Closed c4-bot-10 closed 3 months ago
https://github.com/code-423n4/2024-02-wise-lending/blob/79186b243d8553e66358c05497e5ccfd9488b5e2/contracts/WiseLending.sol#L329-L343
Function is missing important event logs, sensitive actions is performed but there are no events being emitted.
Lack of sensitive informations by users.
Manual Review
function collateralizeDeposit( uint256 _nftId, address _poolToken ) external syncPool(_poolToken) { WISE_SECURITY.checksCollateralizeDeposit( _nftId, msg.sender, _poolToken ); userLendingData[_nftId][_poolToken].unCollateralized = false; }
Emit an eventLog upon successfull deposit
+ event DepositCollateralized( + address indexed sender, + uint256 indexed nftId, + address indexed token, + uint256 amount, + uint256 shares, + uint256 timestamp + ); function collateralizeDeposit( uint256 _nftId, address _poolToken ) external syncPool(_poolToken) { WISE_SECURITY.checksCollateralizeDeposit( _nftId, msg.sender, _poolToken ); userLendingData[_nftId][_poolToken].unCollateralized = false; + _emitDepositCollateralized(msg.sender, _nftId, _poolToken); }
Context
GalloDaSballo marked the issue as insufficient quality report
Event as a Med = Scrap pls
Disqualified.
trust1995 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2024-02-wise-lending/blob/79186b243d8553e66358c05497e5ccfd9488b5e2/contracts/WiseLending.sol#L329-L343
Vulnerability details
Description:
Function is missing important event logs, sensitive actions is performed but there are no events being emitted.
Impact:
Lack of sensitive informations by users.
Tools Used
Manual Review
Proof Of Concept:
Recommended Mitigation Steps:
Emit an eventLog upon successfull deposit
Assessed type
Context