Skip to content

Instantly share code, notes, and snippets.

@yuriy77k
Forked from RideSolo/ETH_WeiDex_report.md
Created May 24, 2019 08:17
Show Gist options
  • Save yuriy77k/95510c49110e25766c1d75bd99e8d307 to your computer and use it in GitHub Desktop.
Save yuriy77k/95510c49110e25766c1d75bd99e8d307 to your computer and use it in GitHub Desktop.

WeiDex Audit Report.

1. Summary

This document is a security audit report performed by RideSolo, where WeiDex has been reviewed.

2. In scope

3. Findings

6 issues were reported including:

  • 2 medium severity issues.

  • 4 low severity issues.

3.1. Referral Reward

Severity: medium

Description

Referrals addresses are set in deposit function member of ExchangeMovements contract, if the users do not input a referral address and leave it empty, the referral reward will be assigned to address(0) in executeTrade function member of Exchange contract.

The impact will be locking an amount of different tokens to address 0x0 without possibility of withdrawal, the amount can vary following the traded volume and the number of users without referral addresses.

Code snippet

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeMovements.sol#L69#L72

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/Exchange.sol#L242

Recommendation

Check referrer address in executeTrade where referrer should be different than address(0) and allocate the referral reward following the result.

3.2. Exchange Upgrade

Severity: medium

Description

importEthers/importTokens function member of ExchangeUpgradability do not set the referral address for a user when importing the user fund from an old exchange address. this issue will cause the same problem described in " Referral Reward" issue.

Code snippet

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeUpgradability.sol#L116

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeUpgradability.sol#L146

3.3. Exchange Balance Transfer

Severity: low

Description

In transfer function member of ExchangeMovements contract some requirement should be set to avoid sending balances to wrong addresses.

Code snippet

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeMovements.sol#L119

Recommendation

Add the following lines to the function:

	require(to!=address(0));
	require(to!=address(this));

3.4. Exchange Balance Transfer

Severity: low

Description

migrateFunds function member of ExchangeUpgradability does not check if the new exchange address is set to non null address.

Code snippet

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeUpgradability.sol#L58

3.5. ERC-20 Issues

Severity: low

Description

The following issues are part of mock files that are probably used for test only:

  • transfer/transferFrom do not require the destination address to avoid zero address transfer or any other erroneous address .
  • It is possible to double withdrawal attack. More details here
  • Lack of transaction handling mechanism issue. WARNING! This is a very common issue and it already caused millions of dollars losses for lots of token users! More details here

Code snippet

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/mocks/OldERC20.sol

3.6. Experimental Features

Severity: low

Description

As raised by the compiler "Experimental features are turned on. Do not use experimental features on live deployments" the audited code uses ABIEncoderV2 that is in experimental phase and should not be deployed in a live network.

Code snippet

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/Exchange.sol#L2

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeBatchTrade.sol#L2

https://github.com/RideSolo/weidex-eth-v2/blob/master/contracts/exchange/ExchangeOffering.sol#L2

Conclusion

The audited contract cannot be deployed. All issues should be fixed including "Experimental Features" even if it is marked low severity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment