issues
search
Tsunami-Exchange
/
tsunami-contracts
Tsunami Exchange Smart Contracts (RIDE)
2
stars
3
forks
source link
Brief audit of `mining.ride`
#20
Open
deemru
opened
1 year ago
deemru
commented
1 year ago
[ ] MEDIUM: periods must be in the past so
https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L552
should be checked inside the FOLD as
period < getWeekId(TIME)
https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L356-L357
[ ] LOW: 12 vs. 16
https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L360
https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L369
[ ] HIGH:
rewardAssetRate
not depends on
_weekId
https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L303
can lead to 0 or less reward in the long run for a user which was supposed to have more reward if he claimed in different time
https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L310-L311
period < getWeekId(TIME)https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L356-L357rewardAssetRatenot depends on_weekIdhttps://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L303 can lead to 0 or less reward in the long run for a user which was supposed to have more reward if he claimed in different time https://github.com/Tsunami-Exchange/tsunami-contracts/blob/061ffa89f2ca8bb57ade97324bfc55f0581630cc/contracts/ride/mining.ride#L310-L311