Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QA Report #196

Open
code423n4 opened this issue Jun 3, 2022 · 3 comments
Open

QA Report #196

code423n4 opened this issue Jun 3, 2022 · 3 comments
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax

Comments

@code423n4
Copy link
Contributor

Summary of Findings for Low / Non-Critical issues

LOW

  • L-01 : Transaction reverted without a reason string, if invalid OrderType given

Non-Critical

  • NC-01 : wrong dev comments in function _assertRestrictedAdvancedOrderValidity
  • NC-02 : ConduitController can transfer ownership to the same owner

Details L-01

Title : Transaction reverted without a reason string, if invalid OrderType given

In the event the OrderType field is wrongly set to an invalid value like more than 3 , then the transaction will revert without a reason string.
Sample transaction output with a value set to 8

Transaction sent: 0xb0bf0b246a12051f24bc6413d7c6258c823d3a0bbeddf95febc0b126f9c148e6
Max fee: 2.076398196 gwei Priority fee: 2.0 gwei Gas limit: 30000000 Nonce: 4
Transaction confirmed (Transaction reverted without a reason string) Block: 27 Gas used: 31603 (0.11%) Gas price: 2.033439549 gwei

Impact

Debuggability will be an issue if no reason string is received

Recommended Mitigation Steps

Add a new Error String for invalid OrderType field , and check for the OrderType

Details NC-01

Title : wrong dev comments in function _assertRestrictedAdvancedOrderValidity

Proof of Concept

Contract : ZoneInteraction.sol
Line : 120

            // If no extraData or criteria resolvers are supplied...
            if (
                advancedOrder.extraData.length == 0 &&
                criteriaResolvers.length == 0
            ) {

Recommended Mitigation Steps

The comments for this 'if block' should be 'and' instead of 'or' as below

// If no extraData and criteria resolvers are supplied...

or can be still better worded as

// If both extraData and criteria resolvers are not supplied...

Details NC-02

Title : ConduitController can transfer ownership to the same owner

Impact

Unnecessary transaction

Proof of Concept

Contract : ConduitController
Function : transferOwnership
https://github.com/code-423n4/2022-05-opensea-seaport/blob/4140473b1f85d0df602548ad260b1739ddd734a5/contracts/conduit/ConduitController.sol#L189

Recommended Mitigation Steps

    error AlreadyOwner(address conduit);

    if (newPotentialOwner == _conduits[conduit].owner) {
        revert AlreadyOwner(conduit);
    }
@code423n4 code423n4 added bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax labels Jun 3, 2022
code423n4 added a commit that referenced this issue Jun 3, 2022
@code423n4
hubble issue #196
95e1fb5
@0xleastwood 0xleastwood added the invalid This doesn't seem right label Jun 23, 2022
@HardlyDifficult HardlyDifficult removed the invalid This doesn't seem right label Jul 6, 2022
@code-423n4 code-423n4 deleted a comment from 0xleastwood Jul 6, 2022
@GalloDaSballo
Copy link

Details NC-01

Valid NC

Rest I disagree with

L-01 -> No Code, No POC
NC-02 -> That increases gas cost to no benefit

@KenzoAgada
Copy link

NC-02 "ConduitController can transfer ownership to the same owner" was considered valid low on #90

@GalloDaSballo
Copy link

Re-valued to NC

NC-02 -> Valid NC

2NC

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@GalloDaSballo @HardlyDifficult @0xleastwood @code423n4 @KenzoAgada