The Standard

DeFiHardhat

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

QA-report

rafty

ID	Description	Severity
L-01	Owner can renounce ownership.	Low
L-02	No boundaries when setting values.	Low
L-03	Empty receive().	Low

[L-01] Owner can renounce ownership.

SmartVaultManagerV5 is inherited from OwnableUpgrradeable, so it's possible for contract to use renounceOwnership function and left the contract ownership.

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/SmartVaultManagerV5.sol#L16

Same issue can be found in LiquidationPoolManager.sol

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/LiquidationPoolManager.sol#L11

Recommendations

Consider to override this function and revert.

++ function renounceOwnership() public override onlyOwner {

++ revert OperationNotAllowed();

++ }

[L-02] No boundaries when setting values.

There are some functions where owner can set any value.

In SmartVaultManagerV5.sol

function setMintFeeRate(uint256 _rate) external onlyOwner {

mintFeeRate = _rate;

}

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/SmartVaultManagerV5.sol#L103-L105

function setBurnFeeRate(uint256 _rate) external onlyOwner {s

burnFeeRate = _rate;

}

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/SmartVaultManagerV5.sol#L107-L109

function setSwapFeeRate(uint256 _rate) external onlyOwner {

swapFeeRate = _rate;

}

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/SmartVaultManagerV5.sol#L111-L113

In LiquidationPoolManager.sol

function setPoolFeePercentage(uint32 _poolFeePercentage) external onlyOwner {

poolFeePercentage = _poolFeePercentage;

}

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/LiquidationPoolManager.sol#L84-L86

Recommendations

Consider to add min/max bounds to these funtions.

[L-03] Empty receive().

The receive function is not restricted to WETH token transfers, which could lead to unexpected token transfers to a smart contract. The unrestricted receive function may allow users to send native tokens to the contract. This could result in the undesired accumulation of tokens within the contract, making them permanently locked and inaccessible to the intended recipients.

In SmartVaultV3.sol

receive() external payable {}

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/SmartVaultV3.sol#L125

In LiquidationPoolManager.sol

https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/LiquidationPoolManager.sol#L31

Recommendations

To mitigate this issue, consider to implement a check within the receive function to ensure that only WETH token transfers are allowed.

Updates

Lead Judging Commences

hrishibhat Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

informational/invalid

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

609

33 USDC / LOC

High Medium

17,500 USDC

Low

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.