8 lows for mocks
L-1/8. The WStETHMock.wrap function returns stETHAmount_ variable instead of wstETHAmount
Relevant GitHub Links
Summary
The WStETHMock.wrap function should return wstETHAmount, but returns a received stETHAmount_ variable. This inconsistency with the original function can cause issues with test improvements.
Vulnerability Details
The original wrap function returns wstETHAmount:
https://etherscan.io/token/0x7f39c581f595b53c5cb19bd0b3f8da6c935e2ca0#code
The WStETHMock.wrap function returns stETHAmount_:
Impact
Inconsistency with the original function case issues with test improvements.
Tools used
Manual Review
Recommendations
Consider announcing and returning the wstETHAmount variable.
L-2/8. The SwapRouterMock.exactInputSingle function returns params_.amountIn variable instead of amountOut
Relevant GitHub Links
Summary
The SwapRouterMock.exactInputSingle function should return amountOut, but returns a received params_.amountIn variable. This inconsistency with the original function can cause issues with test improvements.
Vulnerability Details
The original exactInputSingle function returns amountOut:
https://github.com/Uniswap/v3-periphery/blob/697c2474757ea89fec12a4e6db16a574fe259610/contracts/SwapRouter.sol#L120
The SwapRouterMock.exactInputSingle function returns params_.amountIn
Impact
Inconsistency with the original function case issues with test improvements.
Tools used
Manual Review
Recommendations
Consider announcing and returning the amountOut variable.
L-3/8. The SwapRouterMock.exactInputSingle function does not revert if tokenIn == tokenOut
Relevant GitHub Links
Summary
The SwapRouterMock.exactInputSingle function does not revert if tokenIn == tokenOut. This invariant can not be checked.
Vulnerability Details
There is an revert in the execution flow of the original function:
Impact
The tokenIn == tokenOut invariant can not be checked.
Tools used
Manual Review
Recommendations
Consider adding the corresponding check.
L-4/8. The SwapRouterMock.exactInputSingle function does not check deadline
Relevant GitHub Links
Summary
The SwapRouterMock.exactInputSingle function does not check the deadline with checkDeadLine. This invariant can not be checked.
Vulnerability Details
The original exactInputSingle function has the checkDeadline modifier:
Impact
The incorrect deadline invariant can not be checked.
Tools used
Manual Review
Recommendations
Consider adding the corresponding check.
L-5/8. The SwapRouterMock.exactInputSingle function does not check amountOut >= params.amountOutMinimum
Relevant GitHub Links
Summary
The SwapRouterMock.exactInputSingle function does not check amountOut >= params.amountOutMinimum. This invariant can not be checked.
Vulnerability Details
The original exactInputSingle function has the amountOut >= params.amountOutMinimum require:
Impact
The insufficient amountOut invariant can not be checked.
Tools used
Manual Review
Recommendations
Consider adding the corresponding check.
L-6/8. The SNonfungiblePositionManagerMock.increaseLiquidity function does not check deadline
Relevant GitHub Links
Summary
The SNonfungiblePositionManagerMock.increaseLiquidity function does not check the deadline with checkDeadLine. This invariant can not be checked.
Vulnerability Details
The original increaseLiquidity function has the checkDeadline modifier:
Impact
The incorrect deadline invariant can not be checked.
Tools used
Manual Review
Recommendations
Consider adding the corresponding check.
L-7/8. The SNonfungiblePositionManagerMock.increaseLiquidity function does not check amount0 >= params.amount0Min && amount1 >= params.amount1Min
Relevant GitHub Links
Summary
The SNonfungiblePositionManagerMock.increaseLiquidity function does not check amount0 >= params.amount0Min && amount1 >= params.amount1Min. This invariant can not be checked.
Vulnerability Details
The execution flow of the original function has the amount0 >= params.amount0Min && amount1 >= params.amount1Min require:
Impact
The max price slippage invariant can not be checked.
Tools used
Manual Review
Recommendations
Consider adding the corresponding check.
L-8/8. The SNonfungiblePositionManagerMock.increaseLiquidity function does not revert if the tokenId is incorrect
Relevant GitHub Links
Summary
The SNonfungiblePositionManagerMock.increaseLiquidity function does not does not revert if the tokenId is incorrect. This invariant can not be checked.
Impact
The incorrect tokenId invariant can not be checked.
Tools used
Manual Review
Recommendations
Consider adding the corresponding check.
Lead Judging Commences
SwapRouterMock/NonfungiblePositionManagerMock doesn't take into account prices or token pairs or any traditional protection mechanisms of Uniswap
WStETHMock.wrap not properly implemented compared to original
WStETHMock.wrap not properly implemented compared to original
SwapRouterMock/NonfungiblePositionManagerMock doesn't take into account prices or token pairs or any traditional protection mechanisms of Uniswap
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.