QA Report #204
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Here are 11 QA findings per file.
BathToken.sol
[QA-1] Naming inconsistency - consider using camel case
Following codes use
pool_asset
although other IERC20 variable (e.g.,transferAsset
) is named with camel case.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L123
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L136
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L146
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L154
They should be following:
[QA-2] Unnecessary parentheses
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L340
Parentheses wrapping
id
is not necessary, and can be written like this:[QA-3] Inconsistent return variables
There are some functions which have return variable is defined but
return
is used in the function.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L375-L380
On the other hand, other functions set return variable and does not use
return
at the function.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L383-L385
It depends on the dev's preference, but for the consistency, withdraw function can be written like this if it defines
amountWithdrawn
return variable:Aside from
withdraw
function, following 4 functions define return variable although the defined variables are not used.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L388-L390
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L435-L438
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L441-L446
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathToken.sol#L525-L527
BathPair.sol
[QA-4] Add handling when current.length becomes 0 at
handleStratOrderAtID
functionhandleStratOrderAtID function has following logic:
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathPair.sol#L274-L277
When
current
is empty uint256 array,current.length - 1
will be underflown. As a result,current[target] = current[current.length - 1]
would fail sincecurrent[underflown index]
may not have a proper value.Depending on the expected product behavior, this part should have more additional checks to prevent the errors.
[QA-5] Naming inconsistency - consider using camel case
Although function names and variable names use camel case consistently, but following two function and variable are the exceptions.
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathPair.sol#L43
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathPair.sol#L205
It should consider using the camel case to be consistent.
BathHouse.sol
[QA-6] Unnecessary parentheses
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathHouse.sol#L179
There is an extra parentheses wrapping
desiredPairedAsset
. It can be written like this:[QA-7] Incorrect comment on setBathTokenMarket function
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathHouse.sol#L285-L286
setBathTokenMarket
function seems not settingtimeDelay
.[QA-8] Extra space and line exists
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathHouse.sol#L423-L429
The above part can be written like this by removing extra line and space.
RubiconRouter.sol
[QA-9] Unnecessary parentheses
Following part has unnecesssary parentheses.
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L173-L177
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L188
They can be written like these by removing unnecessary parentheses:
[QA-10] Typo in the comment at various functions
payed
seems to be typo in the comment.Following three places have the typo.
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L221
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L197
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L164
In this contract,
paid
seems to be correct.[QA-11] Inconsistent return variable
buyAllAmountForETH function defines
file
variable at its return value.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L365
However,
return fill
is executed at the end of the function.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconRouter.sol#L379
Throughout this file, when function defines return variable, it does not actually execute return at the end of the function. (e.g., buyAllAmountWithETH function). So it should be better to follow how buyAllAmountWithETH or other functions do.
The text was updated successfully, but these errors were encountered: