Omniscia Euler Audit

EulStakes Manual Review Findings

ESS-01M: Ineffectual Amount Limit

Type	Severity	Location
Logical Fault		EulStakes.sol:L33, L61

Description:

The stake and stakeGift functions apply an amount limit of 1e36 to the staking operations, however, it is ineffectual as it can be relatively easily bypassed by providing two consequent staking operations of the full amount back to back in the stake function.

Example:

contracts/mining/EulStakes.sol

29for (uint i = 0; i < ops.length; ++i) {
30    StakeOp memory op = ops[i];
31    if (op.amount == 0) continue;
32
33    require(op.amount > -1e36 && op.amount < 1e36, "amount out of range");
34
35    uint newAmount;
36
37    {
38        int newAmountSigned = int(staked[msg.sender][op.underlying]) + op.amount;
39        require(newAmountSigned >= 0, "insufficient staked");
40        newAmount = uint(newAmountSigned);
41    }
42
43    staked[msg.sender][op.underlying] = newAmount;
44    emit Stake(msg.sender, op.underlying, msg.sender, newAmount);
45
46    delta += op.amount;
47}

Recommendation:

We advise this trait of the system to be re-evaluated and the actual purpose of the require check to be depicted as it currently is ineffectual.

Alleviation:

The Euler team stated that the require check does not impose a protocol limitation and instead is meant to make the native overflow and underflow errors contain explicit error messages. As a result, we consider this exhibit nullified as the check is sufficient for native overflow / underflow prevention.

Omniscia Euler Audit

EulStakes Manual Review Findings

EulStakes Manual Review Findings

ESS-01M: Ineffectual Amount Limit

Description:

Example:

Recommendation:

Alleviation:

EulDistributor.sol (EDR-M)

EulDistributor.sol (EDR-C)

On this page