search

sherlock-audit / 2024-08-cork-protocol-judging

2 stars 2 forks source link

Mammoth Laurel Nightingale - L - 1 use-nested-if #299

Closed sherlock-admin4 closed 2 months ago

sherlock-admin4 commented 2 months ago

Mammoth Laurel Nightingale

Low/Info

L - 1 use-nested-if

Summary

Vulnerability Detail

Impact


2024-08-cork-protocol-0xjoichiro/Depeg-swap/contracts/libraries/uni-v2/UniswapV2Library.sol

           30┆ if (token0 == ra && token1 == ct) {
           31┆     raAmountOut = token0Amount;
           32┆     ctAmountOut = token1Amount;
           33┆ } else if (token0 == ct && token1 == ra) {
           34┆     raAmountOut = token1Amount;
           35┆     ctAmountOut = token0Amount;
           36┆ } else {
           37┆     revert InvalidToken();
           38┆ }
            ⋮┆----------------------------------------
           33┆ } else if (token0 == ct && token1 == ra) {
           34┆     raAmountOut = token1Amount;
           35┆     ctAmountOut = token0Amount;
           36┆ } else {
           37┆     revert InvalidToken();
           38┆ }
            ⋮┆----------------------------------------
           49┆ if (token0 == ra && token1 == ct) {
           50┆     raAmountOut = token0Amount;
           51┆     ctAmountOut = token1Amount;
           52┆ } else if (token0 == ct && token1 == ra) {
           53┆     raAmountOut = token1Amount;
           54┆     ctAmountOut = token0Amount;
           55┆ } else {
           56┆     revert InvalidToken();
           57┆ }
            ⋮┆----------------------------------------
           52┆ } else if (token0 == ct && token1 == ra) {
           53┆     raAmountOut = token1Amount;
           54┆     ctAmountOut = token0Amount;
           55┆ } else {
           56┆     revert InvalidToken();
           57┆ }

2024-08-cork-protocol-0xjoichiro/Depeg-swap/contracts/libraries/VaultLib.sol

          163┆ if (raAmount == 0 && ctAmount == 0) {
          164┆     return;
          165┆ }

          530┆ if (userEligible == 0 && !ds.isExpired()) {
          531┆     revert Unauthorized(owner);
          532┆ }
            ⋮┆----------------------------------------
          536┆ if (!ds.isExpired() && userEligible < amount) {
          537┆     revert InsufficientBalance(owner, amount, userEligible);
          538┆ }
            ⋮┆----------------------------------------
          540┆ if (ds.isExpired() && !self.vault.lpLiquidated.get(dsId)) {
          541┆     _liquidatedLp(self, dsId, ammRouter, flashSwapRouter);
          542┆     assert(self.vault.balances.ra.locked == 0);
          543┆ }
            ⋮┆----------------------------------------
          576┆ if (self.vault.pool.withdrawEligible[owner] == 0 && !ds.isExpired()) {
          577┆     revert Unauthorized(owner);
          578┆ }
            ⋮┆----------------------------------------
          582┆ if (!ds.isExpired() && self.vault.pool.withdrawEligible[owner] < amount) {
          583┆     revert InsufficientBalance(owner, amount, self.vault.pool.withdrawEligible[owner]);
          584┆ }
            ⋮┆----------------------------------------
          590┆ if (ds.isExpired() && !self.vault.lpLiquidated.get(self.globalAssetIdx)) {
          591┆     (uint256 totalRa, uint256 pa) = _tryLiquidateLpAndRedeemCtToPsm(self,
               self.globalAssetIdx, flashSwapRouter);                                   
          592┆ 
          593┆     VaultPoolLibrary.tryReserve(withdrawalPool, ammLiquidityPool,
               self.vault.lv.totalIssued(), totalRa, pa);                       
          594┆ }

2024-08-cork-protocol-0xjoichiro/Depeg-swap/contracts/libraries/PsmLib.sol

          206┆ if (dsDeadline != 0 && ctDeadline != 0) {
          207┆     DepegSwapLibrary.permit(ds._address, rawDsPermitSig, owner, address(this), amount,
               dsDeadline);                                                                          
          208┆     DepegSwapLibrary.permit(ds.ct, rawCtPermitSig, owner, address(this), amount,
               ctDeadline);                                                                    
          209┆ }

2024-08-cork-protocol-0xjoichiro/Depeg-swap/contracts/core/CorkConfig.sol

           28┆ if (!hasRole(MANAGER_ROLE, msg.sender) && !hasRole(DEFAULT_ADMIN_ROLE, msg.sender)) {
           29┆     revert CallerNotManager();
           30┆ }

Code Snippet

Tool used

Manual Review

Recommendation

siddhpurakaran commented 1 month ago

Here most of conditions will majorly become true so even if we implement nested-if then also gas savings will not be impactful , so will not be worth to fix