Part 2

Zaros

PerpetualsDEXFoundrySolidity

70,000 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Storage Array Edited with Memory

0light

Summary

Storage reference is passed to a function with a memory parameter. This will not update the storage variable as expected.

Vulnerability Details

we have in the CreditDelegationBranch::_convertAssetsToUsdc function a parameter which is specified as a memory the path parameter,
but in the function call in line Line: 447, the 4th argument is declared as storage while the function expects a memory parameter.
that also happens in line Line: 500, with the function CreditDelegationBranch::_convertUsdcToAssets.

Impact

This means that if the path parameter changes in CreditDelegationBranch::_convertAssetsToUsdc function or the other one, the storage argument that is passed in the function call will not get changed .

Tools Used

Recommendations

In this case the path parameter did not change so there is no risk, but in general using storage instaed of memory would be better.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

70,000 USDC

nSLOC

3,258

21 USDC / LOC

High Medium

66,500

Low

3,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.