Open code423n4 opened 2 years ago
LOW‑1 | Missing Checks for Address(0x0) | 20 L
LOW‑2 | Missing Contract-existence Checks Before Low-level Calls | 3 Disputing
LOW‑3 | Critical Changes Should Use Two-step Procedure | 10 NC
LOW‑4 | Low Level Calls With Solidity Version 0.8.14 Can Result In Optimiser Bug | 2 R
LOW‑5 | Missing parameter validation Already awarded L-1
NC‑1 | Use a more recent version of Solidity | 28 R
NC‑2 | Public Functions Not Called By The Contract Should Be Declared External Instead | 6 R
NC‑3 | Constants Should Be Defined Rather Than Using Magic Numbers | 13 Disputing the instances given
NC‑4 | Missing event for critical parameter change | 1 NC
NC‑5 | Implementation contract may not be initialized | 5 R
NC‑6 | Use of Block.Timestamp | 8 Disagree with blanket statement
NC‑7 | Non-usage of specific imports | 78 NC
NC‑8 | Lines are too long | 64 NC
NC‑9 | Use bytes.concat() NC
1L 4R 5NC
GalloDaSballo marked the issue as grade-c
GalloDaSballo marked the issue as grade-b
Bumped to B after Post Judging QA
Summary
Low Risk Issues
Total: 36 instances over 5 issues
Non-critical Issues
bytes.concat()
Total: 204 instances over 9 issues
Low Risk Issues
[LOW‑1] Missing Checks for Address(0x0)
Lack of zero-address validation on address parameters may lead to transaction reverts, waste gas, require resubmission of transactions and may even force contract redeployments in certain cases within the protocol.
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L215
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L468
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L304
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L420
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L466
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L616
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L688
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L274
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L308
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L352
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L377
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L407
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L431
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L459
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L493
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L531
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L561
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L594
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L622
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L642
Recommended Mitigation Steps
Consider adding explicit zero-address validation on input parameters of address type.
[LOW‑2] Missing Contract-existence Checks Before Low-level Calls
Low-level calls return success if there is no code present at the specified address.
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L964
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/TokenHelper.sol#L28
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/TokenHelper.sol#L46
Recommended Mitigation Steps
In addition to the zero-address checks, add a check to verify that
<address>.code.length > 0
[LOW‑3] Critical Changes Should Use Two-step Procedure
The critical procedures should be two step process.
See similar findings in previous Code4rena contests for reference: https://code4rena.com/reports/2022-06-illuminate/#2-critical-changes-should-use-two-step-procedure
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L215
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L312
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L340
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L423
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L468
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L474
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L485
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L788
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBToken.sol#L122
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L59
Recommended Mitigation Steps
Lack of two-step procedure for critical operations leaves them error-prone. Consider adding two step procedure on the critical functions.
[LOW‑4] Low Level Calls With Solidity Version 0.8.14 Can Result In Optimiser Bug
The project contracts in scope are using low level calls with solidity version before 0.8.14 which can result in optimizer bug. https://medium.com/certora/overly-optimistic-optimizer-certora-bug-disclosure-2101e3f7994d
Simliar findings in Code4rena contests for reference: https://code4rena.com/reports/2022-06-illuminate/#5-low-level-calls-with-solidity-version-0814-can-result-in-optimiser-bug
Proof Of Concept
POC can be found in the above medium reference url.
Functions that execute low level calls in contracts with solidity version under 0.8.14
https://github.com/code-423n4/2022-10-traderjoe/blob/main/src/LBPair.sol#L654-L661
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L998-L1005
Recommended Mitigation Steps
Consider upgrading to at least solidity v0.8.15.
[LOW‑5] Missing parameter validation
Some parameters of constructors are not checked for invalid values.
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBQuoter.sol#L41-L43
Recommended Mitigation Steps
Validate the parameters.
Non Critical Issues
[NC‑1] Use a more recent version of Solidity
Use a solidity version of at least 0.8.4 to get bytes.concat() instead of abi.encodePacked(,)
Use a solidity version of at least 0.8.12 to get string.concat() instead of abi.encodePacked(,)
Use a solidity version of at least 0.8.13 to get the ability to use using for with a list of free functions
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/lib/openzeppelin-contracts/contracts/utils/math/SafeCast.sol#L4
https://github.com/code-423n4/2022-10-traderjoe/tree/main/lib/openzeppelin-contracts/contracts/utils/math/SafeMath.sol#L4
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBErrors.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBQuoter.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBToken.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/BinHelper.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/BitMath.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Buffer.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Constants.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Decoder.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Encoder.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeDistributionHelper.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeHelper.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/JoeLibrary.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/ReentrancyGuardUpgradeable.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/SafeCast.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/SafeMath.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/SwapHelper.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/TokenHelper.sol#L3
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/TreeMath.sol#L3
Recommended Mitigation Steps
Consider updating to a more recent solidity version.
[NC‑2] Public Functions Not Called By The Contract Should Be Declared External Instead
Contracts are allowed to override their parents’ functions and change the visibility from external to public.
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBToken.sol#L122
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBToken.sol#L149
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L59
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L68
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L75
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L84
[NC‑3] Constants Should Be Defined Rather Than Using Magic Numbers
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L143-L151
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L159
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L189
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L261
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L364
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L403
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L558
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L270
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L699
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L891
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L725
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L791-L795
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L891
[NC‑5] Missing event for critical parameter change
When changing state variables events are not emitted. Emitting events allows monitoring activities with off-chain monitoring tools.
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L788
[NC‑5] Implementation contract may not be initialized
OpenZeppelin recommends that the initializer modifier be applied to constructors. Per OZs Post implementation contract should be initialized to avoid potential griefs or exploits. https://forum.openzeppelin.com/t/uupsupgradeable-vulnerability-post-mortem/15680/5
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L63
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L90
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBQuoter.sol#L40-L44
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L52-L56
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L41
[NC‑6] Use of Block.Timestamp
Block timestamps have historically been used for a variety of applications, such as entropy for random numbers (see the Entropy Illusion for further details), locking funds for periods of time, and various state-changing conditional statements that are time-dependent. Miners have the ability to adjust timestamps slightly, which can prove to be dangerous if block timestamps are used incorrectly in smart contracts. References: SWC ID: 116
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L208
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L394
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L38
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeHelper.sol#L56
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeHelper.sol#L72
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L118
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L46
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L58
Recommended Mitigation Steps
Block timestamps should not be used for entropy or generating random numbers—i.e., they should not be the deciding factor (either directly or through some derivation) for winning a game or changing an important state.
Time-sensitive logic is sometimes required; e.g., for unlocking contracts (time-locking), completing an ICO after a few weeks, or enforcing expiry dates. It is sometimes recommended to use block.number and an average block time to estimate times; with a 10 second block time, 1 week equates to approximately, 60480 blocks. Thus, specifying a block number at which to change a contract state can be more secure, as miners are unable to easily manipulate the block number.
[NC‑7] Non-usage of specific imports
The current form of relative path import is not recommended for use because it can unpredictably pollute the namespace. Instead, the Solidity docs recommend specifying imported symbols explicitly. https://docs.soliditylang.org/en/v0.8.15/layout-of-source-files.html#importing-other-source-files
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBErrors.sol#L5
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L8-L13
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L7-L22
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBQuoter.sol#L5-L12
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L7-L16
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBToken.sol#L7-L8
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/BinHelper.sol#L5-L6
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeDistributionHelper.sol#L7-L11
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeHelper.sol#L5-L7
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/JoeLibrary.sol#L5
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L5-L8
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L5-L6
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L5-L7
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/PendingOwnable.sol#L5-L6
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/ReentrancyGuardUpgradeable.sol#L5
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/SafeCast.sol#L5
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L5
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/SwapHelper.sol#L5-L11
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/TreeMath.sol#L5-L6
Recommended Mitigation Steps
Use specific imports syntax per solidity docs recommendation.
[NC‑8] Lines are too long
Usually lines in source code are limited to 80 characters. Today's screens are much larger so it's reasonable to stretch this in some cases. Since the files will most likely reside in GitHub, and GitHub starts using a scroll bar in all cases when the length is over 164 characters, the lines below should be split when they reach that length Reference: https://docs.soliditylang.org/en/v0.8.10/style-guide.html#maximum-line-length
Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L38
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L43
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L44
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L47
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L48
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L56
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L307
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L332
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L336
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L466
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#L562
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L26
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L67
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L166
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L241
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L298
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L458
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L571
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L610
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBPair.sol#L1010
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L122
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L523
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L553
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBRouter.sol#L587
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBToken.sol#L119
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/BitMath.sol#L9
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/BitMath.sol#L12
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/BitMath.sol#L13
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeHelper.sol#L22
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/FeeHelper.sol#L104
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/JoeLibrary.sol#L29
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/JoeLibrary.sol#L43
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L30
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L31
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L33
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L37
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L38
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L57
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math128x128.sol#L60
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L170
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L213
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L232
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L233
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L237
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L246
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L247
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Math512Bits.sol#L248
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L99
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L134
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L135
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L136
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Oracle.sol#L137
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L15
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L16
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L17
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/Samples.sol#L49
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/libraries/TreeMath.sol#L18
[NC‑9] Use
bytes.concat()
Solidity version 0.8.4 introduces
bytes.concat()
(vsabi.encodePacked(<bytes>,<bytes>)
)Proof Of Concept
https://github.com/code-423n4/2022-10-traderjoe/tree/main/src/LBFactory.sol#574
Recommended Mitigation Steps
Use
bytes.concat()
and upgrade to at least Solidity version 0.8.4 if required.