Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Missing Events Arithmetic

crypt0mate

Summary

The Lender contract has two functions, setLenderFee and setBorrowerFee, that do not emit events when critical parameters are changed. This makes it difficult to track changes in the values of these parameters off-chain.

Vulnerability Details

The setLenderFee and setBorrowerFee functions in the Lender contract allow the owner to set the fees for lenders and borrowers, respectively. However, these functions do not emit events when the fees are changed, making it difficult to track changes in the values of these fees off-chain.

Impact

The lack of events for critical parameter changes can make it difficult for off-chain systems to track changes in the values of these parameters. This can lead to a lack of transparency and make it more difficult to monitor the contract's behavior.

Tools Used

Manual code review.

Recommendations

One way to mitigate this issue is by adding events to the setLenderFee and setBorrowerFee functions that are emitted when the fees are changed. This would allow off-chain systems to easily track changes in the values of these fees and improve transparency. Here is an example of how this could be implemented:

event LenderFeeChanged(uint256 newFee);
event BorrowerFeeChanged(uint256 newFee);
function setLenderFee(uint256 _fee) external onlyOwner {
if (_fee > 5000) revert FeeTooHigh();
lenderFee = _fee;
emit LenderFeeChanged(_fee);
}
function setBorrowerFee(uint256 _fee) external onlyOwner {
if (_fee > 500) revert FeeTooHigh();
borrowerFee = _fee;
emit BorrowerFeeChanged(_fee);
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.