ETH-BSC Swap smart contract security audit report performed by Callisto Security Audit Department.
Commit 951fe2d39e873261a484f6fdbcdc11303a6c838d
Folder test.
In total, 4 issues were reported including:
-
0 high severity issues.
-
1 medium severity issues.
-
2 low severity issues.
-
0 notes.
-
1 owner privileges.
To create uniq index to get/set values in contractWalletTokenIdTotalAmount is using sum of token address + user address + token ID
. If token contract allow user to mint token with arbitrary token ID than will be easy to create collision.
I.e. User A has index token address + user A address + token ID
, so user B can mint token with token ID = user A address + token ID - user B address
and will receive the same index as user A.
This issue applicable for OpenBiSeaBSCSwapAgentImpl
and OpenBiSeaETHSwapAgentImpl
contracts in all places where contractWalletTokenIdTotalAmount
is used.
Better to use hash function to create index:
uint256 idx = uint256(keccak256(abi.encodePacked(tokenAddress, userAddress, tokenId)));
contractWalletTokenIdTotalAmount[idx] = contractWalletTokenIdTotalAmount[idx].sub(1);
The notContract
modifier is used in OpenBiSeaBSCSwapAgentImpl and OpenBiSeaETHSwapAgentImpl to protect swap functions from reentrancy attack. But it restrict users of multisig wallets to use swap functions.
Use ReentrancyGuard and replace notContract
with nonReentrant
modifier.
In swapBSC2ETH, swap721BSC2ETH, swap1155BSC2ETH of OpenBiSeaBSCSwapAgentImpl
contract you require that user swap tokens from ETH to BSC before he will be able to swap it back (from BSC to ETH). But if user get this tokens from other user, he can't swap it back to ETH.
On the Ethereum side functions fillBSC2ETHSwap, fill721BSC2ETHSwap, fill1155BSC2ETHSwap will failed for user who did not swap it's token from ETH to BSC before.
Instead of storing contractWalletTokenIdTotalAmount[idx]
for separate users you may store there Total amount of swapped tokens: contractWalletTokenIdTotalAmount[token_address]
.
The owner can transfer tokens on the Ethereum side and mint them on the BSC side.
However, Owner provides a transaction hash as proof of the user's swap operation. Therefore anyone can check each swap operation and ensure its correctness.
The audited smart contract must not be deployed. Reported issues (at least with medium severity) must be fixed prior to the usage of this contract.
Since the swapping process completely on the owner's power, users should understand the risk of an "exit scam".