search

sherlock-audit / 2023-07-kyber-swap-judging

12 stars 8 forks source link

JP_Courses - Some minor issues & recommendations #111

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

JP_Courses

false

Some minor issues & recommendations

Summary

Vulnerability Detail

  1. QA: Factory::removeNFTManager() - L139: incorrect/misleading comment.

https://github.com/sherlock-audit/2023-07-kyber-swap/blob/main/ks-elastic-sc/contracts/Factory.sol#L139

Existing comment: "Returns true if removal was successful, that is if it was not already present"

Recommendation: Corrected comment: "Returns true if removal was successful, that is if it was already present"

  1. QA: Factory::enableSwapFee() - L153: function visibility modifier: unless going to be called internally, which doesn't seem to be the case, suggest to change to external.

https://github.com/sherlock-audit/2023-07-kyber-swap/blob/main/ks-elastic-sc/contracts/Factory.sol#L153

  1. LOW: Factory::enableSwapFee() - L160: I suspect that < should actually be <= .

https://github.com/sherlock-audit/2023-07-kyber-swap/blob/main/ks-elastic-sc/contracts/Factory.sol#L158-L160

From below comment I suspect/assume that the max acceptable value for tick distance is actually 16384, which leads me to conclude that using < is wrong:

    // tick distance is capped at 16384 to prevent the situation where tickDistance is so large that
    // 16384 ticks represents a >5x price change with ticks of 1 bips
    require(tickDistance > 0 && tickDistance < 16384, 'invalid tickDistance');

Recommendation:

require(tickDistance > 0 && tickDistance <= 16384, 'invalid tickDistance');

Impact

QA/LOW impact.

Code Snippet

Tool used

VSC. Manual Review

Recommendation

As per above.

sherlock-admin commented 1 year ago

2 comment(s) were left on this issue during the judging contest.

Trumpero commented:

invalid, QA

YakuzaKiawe commented:

invalid as gas optimizations and low severity bugs are not included in Criteria for Issue Validity