Open GalloDaSballo opened 3 months ago
Events in SwapPair are logging msg.sender which will always be swapOperations
msg.sender
swapOperations
https://github.com/blkswnStudio/ap/blob/8fab2b32b4f55efd92819bd1d0da9bed4b339e87/packages/contracts/contracts/SwapPair.sol#L125-L126
emit Mint(msg.sender, amount0, amount1); /// @audit QA: Mint should change to `to`
https://github.com/blkswnStudio/ap/blob/8fab2b32b4f55efd92819bd1d0da9bed4b339e87/packages/contracts/contracts/SwapPair.sol#L169
emit Burn(msg.sender, amount0, amount1, to); /// @audit QA: Mint should change to `to` or to the cdp Owner
Either change the log to to (the recipient), or add a initiator parameter and log that one
to
initiator
Alternatively, move the events in the SwapOperations
SwapOperations
sambP
commented
2 months ago sambP
commented
2 months ago
Impact
Events in SwapPair are logging
msg.senderwhich will always beswapOperationshttps://github.com/blkswnStudio/ap/blob/8fab2b32b4f55efd92819bd1d0da9bed4b339e87/packages/contracts/contracts/SwapPair.sol#L125-L126
https://github.com/blkswnStudio/ap/blob/8fab2b32b4f55efd92819bd1d0da9bed4b339e87/packages/contracts/contracts/SwapPair.sol#L169
Mitigation
Either change the log to
to(the recipient), or add ainitiatorparameter and log that oneAlternatively, move the events in the
SwapOperations