Platform: Code4rena
Start Date: 09/12/2022
Pot Size: $90,500 USDC
Total HM: 35
Participants: 84
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 12
Id: 192
League: ETH
Rank: 66/84
Findings: 2
Award: $19.04
🌟 Selected for report: 1
🚀 Solo Findings: 0
🌟 Selected for report: 0xA5DF
Also found by: 0xA5DF, 0xNazgul, 0xSmartContract, 0xbepresent, 0xdeadbeef0x, 8olidity, Englave, Faith, HE1M, JohnnyTime, Madalad, Mukund, Ruhum, SmartSek, __141345__, aviggiano, carlitox477, cccz, chaduke, francoHacker, gz627, gzeon, hansfriese, hihen, imare, jadezti, kwhuo68, ladboy233, orion, peanuts, philogy, rbserver, wait, yjrwkk
1.1472 USDC - $1.15
https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Trading.sol#L943-L969
Users have to put a lot of trust in the owner, which should not be the case in a web3 application.
They might not want to use the platform knowing about such a risk.
In Trading.sol#L943-L969 the owner may at any time update the close fees for already open positions to values unacceptable for the traders, essentially stealing their funds.
Visual Studio Code
Consider refactoring the code, so that the platform users know all the fees before placing a position, and setFees affects only new orders.
#0 - c4-judge
2022-12-23T17:56:32Z
GalloDaSballo marked the issue as duplicate of #514
#1 - c4-judge
2023-01-22T13:48:26Z
GalloDaSballo marked the issue as duplicate of #377
#2 - c4-judge
2023-01-22T17:35:07Z
GalloDaSballo marked the issue as satisfactory
🌟 Selected for report: yjrwkk
Also found by: 0x4non, 0xDecorativePineapple, 0xdeadbeef0x, Avci, Critical, Deivitto, Dinesh11G, Englave, Tointer, ak1, chaduke, izhelyazkov, pwnforce, rbserver, rvierdiiev, unforgiven
17.8851 USDC - $17.89
https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Trading.sol#L650 https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Trading.sol#L675
In Trading.sol a deposit or withdrawal of tokens with decimals higher than 18 will always revert.
This is the case e.g. for NEAR which is divisible into 10e24 yocto
Change 00.Mocks.js#L33 to:
args: ["USDC", "USDC", 24, deployer, ethers.utils.parseUnits("1000", 24)]
Then in 07.Trading.js:
Opening and closing a position with tigUSD output Opening and closing a position with <18 decimal token output
are going to fail with:
Error: VM Exception while processing transaction: reverted with panic code 0x11 (Arithmetic operation underflowed or overflowed outside of an unchecked block)
Visual Studio Code
Update calculations in the contract to account for tokens with decimals higher than 18.
#0 - GalloDaSballo
2022-12-20T15:42:38Z
Best because it has a simple POC and is concise
#1 - c4-judge
2022-12-20T15:42:42Z
GalloDaSballo marked the issue as primary issue
#2 - TriHaz
2023-01-09T17:23:03Z
We are aware of that, we are not planning on adding any token that has more than 18 dec.
#3 - c4-sponsor
2023-01-09T17:23:10Z
TriHaz marked the issue as sponsor acknowledged
#4 - GalloDaSballo
2023-01-13T18:55:39Z
The Warden has shown how, due to an underflow, the system in-scope can revert when using tokens with more than 18 decimals.
Because of how scope was defined, I believe the finding to be valid, I believe a nofix is acceptable as long as the sponsor keeps in mind this risk.
Because of the risk shown, I agree with Medium Severity
#5 - c4-judge
2023-01-13T18:56:13Z
GalloDaSballo marked the issue as selected for report