-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sherlock-110: revert add settleable #909
Conversation
…rk on the baselines
tests/forge/unit/ERC721Pool/ERC721PoolLiquidationsSettleAuction.t.sol
Outdated
Show resolved
Hide resolved
f60b816
to
406e6f3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The links that summarize the issue are dead, please copy and paste the issue into the description
Will update to new judge repo which is permanent |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I consider this change a mitigation to the issue rather than the fix, which is fine. I'm 51% no change 49% fine with this change. As was detailed in the issue why would a lender perform a dusting to protect a position that they can't withdraw? The incentives don't seem significant enough to warrant a lender performing this dusting...
As a lender who is performing the dusting I see two very simple workarounds:
- dust with
addCollateral()
, performs the same protections - call
addQuoteToken()
on the 71st hour of the auction (before settle is callable) , this mitigation doesn't protect against.
Approving PR because it suffices as a soft mitigation and code looks correct. Again happy to leave code as is and not merge this PR because I don't see sufficient incentives for lender to perform dusting, nor do I see this mitigation as entirely solving the issue.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
I stand corrected, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unrelated to this change, I was surprised to learn we don't allow lenders to remove collateral when an auction is settleable. LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks ok
Description of change
High level
Pool.addQuoteToken
revert withAuctionNotCleared
custom errorContract size
Pre Change
Post Change
Gas usage
Pre Change
Post Change