Foundry DeFi Stablecoin CodeHawks Audit Contest

Cyfrin

DeFiFoundry

15,000 USDC

Submission Details

Severity: medium

Valid

Lack of duplication check in constructor

There is not any check wether the deployer has set the same collateral address along with corresponding price feed twice.

While there is check in constructor to compare the length of collateral array to the corresponding price feeds

There is not any check for collateral address and price feed being repeated, if the same collateral entered twice.

Users collateral value will be counted twice in the health check calculation.

Many users will pass account health check despite being underwater. Also, user will able mint to twice the amount than they are supposed to.

Manual review

Implement check to see if the collateral is not being repeated in array input of constructor.

Total prize

15,000 USDC

nSLOC

236

64 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.