Platform: Code4rena
Start Date: 21/06/2022
Pot Size: $55,000 USDC
Total HM: 29
Participants: 88
Period: 5 days
Judge: gzeon
Total Solo HM: 7
Id: 134
League: ETH
Rank: 36/88
Findings: 2
Award: $229.96
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: defsec
Also found by: 0x1f8b, 0x29A, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 0xkowloon, 0xmint, Bnke0x0, BowTiedWardens, Chom, ElKu, Funen, GalloDaSballo, GimelSec, IllIllI, JC, Kenshin, Kulk0, Lambda, Limbooo, MadWookie, Metatron, Picodes, Soosh, StErMi, TomJ, WatchPug, Waze, Yiko, _Adam, ak1, asutorufos, aysha, bardamu, catchup, datapunk, delfin454000, dipp, fatherOfBlocks, grGred, hake, hansfriese, hyh, joestakey, kebabsec, kenzo, kirk-baird, oyc_109, pashov, poirots, rfa, robee, saian, sashik_eth, shenwilly, simon135, slywaters, z3s, zeesaw, zer0dot
150.9507 USDC - $150.95
There are ERC20 tokens that charge fee for every transfer() / transferFrom().
Vault.sol#addValue() assumes that the received amount is the same as the transfer amount, and uses it to calculate attributions, balance amounts, etc. But, the actual transferred amount can be lower for those tokens. Therefore it's recommended to use the balance change before and after the transfer instead of the amount. This way you also support the tokens with transfer fee - that are popular.
https://github.com/code-423n4/2022-06-illuminate/tree/main/lender/Lender.sol#L616
You use safeApprove of openZeppelin although it's deprecated. (see https://github.com/OpenZeppelin/openzeppelin-contracts/blob/566a774222707e424896c0c390a84dc3c13bdcb2/contracts/token/ERC20/utils/SafeERC20.sol#L38) You should change it to increase/decrease Allowance as OpenZeppilin says.
Deprecated safeApprove in Lender.sol line 116: Safe.approve(uToken, a[i], max); Deprecated safeApprove in Lender.sol line 92: Safe.approve(IERC20(token), r, max);
The following requires are with empty messages. This is very important to add a message for any require. So the user has enough information to know the reason of failure.
Solidity file: Cast.sol, In line 9 with Empty Require message.
The following requires has a non comprehensive messages. This is very important to add a comprehensive message for any require. Such that the user has enough information to know the reason of failure:
Solidity file: Cast.sol, In line 9 with an empty require message
external / public functions parameters should be validated to make sure the address is not 0. Otherwise if not given the right input it can mistakenly lead to loss of user funds.
ERC20.sol.transferFrom dst Redeemer.sol.setLender l
The project is compiled with different versions of solidity, which is not recommended because it can lead to undefined behaviors.
owner param should be validated to make sure the owner address is not address(0). Otherwise if not given the right input all only owner accessible functions will be unaccessible.
ERC20Permit.sol.permit owner
Users can mistakenly think that the return value is the named return, but it is actually the actualreturn statement that comes after. To know that the user needs to read the code and is confusing. Furthermore, removing either the actual return or the named return will save gas.
ERC5095.sol, withdraw ERC5095.sol, previewRedeem ERC5095.sol, maxRedeem ERC5095.sol, convertToPrincipal
The following contracts have a function that allows them an admin to change it to a different address. If the admin accidentally uses an invalid address for which they do not have the private key, then the system gets locked. It is important to have two steps admin change where the first is announcing a pending new admin and the new address should then claim its ownership. A similar issue was reported in a previous contest and was assigned a severity of medium: code-423n4/2021-06-realitycards-findings#105
Lender.sol MarketPlace.sol Redeemer.sol
The following functions are missing commenting as describe below:
ERC5095.sol, maxWithdraw (external), parameter owner not commented ERC5095.sol, redeem (external), parameters principalAmount, holder not commented ERC5095.sol, withdraw (external), parameter holder not commented
Open TODOs can hint at programming or architectural errors that still need to be fixed. These files has open TODOs:
Open TODO in Cast.sol line 8 : require(n <= type(uint128).max, ''); // TODO err msgs Open TODO in Element.sol line 7 : // TODO are these established element names? kind? not type? etc... Open TODO in Element.sol line 8 : // TODO In, Out vs GIVEN_IN, GIVEN_OUT. If those names are needed they should be GivenIn etc... Open TODO in Element.sol line 14 : // TODO audit structure / names / order-of-members etc...
Transferring tokens to the zero address is usually prohibited to accidentally avoid "burning" tokens by sending them to an unrecoverable zero address.
https://github.com/code-423n4/2022-06-illuminate/tree/main/redeemer/Redeemer.sol#L258 https://github.com/code-423n4/2022-06-illuminate/tree/main/marketplace/MarketPlace.sol#L172 https://github.com/code-423n4/2022-06-illuminate/tree/main/lender/Lender.sol#L666
Some tokens don't correctly implement the EIP20 standard and their approve function returns void instead of a success boolean. Calling these functions with the correct EIP20 function signatures will always revert. Tokens that don't correctly implement the latest EIP20 spec, like USDT, will be unusable in the mentioned contracts as they revert the transaction because of the missing return value. We recommend using OpenZeppelin’s SafeERC20 versions with the safeApprove function that handle the return value check as well as non-standard-compliant tokens. The list of occurrences in format (solidity file, line number, actual line)
Lender.sol, 116, Safe.approve(uToken, a[i], max);
Lender.sol, 92, Safe.approve(IERC20(token), r, max);
🌟 Selected for report: BowTiedWardens
Also found by: 0v3rf10w, 0x1f8b, 0x29A, 0xKitsune, 0xNazgul, 0xf15ers, 0xkatana, 0xkowloon, Bnke0x0, ElKu, Fitraldys, Funen, GalloDaSballo, IllIllI, JC, Kaiziron, Lambda, MadWookie, Noah3o6, Nyamcil, RoiEvenHaim, TomJ, Tomio, UnusualTurtle, Waze, _Adam, ajtra, asutorufos, bardamu, c3phas, catchup, datapunk, defsec, delfin454000, fatherOfBlocks, grGred, hake, hansfriese, hyh, ignacio, joestakey, kebabsec, ladboy233, oyc_109, pashov, poirots, rfa, robee, sach1r0, samruna, sashik_eth, simon135, slywaters, z3s, zer0dot
79.0114 USDC - $79.01
Reading a storage variable is gas costly (SLOAD). In cases of multiple read of a storage variable in the same scope, caching the first read (i.e saving as a local variable) can save gas and decrease the overall gas uses. The following is a list of functions and the storage variables that you read twice:
ERC5095.sol: maturity is read twice in redeem Lender.sol: feenominator is read twice in calculateFee ERC5095.sol: maturity is read twice in withdraw
Use bytes32 instead of string to save gas whenever possible. String is a dynamic data structure and therefore is more gas consuming then bytes32.
ERC20.sol (L33), string public override symbol = "???"; ERC20.sol (L32), string public override name = "???";
Using != 0 is slightly cheaper than > 0. (see https://github.com/code-423n4/2021-12-maple-findings/issues/75 for similar issue)
ERC20.sol, 116: change 'balance > 0' to 'balance != 0' ERC20.sol, 189: change 'balance > 0' to 'balance != 0' Lender.sol, 681: change 'feenominator > 0' to 'feenominator != 0'
You can use unchecked in the following calculations since there is no risk to overflow:
Lender.sol (L#688) - uint256 when = block.timestamp + HOLD;
Due to how the EVM natively works on 256 numbers, using a 8 bit number here introduces additional costs as the EVM has to properly enforce the limits of this smaller type. See the warning at this link: https://docs.soliditylang.org/en/v0.8.0/internals/layout_in_storage.html#layout-of-state-variables-in-storage We recommend to use uint256 for the index in every for loop instead using uint8:
Lender.sol, uint8 i, 87
You can inline the following functions instead of writing a specific function to save gas. (see https://github.com/code-423n4/2021-11-nested-findings/issues/167 for a similar issue.)
Lender.sol, calculateFee, { return feenominator > 0 ? a / feenominator : 0; } Lender.sol, principalToken, { return IMarketPlace(marketPlace).markets(u, m, 0); } ERC20Permit.sol, _calculateDomainSeparator, { return keccak256( abi.encode( keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"), keccak256(bytes(name)), keccak256(bytes(version())), chainId, address(this) ) ); }
The following functions are used exactly once. Therefore you can inline them and save gas and improve code clearness.
ERC20.sol, _decreaseAllowance Safe.sol, didLastOptionalReturnCallSucceed
Some projects (e.g. Uniswap - https://github.com/Uniswap/interface/blob/main/src/hooks/useApproveCallback.ts#L88) set the default value of the user's allowance to 2^256 - 1. Since the value 2^256 - 1 can also be represented in hex as 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff. From Ethereum's yellow paper we know that zeros are cheaper than non-zero values in the hex representation. Considering this fact, an alternative choice could be now 0x8000000000000000000000000000000000000000000000000000000000000000 or 2^255 to represent "infinity". If you do the calculations with Remix, you will see that the former costs 47'872 gas, while the latter costs 45'888 gas. If you accept that infinity can also be represented via 2^255 (instead of 2^256-1), which almost all projects can - you can already save about 4% gas leveraging this optimisation trick on those calculations.
Lender.sol (L#84): uint256 max = 2**256 - 1; ) Lender.sol (L#112): uint256 max = 2**256 - 1; )
We recommend not to cache msg.sender since calling it is 2 gas while reading a variable is more.
https://github.com/code-423n4/2022-06-illuminate/tree/main/lender/Lender.sol#L67 https://github.com/code-423n4/2022-06-illuminate/tree/main/marketplace/MarketPlace.sol#L55 https://github.com/code-423n4/2022-06-illuminate/tree/main/redeemer/Redeemer.sol#L52