QA Report #483
Labels
bug
Something isn't working
edited-by-warden
invalid
This doesn't seem right
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
[L-01] Unsafe ERC20 tokens transferring
Targets
Impact
Seller might not receive the payment for their token in the case when the ERC20 transfer fails and doesn't revert.
Proof of Concept
ExecutionDelegate
is used to transfer payments from buyers to sellers. Payments are ERC20 tokens, and some ERC20implementations (e.g. ZRX) return a
boolean on failure instead of reverting. In case such token is used as payment token, a failed transfer won't cause a
revert. Since
ExecutionDelegate
doesn't verify the return value ofsafeTransfer
,a failed transfer will result in a false positive: the seller won't get the payment, but the buyer will receive the token.
While only WETH (which reverts on failures) is allowed to be used as the payment token in the current implementation,
future modifications of the code might introduce new tokens, or the current version of the code might be deployed to
networks that use a non-reverting ERC20 wrapper implementation for their native currency.
Recommended Mitigation Steps
Consider validating the return value of the
ERC20.safeTransferFrom
inExecutionDelegate
. Use OpenZeppelin's SafeERC20as a reference.
[NC-01]
Opened
andClosed
events can be emitted when exchange is already opened/closedTargets
Impact
Opened
andClosed
events can be emitted when is already in opened/closed state. This can cause confusion in off-chainservices that track activity of the exchange.
Recommended Mitigation Steps
Disallow emitting of
Opened
andClosed
events when exchange is already in the target state.[NC-02] Missing indexed field in events
Targets
Impact
Indexed fields allow to search events by values of indexed fields, which makes historical analysis of smart contracts
possible.
Recommended Mitigation Steps
Add
indexed
fields to events that don't have them.[NC-03]
ecrecover
is malleableTargets
Impact
The
ecrecover
function allows malleable signatures: a signature remain valid if its s-value gets flipped into the otherhalf of its range. Since a malleability check is missed in the code, it's allowed to submit signatures with either s-value.
However, this doesn't bear any risks, thus the non-critical status of the finding.
Recommended Mitigation Steps
Consider adding a malleability check.
[NC-04] Redundant v-value check in
_recover
Targets
Impact
The v-value check is redundant since all client implementations check it. See:
Recommended Mitigation Steps
Consider removing the redundant v-value check.
The text was updated successfully, but these errors were encountered: