Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Redundant Check in the `setPrimeRate` Function of the `ReserveLibrary.sol` Contract

eta

Summary

The condition if (oldPrimeRate > 0) is unnecessary in the setPrimeRate Function of the ReserveLibrary.sol Contract, because oldPrimeRate is of type uint256, which is always greater than or equal to 0, and both the constructor and each update ensure the value is always greater than 0. This check does not add value to the logic, and removing it would streamline the function without affecting its behavior.

Vulnerability Details

contracts/libraries/pools/ReserveLibrary.sol:setPrimeRate#L404

function setPrimeRate( ReserveData storage reserve,ReserveRateData storage rateData,uint256 newPrimeRate) internal {

// @audit New value check

if (newPrimeRate < 1) revert PrimeRateMustBePositive();

uint256 oldPrimeRate = rateData.primeRate; // @audit oldPrimeRate is of type uint256 and always >= 0

// Redundant check: uint256 is always >= 0

if (oldPrimeRate > 0) { // @audit This check is unnecessary because oldPrimeRate is always >= 0

uint256 maxChange = oldPrimeRate.percentMul(500);

uint256 diff = newPrimeRate > oldPrimeRate ? newPrimeRate - oldPrimeRate : oldPrimeRate - newPrimeRate;

if (diff > maxChange) revert PrimeRateChangeExceedsLimit();

}

The condition if (oldPrimeRate > 0) is redundant because oldPrimeRate is a uint256 type, which can never be less than 0. This check will always evaluate as true if oldPrimeRate > 0, and will not add any additional protection or logic. Furthermore, the construct does not change any behavior because oldPrimeRate is always non-negative due to its type.

Impact

Code Inefficiency: The redundant check adds unnecessary complexity and reduces code readability. While it does not affect functionality directly, it unnecessarily clutters the code, making it harder to understand and maintain.
Gas Efficiency: Even though the impact is minimal, redundant checks introduce unnecessary operations, slightly increasing gas costs without providing any additional security or logic.

Tools Used

Manual code review

Recommendations

It is recommended to remove the redundant check and The updated function should look like this:

function setPrimeRate(...) internal {

if (newPrimeRate < 1) revert PrimeRateMustBePositive();

uint256 oldPrimeRate = rateData.primeRate;

// Directly check for change limits

if (oldPrimeRate > 0) {

uint256 maxChange = oldPrimeRate.percentMul(500);

uint256 diff = newPrimeRate > oldPrimeRate ? newPrimeRate - oldPrimeRate : oldPrimeRate - newPrimeRate;

if (diff > maxChange) revert PrimeRateChangeExceedsLimit();

// ... Other logic

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!