DittoETH

Ditto

DeFiFoundryOracle

55,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

over flow will cause overwriting of records in transferShortRecord ()

saaj

Summary

over flow will cause overwriting of records in transferShortRecord()

Vulnerability Details

Uint8 id will overflow once the limit exceeds the value of 255 that will break the core logic of the code to store record using createShortRecord ().

Impact

Overflow will cause records to be overwritten after value cross 255 limit that can impact storage record for users and their asset.

uint8 id = createShortRecord(

asset,

to,

SR.FullyFilled,

short.collateral,

short.ercDebt,

short.ercDebtRate,

short.zethYieldRate,

tokenId

);

Tools Used

Manual code review

Recommendations

As a standard best practice use uint256 instead of uint8 which will eventually padded to uint256 as a standard process of storing data in EVM.

- uint8 id = createShortRecord(

+ uint256 id = createShortRecord(

asset,

to,

SR.FullyFilled,

short.collateral,

short.ercDebt,

short.ercDebtRate,

short.zethYieldRate,

tokenId

);

Updates

Lead Judging Commences

0xnevi Lead Judge

over 1 year ago

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Other

Prize pool breakdown

Total prize

55,000 USDC

nSLOC

3,365

16 USDC / LOC

High Medium

50,000 USDC

Low

5,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.