This issue aggregates multiple problems with low and informational severity that were discovered during the audit.
Vulnerability Detail
Any excessive amount of tokens sent to BribeRewarder will get locked and it will be not possible to withdraw them. This is possible because no strict equalities are used in bribe and fundAndBribe functions.
RewarderFactory is missing overriding renounceOwnership as it is done for all the other contracts, which makes it possible to accidentally renounce ownership of the RewarderFactory.
The loop in the _bribe function of BribeRewarder iterates too many times for (uint256 i = 0; i <= bribeEpochs; ++i). The used check should be i < bribeEpochs.
transferFrom and safeTransferFrom are overridden with nonReentrant but they will not work in the first place because of overridden _update function to prevent any transfers.
safeTransferFrom function uses transferFrom under the hood but it has also nonReentrant modifier added which leads to double non reentrant check and revert with ReentrancyGuardReentrantCall
owner/operator/_lbHooksManager can add the same farm multiple times.
The BribeRewarder contract cannot be used with higher number of rewarding periods because of the for loop iterating over all periods and propagating data. This for high number of rewarding periods will lead to out-of-gas issues.
Blunt Carmine Camel
Low/Info
Multiple Low/Info Severity Issues
Summary
This issue aggregates multiple problems with low and informational severity that were discovered during the audit.
Vulnerability Detail
BribeRewarder
will get locked and it will be not possible to withdraw them. This is possible because no strict equalities are used inbribe
andfundAndBribe
functions.RewarderFactory
is missing overridingrenounceOwnership
as it is done for all the other contracts, which makes it possible to accidentally renounce ownership of theRewarderFactory
._bribe
function ofBribeRewarder
iterates too many timesfor (uint256 i = 0; i <= bribeEpochs; ++i)
. The used check should bei < bribeEpochs
.transferFrom
andsafeTransferFrom
are overridden withnonReentrant
but they will not work in the first place because of overridden_update
function to prevent any transfers.safeTransferFrom
function usestransferFrom
under the hood but it has alsononReentrant
modifier added which leads to double non reentrant check and revert withReentrancyGuardReentrantCall
owner
/operator
/_lbHooksManager
can add the same farm multiple times.BribeRewarder
contract cannot be used with higher number of rewarding periods because of the for loop iterating over all periods and propagating data. This for high number of rewarding periods will lead to out-of-gas issues.Impact
N/A
Code Snippet
N/A
Tool used
Manual Review
Recommendation
It is recommended to address all listed issues.