CErc20Delegator Manual Review Findings

CON-01M: Potentially Misbehaving Adjustment

Description:

The codebase of Compound explicitly lists the function signatures that are meant to be relayed via the delegatecall opcode and which are meant to be relayed via the staticcall opcode, however, the Rari implementation relays all calls utilizing delegatecall regardless.

Example:

Copy
106/**
107 * @notice Delegates execution to an implementation contract
108 * @dev It returns to the external caller whatever the implementation returns or forwards reverts
109 */
110function () external payable {
111    require(msg.value == 0,"CErc20Delegator:fallback: cannot send value to fallback");
112
113    // delegate all other functions to current implementation
114    (bool success, ) = implementation.delegatecall(msg.data);
115
116    assembly {
117        let free_mem_ptr := mload(0x40)
118        returndatacopy(free_mem_ptr, 0, returndatasize)
119
120        switch success
121        case 0 { revert(free_mem_ptr, returndatasize) }
122        default { return(free_mem_ptr, returndatasize) }
123    }
124}

Recommendation:

We advise that a similar paradigm to the original codebase is adopted as the absence of staticcall for certain functions enables them to conduct state changes be it internal or external.

Alleviation:

The Rari team stated that no function is meant to prohibit state changes via low-level opcodes as the underlying implementation may desire to do so; however, we still believe this to be a sensible pattern and one that can result in lower gas costs overall for the system if intensive view-only functions are utilized by other contracts of the system frequently.