Beedle - Oracle free perpetual lending

Low Risk Issues

Total: 75 contexts over 17 issues

Low Risk Issues

Functions allowing users to specify the receiving address should check whether the referenced address is not address(this). This would prevent tokens to remain lock inside the contract. An example of the potential for loss by leaving this open is the EOS token smart contract where more than 90,000 tokens are stuck at the contract address.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L22

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L29

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L36

The use of fixed decimal values such as 1e18 or 1e8 in Solidity contracts can lead to inaccuracies, bugs, and vulnerabilities, particularly when interacting with tokens having different decimal configurations. Not all ERC20 tokens follow the standard 18 decimal places, and assumptions about decimal places can lead to miscalculations.

Resolution: Always retrieve and use the decimals() function from the token contract itself when performing calculations involving token amounts. This ensures that your contract correctly handles tokens with any number of decimal places, mitigating the risk of numerical errors or under/overflows that could jeopardize contract integrity and user funds.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Staking.sol#L68

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Staking.sol#L88

Contracts are importing draft dependencies. These imported contracts are still a draft and are not considered ready for mainnet use and have not received adequate security auditing or are liable to change with future development.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L6

Recommended Mitigation Steps

Stop using draft imported contracts and use their release version if it exists.

Consider limiting the number of iterations in for-loops that make external calls

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L293

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L359

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L438

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L549

It's recommended to execute external calls after state changes, to prevent reentrancy bugs.

Consider moving the external calls after the state changes on the following instances.

Proof Of Concept

Division by large numbers may result in the result being zero, due to solidity not supporting fractions. Consider requiring a minimum amount for the numerator to ensure that it is always larger than the denominator

Proof Of Concept

The core function mint is used by users to mint an option position by providing token1 as collateral and borrowing the max amount of liquidity. Address(0) check is missing in both this function and the internal function _mint, which is triggered to mint the tokens to the to address. Consider applying a check in the function to ensure tokens aren't minted to the zero address.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L36

In Solidity, constructors often take address parameters to initialize important components of a contract, such as owner or linked contracts. However, without a check, there's a risk that an address parameter could be mistakenly set to the zero address (0x0). This could occur due to a mistake or oversight during contract deployment. A zero address in a crucial role can cause serious issues, as it cannot perform actions like a normal address, and any funds sent to it are irretrievable. Therefore, it's crucial to include a zero address check in constructors to prevent such potential problems. If a zero address is detected, the constructor should revert the transaction.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Fees.sol#L19

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/utils/Ownable.sol#L14

Lack of zero-address validation on address parameters may lead to transaction reverts, waste gas, require resubmission of transactions and may even force contract redeployments in certain cases within the protocol.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L100

Recommended Mitigation Steps

Consider adding explicit zero-address validation on input parameters of address type.

The non-upgradeable standard version of OpenZeppelin’s library are inherited / used by the contracts.
It would be safer to use the upgradeable versions of the library contracts to avoid unexpected behaviour.

Proof of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L5-L7

Recommended Mitigation Steps

Where applicable, use the contracts from @openzeppelin/contracts-upgradeable instead of @openzeppelin/contracts.
See https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/tree/master/contracts for list of available upgradeable contracts

Recommend considering implementing a two step process where the owner or admin nominates an account and the nominated account needs to call an acceptOwnership() function for the transfer of ownership to fully succeed. This ensures the nominated EOA account is a valid and active account.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/utils/Ownable.sol#L19

Recommended Mitigation Steps

Lack of two-step procedure for critical operations leaves them error-prone. Consider adding two step procedure on the critical functions.

New items are pushed into the following arrays but there is no option to pop them out. Currently, the array can grow indefinitely. E.g. there's no maximum limit and there's no functionality to remove array values.
If the array grows too large, calling relevant functions might run out of gas and revert. Calling these functions could result in a DOS condition.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L276

Recommended Mitigation Steps

Add a functionality to delete array values or add a maximum size limit for arrays.

Ownable2Step and Ownable2StepUpgradeable prevent the contract ownership from mistakenly being transferred to an address that cannot handle it (e.g. due to a typo in the address), by requiring that the recipient of the owner permissions actively accept via a contract call of its own.

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L4

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L9

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Beedle.sol#L11

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L8

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L10

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L73

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Staking.sol#L5

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Staking.sol#L11

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Staking.sol#L31

On leap years, the number of days is 366, so calculations during those years will return the wrong value

Proof Of Concept

https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol#L724