Skip to content

Commit

Permalink
Fixed oz-audit-2 issue N02: Made internal variable naming more consis… (
Browse files Browse the repository at this point in the history 
#207)

* Fixed underflow in captureAwardBalance

* Fixes OZ Audit 2 issues M01 and L02

* Update yVaultInterface#token() to return IERC20 interface

* Fixed oz-audit-2 issue N02: Made internal variable naming more consistent.
  • Loading branch information
@asselstine
asselstine committed Nov 30, 2020
1 parent a65c64a commit 7cb1756
Showing 1 changed file with 20 additions and 20 deletions.
40 changes: 20 additions & 20 deletions contracts/prize-pool/PrizePool.sol
View file
Expand Up @@ -194,10 +194,10 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
mapping(address => uint256) internal _unlockTimestamps;

/// @dev Stores the credit plan for each token.
mapping(address => CreditPlan) internal tokenCreditPlans;
mapping(address => CreditPlan) internal _tokenCreditPlans;

/// @dev Stores each users balance of credit per token.
mapping(address => mapping(address => CreditBalance)) internal tokenCreditBalances;
mapping(address => mapping(address => CreditBalance)) internal _tokenCreditBalances;

/// @notice Initializes the Prize Pool
/// @param _trustedForwarder Address of the Forwarding Contract for GSN Meta-Txs
Expand Down Expand Up @@ -721,7 +721,7 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
function _calculateEarlyExitFeeNoCredit(address controlledToken, uint256 amount) internal view returns (uint256) {
return _limitExitFee(
amount,
FixedPoint.multiplyUintByMantissa(amount, tokenCreditPlans[controlledToken].creditLimitMantissa)
FixedPoint.multiplyUintByMantissa(amount, _tokenCreditPlans[controlledToken].creditLimitMantissa)
);
}

Expand Down Expand Up @@ -760,7 +760,7 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
{
// interest = credit rate * principal * time
// => time = interest / (credit rate * principal)
uint256 accruedPerSecond = FixedPoint.multiplyUintByMantissa(_principal, tokenCreditPlans[_controlledToken].creditRateMantissa);
uint256 accruedPerSecond = FixedPoint.multiplyUintByMantissa(_principal, _tokenCreditPlans[_controlledToken].creditRateMantissa);
if (accruedPerSecond == 0) {
return 0;
}
Expand All @@ -771,7 +771,7 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
/// @param user The user whose credit should be burned
/// @param credit The amount of credit to burn
function _burnCredit(address user, address controlledToken, uint256 credit) internal {
tokenCreditBalances[controlledToken][user].balance = uint256(tokenCreditBalances[controlledToken][user].balance).sub(credit).toUint128();
_tokenCreditBalances[controlledToken][user].balance = uint256(_tokenCreditBalances[controlledToken][user].balance).sub(credit).toUint128();

emit CreditBurned(user, controlledToken, credit);
}
Expand All @@ -791,20 +791,20 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,

function _calculateCreditBalance(address user, address controlledToken, uint256 controlledTokenBalance, uint256 extra) internal view returns (uint256) {
uint256 newBalance;
CreditBalance storage creditBalance = tokenCreditBalances[controlledToken][user];
CreditBalance storage creditBalance = _tokenCreditBalances[controlledToken][user];
if (!creditBalance.initialized) {
newBalance = 0;
} else {
uint256 credit = calculateAccruedCredit(user, controlledToken, controlledTokenBalance);
uint256 credit = _calculateAccruedCredit(user, controlledToken, controlledTokenBalance);
newBalance = _applyCreditLimit(controlledToken, controlledTokenBalance, uint256(creditBalance.balance).add(credit).add(extra));
}
return newBalance;
}

function _updateCreditBalance(address user, address controlledToken, uint256 newBalance) internal {
uint256 oldBalance = tokenCreditBalances[controlledToken][user].balance;
uint256 oldBalance = _tokenCreditBalances[controlledToken][user].balance;

tokenCreditBalances[controlledToken][user] = CreditBalance({
_tokenCreditBalances[controlledToken][user] = CreditBalance({
balance: newBalance.toUint128(),
timestamp: _currentTime().toUint32(),
initialized: true
Expand All @@ -825,7 +825,7 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
function _applyCreditLimit(address controlledToken, uint256 controlledTokenBalance, uint256 creditBalance) internal view returns (uint256) {
uint256 creditLimit = FixedPoint.multiplyUintByMantissa(
controlledTokenBalance,
tokenCreditPlans[controlledToken].creditLimitMantissa
_tokenCreditPlans[controlledToken].creditLimitMantissa
);
if (creditBalance > creditLimit) {
creditBalance = creditLimit;
Expand All @@ -839,15 +839,15 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
/// @param controlledToken The controlled token that the user holds
/// @param controlledTokenBalance The user's current balance of the controlled tokens.
/// @return The credit that has accrued since the last credit update.
function calculateAccruedCredit(address user, address controlledToken, uint256 controlledTokenBalance) internal view returns (uint256) {
uint256 userTimestamp = tokenCreditBalances[controlledToken][user].timestamp;
function _calculateAccruedCredit(address user, address controlledToken, uint256 controlledTokenBalance) internal view returns (uint256) {
uint256 userTimestamp = _tokenCreditBalances[controlledToken][user].timestamp;

if (!tokenCreditBalances[controlledToken][user].initialized) {
if (!_tokenCreditBalances[controlledToken][user].initialized) {
return 0;
}

uint256 deltaTime = _currentTime().sub(userTimestamp);
uint256 creditPerSecond = FixedPoint.multiplyUintByMantissa(controlledTokenBalance, tokenCreditPlans[controlledToken].creditRateMantissa);
uint256 creditPerSecond = FixedPoint.multiplyUintByMantissa(controlledTokenBalance, _tokenCreditPlans[controlledToken].creditRateMantissa);
return deltaTime.mul(creditPerSecond);
}

Expand All @@ -856,7 +856,7 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
/// @return The balance of the users credit
function balanceOfCredit(address user, address controlledToken) external onlyControlledToken(controlledToken) returns (uint256) {
_accrueCredit(user, controlledToken, IERC20(controlledToken).balanceOf(user), 0);
return tokenCreditBalances[controlledToken][user].balance;
return _tokenCreditBalances[controlledToken][user].balance;
}

/// @notice Sets the rate at which credit accrues per second. The credit rate is a fixed point 18 number (like Ether).
Expand All @@ -872,7 +872,7 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
onlyControlledToken(_controlledToken)
onlyOwner
{
tokenCreditPlans[_controlledToken] = CreditPlan({
_tokenCreditPlans[_controlledToken] = CreditPlan({
creditLimitMantissa: _creditLimitMantissa,
creditRateMantissa: _creditRateMantissa
});
Expand All @@ -894,8 +894,8 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
uint128 creditRateMantissa
)
{
creditLimitMantissa = tokenCreditPlans[controlledToken].creditLimitMantissa;
creditRateMantissa = tokenCreditPlans[controlledToken].creditRateMantissa;
creditLimitMantissa = _tokenCreditPlans[controlledToken].creditLimitMantissa;
creditRateMantissa = _tokenCreditPlans[controlledToken].creditRateMantissa;
}

/// @notice Calculate the early exit for a user given a withdrawal amount. The user's credit is taken into account.
Expand Down Expand Up @@ -932,8 +932,8 @@ abstract contract PrizePool is YieldSource, OwnableUpgradeSafe, RelayRecipient,
uint256 remainingExitFee = _calculateEarlyExitFeeNoCredit(controlledToken, controlledTokenBalance.sub(amount));

uint256 availableCredit;
if (tokenCreditBalances[controlledToken][from].balance >= remainingExitFee) {
availableCredit = uint256(tokenCreditBalances[controlledToken][from].balance).sub(remainingExitFee);
if (_tokenCreditBalances[controlledToken][from].balance >= remainingExitFee) {
availableCredit = uint256(_tokenCreditBalances[controlledToken][from].balance).sub(remainingExitFee);
}

// Determine amount of credit to burn and amount of fees required
Expand Down

0 comments on commit 7cb1756

Please sign in to comment.