Zaros Part 1
Zaros
DeFiFoundry
60,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Redundant Encoding in `LiquidationKeeper::checkUpKeep` Function

ua1552

Summary

Redundant encoding of address(this) in the return value of checkUpKeep.

Vulnerability Details

The LiquidationKeeper::checkUpKeep(...) function returns two values: a bool indicating if performUpkeep(...) should be executed, and bytes data that is provided to performUpkeep(...) as an argument. In LiquidationKeeper::checkUpKeep(...), this bytes value is decoded into uint256[] which represents the IDs of the accounts to be liquidated:

function performUpkeep(bytes calldata peformData) external override onlyForwarder {
@> uint128[] memory accountsToBeLiquidated = abi.decode(peformData, (uint128[]));
LiquidationKeeperStorage storage self = _getLiquidationKeeperStorage();
(IPerpsEngine perpsEngine) = (self.perpsEngine);
perpsEngine.liquidateAccounts(accountsToBeLiquidated);
}

GitHub: [101]

However, in LiquidationKeeper::checkUpKeep(...), the bytes data also encodes address(this), which is not used anywhere:

function checkUpkeep(bytes calldata checkData)
external
view
returns (bool upkeepNeeded, bytes memory performData)
{
...
@> bytes memory extraData = abi.encode(accountsToBeLiquidated, address(this));
return (upkeepNeeded, extraData);
}

GitHub: [85]

Impact

The encoded address is redundant and not utilized in performUpkeep, leading to unnecessary data processing.

Tools Used

  • Manual Review

Recommendations

Remove the redundant address(this) argument from the extraData encoding in checkUpKeep(...).

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Error is in decoding of `peformData`

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!