RebateFi Hook

First Flight #53

Beginner FriendlyDeFi

100 EXP

View results

Previous Next

Submission Details

Impact: low

Likelihood: high

Invalid

Missing events for fee changes makes it difficult to track the history of the applied changes

farnad

Root + Impact

Description

When the fees (the buyFee or sellFee state variables) are changed by the owner in the ReFiSwapRebateHook::ChangeFee function, an event should be emitted. However, in the current code, it is not.
Emitting such events facilitates the process of tracking the fee changes history.
For example, to see the effect of the fee changes over the revenue of the dapp, it is necessary to exactly know when the changes were applied. Without the on-chain recorded events, it is difficult and needs extra effort of doing it manually.

function ChangeFee(bool _isBuyFee, uint24 _buyFee, bool _isSellFee, uint24 _sellFee) external onlyOwner {

@> if (_isBuyFee) buyFee = _buyFee;

@> if (_isSellFee) sellFee = _sellFee;

}

Risk

Likelihood: High

It happens every time the owner changes any of the fees.

Impact: Low

It does not have any disruptive effect on the functionality of the protocol. However, it makes it difficult to track the fee changes over time.

Proof of Concept

To see it in action, you should:

Copy/paste the code into Remix.
Run the program.
Look at the terminal window. You do not see any events emitted.

Recommended Mitigation

To solve this issue:

First, we need to declare the 2 events BuyFeeChanged() and SellFeeChanged() (for change of the buyFee and sellFee variables, respectively).

Then, we will emit them when the actual changes take place in the ChangeFee function.

+ event BuyFeeChanged();

+ event SellFeeChanged();

function ChangeFee(bool _isBuyFee, uint24 _buyFee, bool _isSellFee, uint24 _sellFee) external onlyOwner {

- if (_isBuyFee) buyFee = _buyFee;

- if (_isSellFee) sellFee = _sellFee;

+ if (_isBuyFee) {

+ emit BuyFeeChanged();

+ buyFee = _buyFee;

+ }

+ if (_isSellFee) {

+ emit SellFeeChanged();

+ sellFee = _sellFee;

+ }

}

Updates

Lead Judging Commences

chaossr Lead Judge 12 days ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

150

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!