Submission Details
Severity:
Incorrect verification of the pool currencies in the _beforeInitialize function
Description
We have an incorrect verification in the RebateFiHook:_beforeInitialize function. This function should verify if key.currency0 or key.currency1 is the ReFi token, but only verifies if key.currency1 is the ReFi token.
Impact
If there exists a pool that the ReFi token is the key.currency0, the RebateFiHook will not recognise and will revert with ReFiNotInPool error.
Proof of concept
We have the duplicated verification for the key.currency1 in the lines 123 and 124:
/// @notice Validates that the ReFi token is in the pool before initialization
/// @param key The pool key containing currency pair information
/// @return Function selector for success
function _beforeInitialize(address, PoolKey calldata key, uint160) internal view override returns (bytes4) {
if (Currency.unwrap(key.currency1) != ReFi && //here
Currency.unwrap(key.currency1) != ReFi) { //here
revert ReFiNotInPool();
}
return BaseHook.beforeInitialize.selector;
}
Recommended Mitigation
The function verification should be updated to remove the duplicated verification and add verify to the key.currency0:
/// @notice Validates that ReFi token is in the pool before initialization
/// @param key The pool key containing currency pair information
/// @return Function selector for success
function _beforeInitialize(address, PoolKey calldata key, uint160) internal view override returns (bytes4) {
- if (Currency.unwrap(key.currency1) != ReFi &&
+ if (Currency.unwrap(key.currency0) != ReFi &&
Currency.unwrap(key.currency1) != ReFi) {
revert ReFiNotInPool();
}
return BaseHook.beforeInitialize.selector;
}
Updates
Lead Judging Commences
chaossr 12 days ago
Submission Judgement Published Assigned finding tags:
Faulty pool check; only checks currency1 twice, omitting currency0.
Rewards breakdown
nSLOC
150This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.