Platform: Code4rena
Start Date: 24/03/2023
Pot Size: $49,200 USDC
Total HM: 20
Participants: 246
Period: 6 days
Judge: Picodes
Total Solo HM: 1
Id: 226
League: ETH
Rank: 27/246
Findings: 2
Award: $249.62
馃専 Selected for report: 0
馃殌 Solo Findings: 0
236.4864 USDC - $236.49
ethPerDerivative must get the price of derivative in terms of ETH. However, it returns frxETHAmount / frxETHPriceInETH .
The crv pool address is as below. 2023-03-asymmetry/SfrxEth.sol at 44b5cd94ebedc187a08884a7f685e950e987261c 路 code-423n4/2023-03-asymmetry 路 GitHub
address public constant FRX_ETH_CRV_POOL_ADDRESS = 0xa1F8A6807c402E4A15ef4EBa36528A3FED24E577;
self.balances array is as below.
Vyper_contract | Address 0xa1F8A6807c402E4A15ef4EBa36528A3FED24E577 | Etherscan
self.balances = [0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE, 0x5E8422345238F34275888049021821E8E08CAa1f];
function price_oracle() of the crv pool contract returns the 1st token price denominated in the 0th token.
@external @view @nonreentrant('lock') def price_oracle() -> uint256: amp: uint256 = self._A() xp: uint256[N_COINS] = self.balances D: uint256 = self._get_D(xp, amp) return self._ma_price(xp, amp, D)
Manual analysis.
function ethPerDerivative(uint256 _amount) public view returns (uint256) { uint256 frxAmount = IsFrxEth(SFRX_ETH_ADDRESS).convertToAssets( 10 ** 18 ); // This line should be fixed: / -> * return ((10 ** 18 * frxAmount) * IFrxEthEthPool(FRX_ETH_CRV_POOL_ADDRESS).price_oracle()); }
#0 - c4-pre-sort
2023-04-04T17:03:46Z
0xSorryNotSorry marked the issue as duplicate of #698
#1 - c4-judge
2023-04-21T15:59:56Z
Picodes marked the issue as not a duplicate
#2 - c4-judge
2023-04-21T16:00:07Z
Picodes marked the issue as duplicate of #641
#3 - c4-judge
2023-04-21T16:00:13Z
Picodes marked the issue as satisfactory
馃専 Selected for report: brgltd
Also found by: 0x3b, 0xAgro, 0xGusMcCrae, 0xNorman, 0xRajkumar, 0xSmartContract, 0xTraub, 0xWagmi, 0xWaitress, 0xffchain, 0xhacksmithh, 0xkazim, 0xnev, 3dgeville, ArbitraryExecution, Aymen0909, BRONZEDISC, Bason, Bloqarl, BlueAlder, Brenzee, CodeFoxInc, CodingNameKiki, Cryptor, DadeKuma, DevABDee, Diana, Dug, Englave, Gde, Haipls, HollaDieWaldfee, Ignite, Infect3d, Jerry0x, Josiah, Kaysoft, Koko1912, KrisApostolov, Lavishq, LeoGold, Madalad, PNS, Rappie, RaymondFam, RedTiger, Rickard, Rolezn, Sathish9098, SunSec, T1MOH, UdarTeam, Udsen, Viktor_Cortess, Wander, adriro, ak1, alejandrocovrr, alexzoid, arialblack14, ayden, bin2chen, brevis, btk, c3phas, carlitox477, catellatech, ch0bu, chaduke, ck, climber2002, codeslide, descharre, dingo2077, ernestognw, fatherOfBlocks, favelanky, georgits, helios, hl_, inmarelibero, juancito, ks__xxxxx, lopotras, lukris02, m_Rassska, mahdirostami, maxper, nadin, navinavu, nemveer, p_crypt0, peanuts, pipoca, pixpi, qpzm, rbserver, reassor, roelio, rotcivegaf, scokaf, siddhpurakaran, slvDev, smaul, tnevler, tsvetanovv, turvy_fuzz, vagrant, wen, yac, zzzitron
13.1298 USDC - $13.13
I submitted the gas issue by mistake, so re-submit in QA report馃檹.
Reduce the number of sload.
// cache storage variable in stack. uint256 _derivativeCount = derivativeCount; for (uint256 i = 0; i < _derivativeCount; i++) { // ... }
adjustWeight: Remove the for loop as below.function adjustWeight( uint256 _derivativeIndex, uint256 _weight ) external onlyOwner { uint256 beforeWeight = weights[_derivativeIndex]; weights[_derivativeIndex] = _weight; totalWeight = totalWeight - beforeWeight + _weight; emit WeightChange(_derivativeIndex, _weight); }
addDerivative: Remove the for loop as below.function addDerivative( address _contractAddress, uint256 _weight ) external onlyOwner { derivatives[derivativeCount] = IDerivative(_contractAddress); weights[derivativeCount] = _weight; derivativeCount++; totalWeight += _weight; emit DerivativeAdded(_contractAddress, _weight, derivativeCount); }
#0 - c4-sponsor
2023-04-10T18:22:37Z
toshiSat marked the issue as sponsor acknowledged
#1 - c4-judge
2023-04-24T17:47:37Z
Picodes marked the issue as grade-b