The Standard

DeFiHardhat

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

`status()` in `SmartVaultV3` will always be incorrect due to incorrect `version`

0xrizwan

Summary

status() in SmartVaultV3 will always be incorrect due to incorrect version

Vulnerability Details

SmartVaultV3.sol is the third version of SmartVault and is the latest one which will be deployed. The issue is the version state variable has value of 2 instead of 3 as the current vault in scope is V3 version.

uint8 private constant version = 2; @audit // wrong version, it should be 3

This version is used in status function which will return the status of SmartVaultV3 which will be deployed by the users. The issue here is, the status will be returned incorrect and would be break intended design of vault as this status() is being used in smart vault manager contract.

function status() external view returns (Status memory) {

return Status(address(this), minted, maxMintable(), euroCollateral(),

getAssets(), liquidated, version, vaultType); @audit // should fetch latest version i.e 3 instead of 2

}

In SmartVaultManagerV5.sol, status() is used in several functions like vaults() and

function vaults() external view returns (SmartVaultData[] memory) {

. . . some code

status: ISmartVault(smartVaultIndex.getVaultAddress(tokenId)).status() @audit // will return wrong status due to incorrect version

});

}

tokenURI() will be broken as it wont return the correct tokenURI for v3 version.

function tokenURI(uint256 _tokenId) public view virtual override returns (string memory) {

ISmartVault.Status memory vaultStatus = ISmartVault(smartVaultIndex.getVaultAddress(_tokenId)).status();

return INFTMetadataGenerator(nftMetadataGenerator).generateNFTMetadata(_tokenId, vaultStatus); @audit // vaultStaus is dependent on status which will return incorrect here therefore will break the functionality here

}

The issue is identified as Medium severity as it breaks the intended functionality of vaults i.e status and status has been used in SmartVaultManagerV5 contract which is discussed above. It is recommended that the version of Vault contract must be corrected to overcome these issues.

Impact

Incorrect status of vault will break the functionality of vault by returning wrong status return value in tokenURI(), vaults() of SmartVaultManagerV5 contract. This will intending like the status is being returned from V2 vault instead of V3 vault which is not the desired behaviour in V3 vault contract.

Tools Used

Manual review

Recommendations

Use 3 instead of 2 in version to get the correct status in SmartVaultV3 contract.

- uint8 private constant version = 2;

+ uint8 private constant version = 3;

Updates

Lead Judging Commences

hrishibhat Lead Judge almost 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

vault-version

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

609

33 USDC / LOC

High Medium

17,500 USDC

Low

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!