Back to ravikiranweb3's contests

Basin - ravikiranweb3's results

A composable EVM-native decentralized exchange protocol.

General Information

Platform: Code4rena

Start Date: 03/07/2023

Pot Size: $40,000 USDC

Total HM: 14

Participants: 74

Period: 7 days

Judge: alcueca

Total Solo HM: 9

Id: 259

League: ETH

Basin

Findings Distribution

Researcher Performance

Rank: 74/74

Findings: 1

Award: $6.07

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryBasin

Findings Information

🌟 Selected for report: 0xprinc

Also found by: 0x11singh99, 0xAnah, 0xWaitress, 0xkazim, 2997ms, 33audits, 404Notfound, 8olidity, CRIMSON-RAT-REACH, CyberPunks, DanielWang888, Deekshith99, Eeyore, Eurovickk, Inspecktor, JGcarv, John, Jorgect, Kaysoft, LosPollosHermanos, MohammedRizwan, Qeew, QiuhaoLi, Rolezn, TheSavageTeddy, Topmark, Trust, Udsen, a3yip6, alexzoid, bigtone, codegpt, erebus, fatherOfBlocks, ginlee, glcanvas, hunter_w3b, josephdara, kaveyjoe, kutugu, mahdirostami, max10afternoon, oakcobalt, peanuts, pfapostol, ptsanev, qpzm, radev_sw, ravikiranweb3, sces60107, seth_lawson, te_aut, twcctop, zhaojie, ziyou-

Awards

6.0655 USDC - $6.07

Labels

bug
grade-b
low quality report
QA (Quality Assurance)
Q-50

External Links

Link to GitHub issue

  1. LibWellConstructor::encodeWellInitFunctionCall() The convention of name and symbol is mixed up in the above function leading to confusion while reading the code. Refer to how symbol read from LibContractInfo is assigned to name.

    function encodeWellInitFunctionCall(
     IERC20[] memory _tokens,
     Call memory _wellFunction
 ) public view returns (bytes memory initFunctionCall) {
     string memory name = LibContractInfo.getSymbol(address(_tokens[0]));
     string memory symbol = name;
     for (uint256 i = 1; i < _tokens.length; ++i) {
         name = string.concat(name, ":", LibContractInfo.getSymbol(address(_tokens[i])));
         symbol = string.concat(symbol, LibContractInfo.getSymbol(address(_tokens[i])));
     }
     name = string.concat(name, " ", LibContractInfo.getName(_wellFunction.target), " Well");
     symbol = string.concat(symbol, LibContractInfo.getSymbol(_wellFunction.target), "w");

     // See {Well.init}.
     initFunctionCall = abi.encodeWithSignature("init(string,string)", name, symbol);
 }

#0 - c4-pre-sort

2023-07-13T15:04:41Z

141345 marked the issue as high quality report

#1 - c4-pre-sort

2023-07-14T05:53:31Z

141345 marked the issue as low quality report

#2 - c4-judge

2023-08-04T21:00:34Z

alcueca marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter