codeHawks-2024-12-Aldo SssTablecoinsss 审计报告

Aldo SssTablecoinsss 审计报告

这次抽空在codeHarw上面，做了一次首飞。是关于defi 的。结果使用p语言写的，导致很多人可能就没有去参加，我也提交了3个，虽然只有一个被判为中等，但是这是我第一次被选择成最终报告

这是我正确的报告

语言机的时间设置的太大（中等）（me）（被选为作为报告）

M-01. The TIMEOUT is set as a fixed constant of 72 hours, which makes it inflexible in adapting to the market price.
Summary
In this contract, the TIMEOUT is set as a fixed constant (72 hours, or 259200 seconds). This means that if the oracle price data is not updated within 72 hours, the data will be considered outdated, and the contract will trigger a revert.

Vulnerability Details
At this location in the code,
https://github.com/Cyfrin/2024-12-algo-ssstablecoinsss/blob/4cc3197b13f1db728fd6509cc1dcbfd7a2360179/src/oracle_lib.vy#L15

Copy to clipboard
1
TIMEOUT: constant(uint256) = 72 * 3600
the timeout is directly set to 72 hours. For an oracle, which cannot dynamically adjust the price updates, this is a suboptimal approach.

Impact
Fixed Timeout: The TIMEOUT is hardcoded to 72 hours. In markets with frequent fluctuations or assets that require more frequent price updates, 72 hours might be too long. Conversely, if the timeout is too short, it could cause frequent errors due to the inability to update data in time, disrupting normal contract operations.

Non-adjustable Timeout: If the contract’s requirements change (e.g., market conditions evolve or the protocol requires more flexibility), the fixed TIMEOUT cannot be dynamically adjusted, leading to potential mismatches with current needs.

Lack of Flexibility: The current timeout mechanism is static and cannot be adjusted based on market volatility or the frequency of oracle updates. In volatile markets, a shorter TIMEOUT might be necessary, while in stable markets, a longer timeout would be more appropriate.
##Tools Used

Manual review

Recommendations
Introduce a dynamic price expiration mechanism that adjusts based on market conditions. Use volatility data (such as standard deviation or market price fluctuation) to dynamically adjust the timeout period. This can be achieved by monitoring market volatility and adjusting the T

# Monitor market volatility and dynamically adjust TIMEOUT
@external
def adjustTimeoutBasedOnVolatility(volatility: uint256):
    if volatility > HIGH_VOLATILITY_THRESHOLD:
        self.TIMEOUT = SHORTER_TIMEOUT  # In high volatility, decrease TIMEOUT
    else:
        self.TIMEOUT = LONGER_TIMEOUT  # In stable market, increase TIMEOUT
    log TimeoutAdjusted(self.TIMEOUT)

只检查了第一个wethd，精度的不同，导致差距过大（高）

H-01. In the function _revert_if_health_factor_is_broken constatnt variable MIN_HEALTH_FACTOR is only for WETH.
Summary
The _revert_if_health_factor_is_broken function is responsible for ensuring that a user’s health factor meets the minimum required standard. There is only implementation for WETH.

Vulnerability Details
In the function, there is only implementation for WETH.

Copy to clipboard

@internal
def _revert_if_health_factor_is_broken(user: address):
    user_health_factor: uint256 = self._health_factor(user)
    assert (
        user_health_factor >= MIN_HEALTH_FACTOR
    ), "DSCEngine__BreaksHealthFactor"

Value of the MIN_HEALTH_FACTOR=10^18is higher than the Satoshi factor which is 10^8.

As a result, for WBTC, the user_health_factor can be inflated to more than 101010^{10} times its normal value.

Impact
Bigger value of MIN_HEALTH_FACTOR for WBTC allows on bigger value of user_health_factorand wrong value when

function should revert.

Tools Used
manual review

Recommendations
Add MIN_HEALTH_FACTOR also for WBTC.

@internal
def _revert_if_health_factor_is_broken(user: address):
    user_health_factor: uint256 = self._health_factor(user)
    
    # Check if the user's token is WBTC and adjust health factor accordingly
    if user_health_factor >= (MIN_HEALTH_FACTOR * 10**10):
        # If user health factor is higher due to WBTC precision, still ensure it meets the minimum
        assert user_health_factor >= MIN_HEALTH_FACTOR, "DSCEngine__BreaksHealthFactor"
    else:
        assert user_health_factor >= MIN_HEALTH_FACTOR, "DSCEngine__BreaksHealthFactor"

个人认为这次的难度不大，就是要注意一点，对于p语言的的掌握不够，还得多加学习