QA Report #18
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Approve
not compatible with Tether (USDT) implementationSome tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether (USDT or CVX)'s
approve()
function will revert if the current approval is not zero, to protect against front-running changes of approvals.The code as currently implemented does not handle these sorts of tokens properly, which would prevent USDT or CVX, from being used by this project.
If the method allPools return pools with duplicate underlyings, it will fault in the case of USDT or CVX, for example.
Affected source code:
Lack of checks
The following methods have a lack checks if the received argument is an address, it's good practice in order to reduce human error to check that the address specified in the constructor or initialize is different than
address(0)
.Affected source code:
If you set any wrong address, without being a contract, an EOA for example, it cannot be changed again:
Lack of int range checks:
Not max defined:
Lack of ACK during owner change
It's possible to lose the ownership under specific circumstances.
Because an human error it's possible to set a new invalid owner. When you want to change the owner's address it's better to propose a new owner, and then accept this ownership with the new wallet.
Affected source code:
Avoid errors with transferFrom
The following methods take all the user's balance and send it through
transferFrom
, this call may fail, sincetransferFrom
extracts the balance from the previously approvedallowance
, it is better to use the user'sallowance
in order to avoid the unnecessary failure when both amounts are not the same. It's better to useallowance
instead ofbalanceOf
.Affected source code:
Wrong logic around
grantRole
andrevokeRole
.The
RoleManager
contract contains a few special roles (Roles.ADDRESS_PROVIDER
,Roles.POOL_FACTORY
,Roles.CONTROLLER
,Roles.POOL
andRoles.VAULT
) that are not controlled in thegrantRole
andrevokeRole
methods.Affected source code:
Centralization risks
Multiple initialization
The
initialize
method of theBkdLocker
contract allows it to be started multiple times as long as the valuestartBoost=0
is set. Abuse these settings to his advantage.Affected source code:
Centralized minting
The
minter
address canmint
arbitrary amount of tokens. If the private key of the owner or minter address is compromised, the attacker will be able tomint
an unlimited amount of tokens, orburn
from arbitrary addresses.Affected source code:
Controlled swapRouter
The
FeeBurner
contract sets theswapperRouter
in the_addressProvider
, so the owner can set any type of swapper, paths or pools, even malicious ones.Since there is no slippage defined in the
FeeBurner
contract itself, it could be that aswapperRouter
returns 0 WETH, and keeps the sent tokens.Affected source code:
The text was updated successfully, but these errors were encountered: