Platform: Code4rena
Start Date: 20/05/2021
Pot Size: $55,000 USDC
Total HM: 19
Participants: 8
Period: 7 days
Judge: cemozer
Total Solo HM: 11
Id: 11
League: ETH
Rank: 8/8
Findings: 3
Award: $911.15
🌟 Selected for report: 0
🚀 Solo Findings: 0
648.5056 USDC - $648.51
s1m0
liquidateDai() try to swap DAI to ETH through uniswap using swapExactTokenForETH(). Before calling swapExactTokenForETH() the smart contract should approve uniswap router to use amount of DAI. Also as for documentation If the to address is a smart contract, it must have the ability to receive ETH.
Approve the uniswap router to use amount of DAI. Implements the receive() function.
#0 - fairside-core
2021-05-30T13:44:17Z
Duplicate of #21
#1 - fairside-core
2021-05-30T13:44:40Z
Given that the interaction is prohibited altogether and no funds are lost, I believe this to be a medium severity finding.
s1m0
The function getEtherPrice() doesn't check if the return value is stale data. Stale data would mess up the calculation of amountOutMin for liquidateDai() and liquidateEth().
Check that answeredInRound >= roundId as indicated in Chainlink documentation.
#0 - fairside-core
2021-05-30T13:14:29Z
Duplicate of #70