c4-judge
commented
1 year ago Picodes marked the issue as duplicate of #391
Closed c4-judge closed 1 year ago
c4-judge
commented
1 year ago Picodes marked the issue as duplicate of #391
c4-judge
commented
1 year ago Picodes marked the issue as partial-50
Picodes
commented
1 year ago Partial credit as the warden only discuss the fee implication and not the pool price or potential MEV
c4-judge
commented
1 year ago Picodes marked the issue as full credit
c4-judge
commented
1 year ago Picodes marked the issue as duplicate of #91
c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
c4-judge
commented
1 year ago Picodes marked the issue as partial-50
Judge has assessed an item in Issue #38 as M risk. The relevant finding follows:
L2. Pool selection for the compound is not restricted Compound function of AutoPxGmx contract is public and available for everyone. An attacker can create a custom pool with a higher fee value (currently, on tests it uses 0.3%, but it's possible to create a pool with a max of 1% fee) on Uniswap and manually execute compound function to drain gmxBaseReward from higher fees. The issue is minor while Uniswap limits pool fees to 1%, but in the future, in case it will be changed - the issue could become more critical.
Path: ./external/vaults/AutoPxGmx.sol : compound() Recommendation: Do not allow it to pass a custom fee value (use fee from state variable).