Badger Citadel contest - remora's results

Bringing BTC to DeFi

General Information

Platform: Code4rena

Start Date: 14/04/2022

Pot Size: $75,000 USDC

Total HM: 8

Participants: 72

Period: 7 days

Judge: Jack the Pug

Total Solo HM: 2

Id: 110

League: ETH

BadgerDAO

Findings Distribution

Researcher Performance

Rank: 31/72

Findings: 2

Award: $275.64

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository BadgerDAO

Findings Information

🌟 Selected for report: Ruhum

Also found by: 0xBug, 0xDjango, IllIllI, MaratCerby, TrungOre, danb, hyh, m9800, minhquanym, pedroais, remora, shenwilly

Labels

bug

duplicate

2 (Med Risk)

Awards

184.248 USDC - $184.25

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L202-L216

Vulnerability details

Impact

Function getAmountOut(_assetAmountIn) fails to handle the case for funding.discount == 0

Proof of Concept

 function getAmountOut(uint256 _assetAmountIn)
        public
        view
        returns (uint256 citadelAmount_)
    {
        uint256 citadelAmountWithoutDiscount = _assetAmountIn * citadelPriceInAsset;

        if (funding.discount > 0) {
            citadelAmount_ =
                (citadelAmountWithoutDiscount * MAX_BPS) /
                (MAX_BPS - funding.discount);
        }
        
        // @audit-issue 
        // if `funding.discount == 0`, `citadelAmount_` will be returned with default initialized value (i.e 0)

        citadelAmount_ = citadelAmount_ / assetDecimalsNormalizationValue;
    }

Tools Used

Manual review

Recommended Mitigation Steps

#0 - GalloDaSballo
2022-04-23T01:31:05Z

Yes, dup of many others

#1 - jack-the-pug
2022-05-29T07:10:56Z

Dup #149

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xkatana, AmitN, CertoraInc, Dravee, Funen, Hawkeye, Jujic, MaratCerby, Picodes, Ruhum, SolidityScan, TerrierLover, TomFrenchBlockchain, TrungOre, VAD37, Yiko, berndartmueller, cmichel, csanuragjain, danb, defsec, delfin454000, dipp, ellahi, fatherOfBlocks, georgypetrov, gs8nrv, gzeon, horsefacts, hubble, hyh, ilan, jah, joestakey, kebabsec, kenta, kyliek, m9800, minhquanym, oyc_109, p_crypt0, peritoflores, rayn, reassor, remora, rfa, robee, scaraven, securerodd, shenwilly, sorrynotsorry, tchkvsky, teryanarmen, z3s

Awards

91.3943 USDC - $91.39

Labels

bug

QA (Quality Assurance)

External Links

Link to GitHub issue

Comment is misleading for @param _minCitadelOut

In line https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/Funding.sol#L160 the comment for _minCitadelOut describe it as ID of DAO.

TREASURY_GOVERNANCE_ROLE is not used anywhere in the contract KnightingRound.sol and can be omitted.

In line https://github.com/code-423n4/2022-04-badger-citadel/blob/18f8c392b6fc303fe95602eba6303725023e53da/src/KnightingRound.sol#L21.

Badger Citadel contest - remora's results

Bringing BTC to DeFi

General Information

Findings Distribution

Researcher Performance

External Links

[M-02] In `Funding.sol`#`getAmountOut()`, `citadelAmount_` doesnot account for case of discount - $184.25

Findings Information

Labels

Awards

External Links

Lines of code

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

#0 - GalloDaSballo2022-04-23T01:31:05Z

#1 - jack-the-pug2022-05-29T07:10:56Z

[Q-49] QA Report - $91.39

Findings Information

Awards

Labels

External Links

#0 - GalloDaSballo
2022-04-23T01:31:05Z

#1 - jack-the-pug
2022-05-29T07:10:56Z