Omniscia Evergon Labs Audit
LendingOracleFacetStorage Manual Review Findings
LendingOracleFacetStorage Manual Review Findings
LOS-01M: Inexistent Validation of Non-Zero Minimum
| Type | Severity | Location |
|---|---|---|
| Input Sanitization |  | LendingOracleFacetStorage.sol:L102 |
Description:
The minimumProportionOverObligation value should be non-zero so as to ensure that strictly ascending price limits are configured for a campaign.
Impact:
A zero-value minimumProportionOverObligation would result in indiscernible priceLimits.
Example:
85function initLendingOracleFacet(Layout storage l, bytes calldata initLendingOracleData) internal {86 if (l.interferenceState != 0) revert AlreadyInitialized();87
88 (89 uint256 minimumProportionOverObligation,90 uint256 interferenceState,91 bytes4[] memory hookSelectorsForPrices,92 uint256[] memory statesForPrices,93 bool checkFromStart,94 address priceSetter95 ) = abi.decode(initLendingOracleData, (uint256, uint256, bytes4[], uint256[], bool, address));96
97 if (interferenceState == 0) revert InvalidZeroInterferenceState();98
99 uint256 length = hookSelectorsForPrices.length;100 if (length != statesForPrices.length || length <= 1) revert InvalidInputArrays();101
102 l.minimumProportionOverObligation = minimumProportionOverObligation;103 l.interferenceState = interferenceState;104 l.hookSelectorsForPrices = hookSelectorsForPrices;105 l.statesForPrices = statesForPrices;106 l.checkFromStart = checkFromStart;107 l.priceSetter = priceSetter;108
109 for (uint256 i; i < length; i++) {110 l.isStateSetByOracle[statesForPrices[i]] = true;111 }112}Recommendation:
We advise this sanitization to be imposed on the referenced variable, increasing the resilience of the codebase against misconfigurations
Alleviation (71cda4ccfdcfa25fb96a4565f1f8143b350dd246):
The minimumProportionOverObligation_ value is now correctly evaluated as non-zero in the referenced code segment as advised.
LOS-02M: Misleading Interference State Index
| Type | Severity | Location |
|---|---|---|
| Logical Fault | | LendingOracleFacetStorage.sol:L216, L217, L218 |
Description:
The index established as part of the loop's re-initiation is 0 instead of the actual index of the interferenceState.
Impact:
Although the error does not expose itself as a vulnerability given that the lastIndexSet is not utilized outside the LendingOracleFacetStorage::setPrice function, we still advise it to be corrected so as to avoid transient invalid data entries.
Example:
214if (StateFacetStorage.layout().stateHooksInfo[currentState].isStateTransitionSupported[l.interferenceState]) {215 // if the price is over the limit go to interference state and repeat all the checks.216 StateFacetStorage.layout().changeState(campaignId, currentState, l.interferenceState);217 currentState = l.interferenceState;218 campaignDetails.lastIndexSet = 0;219 index = length;220} else {Recommendation:
We advise the proper index to be established, potentially by storing it to a storage-level data entry that can be fetched at will.
Alleviation (71cda4ccfdcfa25fb96a4565f1f8143b350dd246):
The lastIndexSet value is now configured to the INDEX_OF_INTERFERENCE_STATE constant that represents 0, permitting easier integration of the special-purpose 0 index concept and thus addressing this exhibit.