Skip to content

Commit

Permalink
Report for issue #371 updated by sorrynotsorry
Browse files Browse the repository at this point in the history
  • Loading branch information
c4-bot-3 committed Apr 22, 2024
1 parent 2b234d5 commit 3bcf87f
Showing 1 changed file with 26 additions and 2 deletions.
28 changes: 26 additions & 2 deletions data/Dup1337-Q.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
| [L-06] | Liquidations for depegged tokens don´t provide proper incentive |
| [L-07] | Seller position can be locked for extended period of time |
| [L-08] | Premia Delta calculation are calculated incorrectly in the code |
| [L-09] | |
| [NC-01] | Deposit and mint sizes can be circumvented |
| [NC-02] | No tick spacing validation |

## [L-01] Pool deployer might be suffered due to excess gas consumption on mainnet
When the user deploys a panoptic pool via the factory contract, the requirements are that the uniV3 pool should `exist` and `initialized`:
Expand Down Expand Up @@ -407,5 +407,29 @@ Contract: CollateralTracker.sol
However, if the said collaterals are of extremely cheap tokens with large decimals, the total deposit can be bypass the limit by having multiple deposits or mints.
It´s also possible that a third party engaged in Panoptic can do that with a customrouter contract depositing in the name of their users.

## [NC-02] No tick spacing validation
According to Panoptic docs, tick spacing should be in line with Uniswap : https://panoptic.xyz/docs/panoptic-protocol/forced-exercise#forced-exercise-cost
> 'Width' is characterized by the tick spacing of the underlying Uniswap pool, which differs depending on each Uniswap pool's fee tier. This is illustrated by the following relationships:
>
> For a fee tier of 1 basis point (bp): width = 1 tick.
> For a fee tier of 5 basis points (bps), width = 10 ticks.
> For a fee tier of 30 basis points (bps), width = 60 ticks.
> For a fee tier of 100 basis points (bps), width = 200 ticks.
> Note: Uniswap v3 currently has four distinct fee tiers.
However, `TokenId.validate()` does not check if the `tickSpacing` is in any of the expected ranges. The tests assume tick spacing taken from Uniswap, e.g.:

```javascript
function _cacheWorldState(IUniswapV3Pool _pool) internal {
pool = _pool;
poolId = PanopticMath.getPoolId(address(_pool));
token0 = _pool.token0();
token1 = _pool.token1();
isWETH = token0 == address(WETH) ? 0 : 1;
fee = _pool.fee();
tickSpacing = _pool.tickSpacing();
// [...]
```

However, due to missing validation, user is free to pass any `tickSpacing` they wish, which is not tested thoroughly.
Please consider adding tickSpacing tests, or strict validation.

0 comments on commit 3bcf87f

Please sign in to comment.