Platform: Code4rena
Start Date: 14/06/2022
Pot Size: $50,000 USDC
Total HM: 19
Participants: 99
Period: 5 days
Judge: HardlyDifficult
Total Solo HM: 4
Id: 136
League: ETH
Rank: 71/99
Findings: 2
Award: $60.06
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: hyh
Also found by: 0x29A, 0xNineDec, 0xf15ers, 0xkowloon, GreyArt, IllIllI, KIntern, Kenshin, Lambda, WatchPug, Wayne, berndartmueller, byterocket, cccz, codexploder, horsefacts, kenzo, obront, obtarian, oyc_109, peritoflores, rajatbeladiya, rfa, saian, unforgiven, zer0dot
11.084 USDC - $11.08
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L1229 https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/staking/InfinityStaker.sol#L345
The InfinityStaker#rescueETH and InfinityExchange#rescueETH payable functions sends msg.value to the destination and not the ether in the contract, so the fees and accidentally transferred ether is not sent to the destination address
function rescueETH(address destination) external payable onlyOwner { (bool sent, ) = destination.call{value: msg.value}(''); require(sent, 'Failed to send Ether'); }
function rescueETH(address destination) external payable onlyOwner { (bool sent, ) = destination.call{value: msg.value}(''); require(sent, 'failed'); }
Manual review
msg.value can be replaced with address(this).balance and payable can be removed
#0 - nneverlander
2022-06-22T18:13:47Z
Duplicate
#1 - nneverlander
2022-07-05T12:38:07Z
#2 - HardlyDifficult
2022-07-09T17:01:50Z
🌟 Selected for report: joestakey
Also found by: 0x1f8b, 0x29A, 0x52, 0xDjango, 0xNazgul, 0xNineDec, 0xf15ers, 0xkowloon, 0xmint, 8olidity, BowTiedWardens, Chom, Cityscape, Czar102, ElKu, FSchmoede, Funen, GimelSec, GreyArt, IllIllI, KIntern, Kaiziron, Kenshin, Lambda, MadWookie, MiloTruck, PPrieditis, Picodes, Ruhum, Sm4rty, StErMi, TerrierLover, TomJ, Treasure-Seeker, VAD37, WatchPug, Wayne, _Adam, a12jmx, abhinavmir, antonttc, apostle0x01, asutorufos, berndartmueller, cccz, cloudjunky, codexploder, cryptphi, csanuragjain, defsec, delfin454000, fatherOfBlocks, georgypetrov, hake, hansfriese, horsefacts, hyh, k, kenta, nxrblsrpr, oyc_109, peritoflores, rajatbeladiya, reassor, rfa, robee, sach1r0, saian, samruna, shenwilly, simon135, sorrynotsorry, sseefried, throttle, unforgiven, wagmi, zzzitron
48.979 USDC - $48.98
require statement in InfinityStaker#getRagequitAmounts executes condition >= 0 which always returns true for unsigned integers, it can be changed to != 0
require(totalStaked >= 0, 'nothing staked to rage quit');
Some functions in the contracts have missing natspec comments
https://github.com/code-423n4/2022-06-infinity/blob/main/contracts/token/InfinityToken.sol
Some function have comments that are incomplete
missing @params
/// @dev checks whether the orders are active and not expired function isTimeValid(OrderTypes.MakerOrder calldata sell, OrderTypes.MakerOrder calldata buy) public view returns (bool)
/// @dev checks whether the price is valid; a buy order should always have a higher price than a sell order function isPriceValid(OrderTypes.MakerOrder calldata sell, OrderTypes.MakerOrder calldata buy) public view returns (bool, uint256)
/// @dev sanity check to make sure that a taker is specifying the right number of items function areTakerNumItemsValid(OrderTypes.MakerOrder calldata makerOrder, OrderTypes.OrderItem[] calldata takerItems) public pure returns (bool)
missing @returns
/** * @notice Verifies the validity of the order * @dev checks whether order nonce was cancelled or already executed, if signature is valid and if the complication and currency are valid * @param order the order * @param orderHash computed hash of the order */ function isOrderValid(OrderTypes.MakerOrder calldata order, bytes32 orderHash) public view returns (bool) {
/// @notice returns the number of complications supported by the exchange function numComplications() external view returns (uint256) {
/// @notice returns the complication at the given index function getComplicationAt(uint256 index) external view returns (address) {
/// @notice returns whether a given complication is valid function isValidComplication(address complication) external view returns (bool) {
/// @notice returns the number of currencies supported by the exchange function numCurrencies() external view returns (uint256) {
/// @notice returns the currency at the given index function getCurrencyAt(uint256 index) external view returns (address) {
/// @notice returns whether a given currency is valid function isValidCurrency(address currency) external view returns (bool) {
events should use three indexed fields if there are three or more fields
event MatchOrderFulfilled( bytes32 sellOrderHash, bytes32 buyOrderHash, address seller, address buyer, address complication, // address of the complication that defines the execution address currency, // token address of the transacting currency uint256 amount // amount spent on the order ); event TakeOrderFulfilled( bytes32 orderHash, address seller, address buyer, address complication, // address of the complication that defines the execution address currency, // token address of the transacting currency uint256 amount // amount spent on the order );