QA Report

[code423n4]

transfer return value of a general ERC20 is ignored

Need to use safeTransfer instead of transfer. As there are popular tokens, such as USDT that transfer/trasnferFrom method doesn’t return anything. The transfer return value has to be checked (as there are some other tokens that returns false instead revert), that means you must

1. Check the transfer return value
   Another popular possibility is to add a whiteList.
   Those are the appearances (solidity file, line number, actual line):

Code instances:

    Basket.sol, 94 (withdrawMultipleERC20), IERC20(_tokens[i]).transfer(msg.sender, IERC20(_tokens[i]).balanceOf(address(this)));
    UpgradedNibblVault.sol, 470 (withdrawMultipleERC20), IERC20(_assets[i]).transfer(_to, IERC20(_assets[i]).balanceOf(address(this)));
    NibblVault.sol, 517 (withdrawERC20), IERC20(_asset).transfer(_to, IERC20(_asset).balanceOf(address(this)));
    NibblVault.sol, 526 (withdrawMultipleERC20), IERC20(_assets[i]).transfer(_to, IERC20(_assets[i]).balanceOf(address(this)));
    UpgradedNibblVault.sol, 462 (withdrawERC20), IERC20(_asset).transfer(_to, IERC20(_asset).balanceOf(address(this)));

Div by 0

Division by 0 can lead to accidentally revert,
(An example of a similar issue - code-423n4/2021-10-defiprotocol-findings#84)

Code instances:

    https://github.com/code-423n4/2022-06-nibbl/tree/main/contracts/NibblVault.sol#L183 _initialTokenSupply, _initialTokenPrice might be 0

Div by 0

Division by 0 can lead to accidentally revert,
(An example of a similar issue - code-423n4/2021-10-defiprotocol-findings#84)

Code instances:

    https://github.com/code-423n4/2022-06-nibbl/tree/main/contracts/NibblVault.sol#L183 _initialTokenSupply, _initialTokenPrice might be 0

Init frontrun

Most contracts use an init pattern (instead of a constructor) to initialize contract parameters. Unless these are enforced to be atomic with contact deployment via deployment script or factory contracts, they are susceptible to front-running race conditions where an attacker/griefer can front-run (cannot access control because admin roles are not initialized) to initially with their own (malicious) parameters upon detecting (if an event is emitted) which the contract deployer has to redeploy wasting gas and risking other transactions from interacting with the attacker-initialized contract.

Many init functions do not have an explicit event emission which makes monitoring such scenarios harder. All of them have re-init checks; while many are explicit some (those in auction contracts) have implicit reinit checks in initAccessControls() which is better if converted to an explicit check in the main init function itself.
(details credit to: code-423n4/2021-09-sushimiso-findings#64)
The vulnerable initialization functions in the codebase are:

Code instances:

    Basket.sol, initialise, 23
    NibblVault.sol, initialize, 173
    UpgradedNibblVault.sol, initialize, 168

Two Steps Verification before Transferring Ownership

The following contracts have a function that allows them an admin to change it to a different address. If the admin accidentally uses an invalid address for which they do not have the private key, then the system gets locked.
It is important to have two steps admin change where the first is announcing a pending new admin and the new address should then claim its ownership.
A similar issue was reported in a previous contest and was assigned a severity of medium: code-423n4/2021-06-realitycards-findings#105

Code instances:

    AccessControlMechanism.sol
    IAccessControlMechanism.sol

Solidity compiler versions mismatch

The project is compiled with different versions of solidity, which is not recommended because it can lead to undefined behaviors.

Code instance:

Not verified owner

    owner param should be validated to make sure the owner address is not address(0).
    Otherwise if not given the right input all only owner accessible functions will be unaccessible.

Code instances:

    NibblVault.sol.permit owner
    UpgradedNibblVault.sol.permit owner

Not verified input

external / public functions parameters should be validated to make sure the address is not 0.
Otherwise if not given the right input it can mistakenly lead to loss of user funds.

Code instances:

    Basket.sol.onERC721Received from
    NibblVault.sol.withdrawMultipleERC721 _to
    UpgradedNibblVault.sol.withdrawERC20 _to
    NibblVault.sol.withdrawERC1155 _asset
    NibblVault.sol.initialize _curator
    NibblVault.sol.withdrawERC721 _assetAddress

Does not validate the input fee parameter

Some fee parameters of functions are not checked for invalid values. Validate the parameters:

Code instances:

    MaliciousFactory.constructor (_feeTo)
    NibblVaultFactory.constructor (_feeTo)
    MaliciousFactory.proposeNewAdminFeeAddress (_newFeeAddress)
    NibblVaultFactory.proposeNewAdminFee (_newFee)
    MaliciousFactory.proposeNewAdminFee (_newFee)

Require with empty message

The following requires are with empty messages.
This is very important to add a message for any require. So the user has enough information to know the reason of failure.

Code instances:

    Solidity file: BancorFormula.sol, In line 259 with Empty Require message.
    Solidity file: TestBancorFormula.sol, In line 259 with Empty Require message.
    Solidity file: MaliciousFactory.sol, In line 106 with Empty Require message.
    Solidity file: BancorFormula.sol, In line 188 with Empty Require message.
    Solidity file: BancorFormula.sol, In line 356 with Empty Require message.

Never used parameters

Those are functions and parameters pairs that the function doesn't use the parameter. In case those functions are external/public this is even worst since the user is required to put value that never used and can misslead him and waste its time.

Code instances:

    NibblVaultFactory.sol: function createVault parameter _initialSupply isn't used. (createVault is external)
    NibblVaultFactory.sol: function createBasket parameter _mix isn't used. (createBasket is public)
    NibblVaultFactory.sol: function createVault parameter _curator isn't used. (createVault is external)
    MaliciousFactory.sol: function createBasket parameter _mix isn't used. (createBasket is public)
    NibblVault.sol: function safeTransferETH parameter _to isn't used. (safeTransferETH is private)

Check transfer receiver is not 0 to avoid burned money

Transferring tokens to the zero address is usually prohibited to accidentally avoid "burning" tokens by sending them to an unrecoverable zero address.

Code instances:

    https://github.com/code-423n4/2022-06-nibbl/tree/main/contracts/Basket.sol#L64
    https://github.com/code-423n4/2022-06-nibbl/tree/main/contracts/Basket.sol#L87
    https://github.com/code-423n4/2022-06-nibbl/tree/main/contracts/Basket.sol#L37
    https://github.com/code-423n4/2022-06-nibbl/tree/main/contracts/Test/UpgradedNibblVault.sol#L453

[HardlyDifficult]

Merging with #231

[HardlyDifficult]

Init frontrun

Invalid, these are created by a factory.

Otherwise good improvements suggested.