Open code423n4 opened 2 years ago
WatchPug
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L26-L31
/// Update pending governor function setPendingGov(address newPendingGov) governed public { address old = pendingGov; pendingGov = newPendingGov; emit NewPendingGov(old, newPendingGov); }
old is unnecessary as it's being used only once. Can be changed to:
old
/// Update pending governor function setPendingGov(address newPendingGov) governed public { emit NewPendingGov(pendingGov, newPendingGov); pendingGov = newPendingGov; }
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L237-L238
uint256 globalStreamingSpeedPerSecond = (uint256(unstreamed) * 10**6)/ (endStream - lastUpdate); unstreamed -= uint112((uint256(tdelta) * globalStreamingSpeedPerSecond) / 10**6);
Can be changed to:
unstreamed -= uint112((uint256(tdelta) * (uint256(unstreamed) * 10**6)/ (endStream - lastUpdate)) / 10**6);
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L417-L447
function stake(uint112 amount) public lock updateStream(msg.sender) { require(amount > 0, "amt"); // checked in updateStream // require(block.timestamp < endStream, "stake:!stream"); // transfer tokens over uint256 prevBal = ERC20(depositToken).balanceOf(address(this)); ERC20(depositToken).safeTransferFrom(msg.sender, address(this), amount); uint256 newBal = ERC20(depositToken).balanceOf(address(this)); require(newBal <= type(uint112).max && newBal > prevBal, "erc"); uint112 trueDepositAmt = uint112(newBal - prevBal); depositTokenAmount += trueDepositAmt; TokenStream storage ts = tokensNotYetStreamed[msg.sender]; ts.tokens += trueDepositAmt; uint256 virtualBal = dilutedBalance(trueDepositAmt); ts.virtualBalance += virtualBal; totalVirtualBalance += virtualBal; unstreamed += trueDepositAmt; if (!isSale) { // not a straight sale, so give the user some receipt tokens _mint(msg.sender, trueDepositAmt); } else { } emit Staked(msg.sender, trueDepositAmt); }
trueDepositAmt can be replaced with amount.
trueDepositAmt
amount
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L500-L511
function createIncentive(address token, uint112 amount) public lock { require(token != rewardToken && token != depositToken, "inc"); uint256 prevBal = ERC20(token).balanceOf(address(this)); ERC20(token).safeTransferFrom(msg.sender, address(this), amount); uint256 newBal = ERC20(token).balanceOf(address(this)); require(newBal <= type(uint112).max && newBal > prevBal, "erc"); uint112 amt = uint112(newBal - prevBal); incentives[token] += amt; emit StreamIncentivized(token, amt); }
amt can be replaced with amount.
amt
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L743-L743
(bool success, bytes memory _ret) = who.call(data);
(bool success, ) = who.call(data);
Handle
WatchPug
Vulnerability details
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L26-L31
old
is unnecessary as it's being used only once. Can be changed to:https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L237-L238
Can be changed to:
https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L417-L447
trueDepositAmt
can be replaced withamount
.https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L500-L511
amt
can be replaced withamount
.https://github.com/code-423n4/2021-11-streaming/blob/56d81204a00fc949d29ddd277169690318b36821/Streaming/src/Locke.sol#L743-L743
Can be changed to: