Return to site
Return to site

Mentorship Series #22

0xfirefirst - Day 23

· Mentorship

We continued the Panoptic contest on Code4rena.

Lesson Summary:

  • Downcasting cuts the number, watch closely for such casts
  • ERC4626 and vaults check assets for zero amount, not shares
  • Check the cast in the withdraw fn, can it cause a problem? - ok
  • Play with numbers with all the branches in the accrueInterest fn
  • Can someone call a fn which accrues interest and screw another `owner` (trigger the !isDeposit) branch to make the other owner burn his shares?
    • User has enough balance
    • User has not enough balance and it's not a deposit
    • User does not have enough balance but it's a deposittransfer ---> deposit, basically search for ways for users to game the accrueing of interest somehow

Subscribe
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save