Remove salt from createPair() #109
Labels
bug
Something isn't working
G (Gas Optimization)
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
Comments
Mathepreneur
added
the
sponsor acknowledged
|
It is currently not in used, but a different convenience contract or proxy contract might find this feature useful. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Handle
sirhashalot
Vulnerability details
Impact
The
createPair()function in TimeswapFactory.sol passes a salt value to when creating a new TimeswapPair. This salt is never used. Most likely the salt is an artifact from Uniswap V2 Core code. However, Uniswap v2 Core only uses a salt for the CREATE2 assembly call, which is not used in the Timeswap project.https://docs.uniswap.org/protocol/V2/guides/smart-contract-integration/getting-pair-addresses
Proof of Concept
The unnecessary salt is found at:
https://github.com/code-423n4/2022-01-timeswap/blob/bf50d2a8bb93a5571f35f96bd74af54d9c92a210/Timeswap/Timeswap-V1-Core/contracts/TimeswapFactory.sol#L52
Recommended Mitigation Steps
Don't pass a salt when creating a pair. The revised line of code should look like:
pair = new TimeswapPair(asset, collateral, fee, protocolFee);The text was updated successfully, but these errors were encountered: