Platform: Code4rena
Start Date: 27/10/2022
Pot Size: $33,500 USDC
Total HM: 8
Participants: 96
Period: 3 days
Judge: kirk-baird
Total Solo HM: 1
Id: 176
League: ETH
Rank: 57/96
Findings: 2
Award: $24.59
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: ladboy233
Also found by: 0x52, 0xDecorativePineapple, 0xhunter, Aymen0909, Bnke0x0, Dravee, JTJabba, Jeiwan, Lambda, Nyx, Picodes, Trust, cccz, cryptonue, csanuragjain, dic0de, hansfriese, horsefacts, imare, minhtrng, pashov, peritoflores, rbserver, rvierdiiev, wagmi, yixxas
4.9536 USDC - $4.95
Judge has assessed an item in Issue #43 as M risk. The relevant finding follows:
Q-02 - Huge trust assumption in recoverErc20() https://github.com/code-423n4/2022-10-paladin/blob/d6d0c0e57ad80f15e9691086c9c7270d4ccfe0e6/contracts/WardenPledge.sol#L653-L661
Reward tokens are transferred into this contract when a pledge is created. The comment notes " Recovers ERC2O tokens sent by mistake to the contract", but this function can also be used by the owner to draw and drain all tokens that are deposited by pledge creators.
The cons of this function far outweighs the benefit, hence I recommend removing this function.
#0 - c4-judge
2022-11-11T23:49:06Z
kirk-baird marked the issue as duplicate of #17
#1 - c4-judge
2022-11-11T23:49:11Z
kirk-baird marked the issue as partial-50
#2 - c4-judge
2022-12-06T17:32:42Z
Simon-Busch marked the issue as duplicate of #68
🌟 Selected for report: robee
Also found by: 0x007, 0x1f8b, 0x52, 0xDjango, 0xNazgul, 0xSmartContract, 8olidity, Awesome, B2, Bnke0x0, Chom, Diana, Dravee, JTJabba, Jeiwan, Josiah, Lambda, Mathieu, Picodes, RaoulSchaffranek, RaymondFam, RedOneN, ReyAdmirado, Rolezn, Ruhum, Sm4rty, Tricko, Trust, Waze, __141345__, a12jmx, adriro, ajtra, brgltd, c3phas, carlitox477, cccz, ch0bu, chaduke, chrisdior4, corerouter, cryptonue, csanuragjain, ctf_sec, cylzxje, delfin454000, dic0de, djxploit, horsefacts, imare, jayphbee, jwood, ktg, ladboy233, leosathya, lukris02, minhtrng, neko_nyaa, oyc_109, pashov, peritoflores, rbserver, rvierdiiev, shark, tnevler, yixxas
19.6449 USDC - $19.64
The 0 addresses check are done in the respective update() functions but not done in constructor.
In fact, it is important to ensure that the chestAddress is not accidentally set to the 0 address as fees are transferred to it and funds can be lost forever.
There is also no way to update the votingEscrow and delegationBoost address.
recoverErc20()Reward tokens are transferred into this contract when a pledge is created. The comment notes " Recovers ERC2O tokens sent by mistake to the contract", but this function can also be used by the owner to draw and drain all tokens that are deposited by pledge creators.
The cons of this function far outweighs the benefit, hence I recommend removing this function.
#0 - c4-judge
2022-11-11T23:49:19Z
kirk-baird marked the issue as grade-b