Lines of code fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Marketplace/MarketPlace.sol#L156
<https://github.com/code-423n4/2022-07-swivel/blob/fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Marketplace/MarketPlace.sol#L164>
ZcToken.withdraw and ZcToken.redeem will be reverted.
#Proof of Concept
<https://github.com/code-423n4/2022-07-swivel/blob/fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Tokens/ZcToken.sol#L116>
In ZcToken.withdraw and ZcToken.redeem, it calls redeemer.authRedeem. redeemer can be MarketPlace here. But MarketPlace.authRedeem calls ISwivel(swivel).authRedeem.
<https://github.com/code-423n4/2022-07-swivel/blob/> fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Marketplace/MarketPlace.sol#L156
<https://github.com/code-423n4/2022-07-swivel/blob/fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Marketplace/MarketPlace.sol#L164>
And authRedeem function is not defined in Swivel contract. So withdraw and redeem of ZcToken will be reverted.
VSCode
Change authRedeem to authRedeemZcToken in MarketPlace.
function authRedeem(uint8 p, address u, uint256 m, address f, address t, uint256 a) public authorized(markets[p][u][m].zcToken) returns (uint256 underlyingAmount) {
Market memory market = markets[p][u][m];
// if the market has not matured, mature it...
if (market.maturityRate == 0) {
if (!matureMarket(p, u, m)) { revert Exception(30, 0, 0, address(0), address(0)); }
if (!IZcToken(market.zcToken).burn(f, a)) { revert Exception(29, 0, 0, address(0), address(0)); }
- ISwivel(swivel).authRedeem(p, u, market.cTokenAddr, t, a);
+ ISwivel(swivel).authRedeemZcToken(p, u, market.cTokenAddr, t, a);
return (a);
} else {
if (!IZcToken(market.zcToken).burn(f, a)) { revert Exception(29, 0, 0, address(0), address(0)); }
uint256 amount = calculateReturn(p, u, m, a);
- ISwivel(swivel).authRedeem(p, u, market.cTokenAddr, t, amount);
+ ISwivel(swivel).authRedeemZcToken(p, u, market.cTokenAddr, t, amount);
return (amount);
}
}
The text was updated successfully, but these errors were encountered:
All reactions