Platform: Code4rena
Start Date: 02/08/2023
End Date: 07/08/2023
Period: 5 days
Status: Completed
Pot Size: $42,000 USDC
Participants: 45
Reporter: liveactionllama
Judge: hickuphh3
Id: 271
League: ETH
dirk_y | 1/45 | $11,374.29 | 5 | 2 | 1 | 3 | 1 | 0 | 0 | 0 |
3agle | 2/45 | $3,014.93 | 2 | 0 | 0 | 1 | 1 | 0 | 0 | Grade A |
nadin | 3/45 | $2,768.02 | 2 | 0 | 0 | 2 | 1 | 0 | 0 | 0 |
0xmystery | 4/45 | $2,760.39 | 3 | 0 | 0 | 1 | 1 | Grade A | 0 | Grade B |
MohammedRizwan | 5/45 | $1,702.14 | 4 | 0 | 0 | 3 | 0 | Grade B | 0 | 0 |
bin2chen | 6/45 | $1,416.10 | 5 | 1 | 0 | 3 | 0 | Grade B | 0 | 0 |
0xStalin | 7/45 | $1,121.02 | 2 | 1 | 0 | 1 | 0 | 0 | 0 | 0 |
Angry_Mustache_Man | 8/45 | $1,114.70 | 2 | 0 | 0 | 2 | 0 | 0 | 0 | 0 |
hals | 9/45 | $1,031.39 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
14si2o_Flint | 10/45 | $793.38 | 1 | 0 | 0 | 1 | 0 | 0 | 0 | 0 |
Auditor per page
Automated findings output for the audit can be found here within 24 hours of audit opening.
Note for C4 wardens: Anything included in the automated findings output is considered a publicly known issue and is ineligible for awards.
This contest scope completes the PoolTogether V5 audit. The majority of the protocol was audited by C4 on July 7.
This scopes includes several critical pieces:
Links:
Note that the rest of the V5 codebase is out-of-scope, as it was audited in the first Code Arena audit on July 7.
Continuous Gradual Dutch Auction
The LiquidationPair prices yield liquidations using a periodic Continuous Gradual Dutch Auction. It's periodic in the sense that the auction runs in periods that will be aligned with the prize pool periods. At the beginning of each period, the CGDA adjusts the emissions rate and target price so that it adapts to changing market conditions.
Parabolic Fractional Dutch Auction
For the RNG auction we employ a novel auction we call a Parabolic Fractional Dutch Auction. This allows us to have an auction on L1 and have the price as a fraction of an L2 Prize Pool's reserve.
Liquidation Pairs
There will be a LiquidationPair for each Vault. The pair's period length and offset will match the prize pool draw length and offset. This is to try to ensure there is an auction every draw. The target first sale time will be halfway through the auction, as that configuration works at a variety of TVLs in our simulations.
The minimum auction amount will be configured to ensure a minimum efficiency of the liquidation pair. If liquidation gas costs are $0.10 and we want a minimum liquidation efficiency of 95%, then the minimum auction amount should be $2.00 worth of tokens.
The maximum decay constant is approximately 0.00015.
Draw Auction
The RNG auction's sequence period and offset will be daily and match all prize pools on L2. The auction duration will be less than the sequence period, to ensure that the VRGDA Claimer has sufficient time to claim prizes.
In addition to concerns around the security of funds, we also have a number of domain-specific concerns:
Liquidation Pair getting bricked or hacked. Our goal is for each Liquidation Pair to run indefinitely. The pair supports price volatility in several orders of magnitude around the last sale price, but is it possible for the pair to break permanently? Can it be bricked deliberately or accidentally?
Draw Auction performing badly. The RNG Auction and RNG Relay Auctions are a novel mechanism that auction using a fraction of the Prize Pool reserve, rather than a specific price. Is there a significant risk of draining the reserve? Can the auction deviate from expectations and become bricked or unusable?
Losing control of the Remote Owner. The Remote Owner is a unique contract in that it will allow us to extend our control from one chain to another. Can someone usurp us and take control of our Remote?
- If you have a public code repo, please share it here: https://github.com/GenerationSoftware/pt-v5-draw-auction and https://github.com/GenerationSoftware/pt-v5-cgda-liquidator - How many contracts are in scope?: 17 - Total SLoC for these contracts?: 1001 - How many external imports are there?: 6 - How many separate interfaces and struct definitions are there for the contracts within scope?: 5 - Does most of your code generally use composition or inheritance?: Composition - How many external calls?: 7 - What is the overall line coverage percentage provided by your tests?: 100% - Is this an upgrade of an existing system?: False - Check all that apply (e.g. timelock, NFT, AMM, ERC20, rollups, etc.): - Is there a need to understand a separate part of the codebase / get context in order to audit this part of the protocol?: True - Please describe required context: PoolTogether V5: Part I (the July 7, 2023 audit) - Does it use an oracle?: No - Describe any novel or unique curve logic or mathematical models your code uses: There are two variations of dutch auctions. One is a continuous gradual dutch auction, and the other is a fractional dutch auction - Is this either a fork of or an alternate implementation of another project?: False - Does it use a side-chain?: False - Describe any specific areas you would like addressed: We want to make sure that the auctions can't be manipulated or bricked, and that the auction fees are competitive or priced correctly.
Clone using the --recurse option :
git clone https://github.com/code-423n4/2023-08-pooltogether.git --recurse
Or update the repository with:
git submodule update --init --recursive
Within each git submodule, you can run forge test to run all tests. You can run forge coverage to see the coverage report.