and using this function only for sweeping.

L-2 Equity_#293_Wrong comparison

There is the requirement to leave at least one share on the balance in the line #293. It is correct using <= comparison instead of <.

L-3 Equity_#313_Iterator is not used

The loop in the restructureCapTable function doesn't use iterator in the line #313 in the addressesToWipe array. It is just a typo and it can't be the cause of any critical problems. But function work is not correct. I suggest changin 0 on the i iterator.

L-4 PositionFactory_#44_Answer from the create isn't handle

The createClone function contains the create call in the line #44, which can return 0 in case of error. The transaction flow will be reverted only farther in the transferFrom and only if the ERC20-like token does not support transfering on the address(0x0). I suggest handling the return value.

#0 - 0xA5DF

2023-04-27T10:46:00Z

#3 is dupe of #941

#1 - c4-judge

2023-05-16T16:05:47Z

hansfriese marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter