Seed Gauge System Codehawks Remediations

[Brean0]

Seed Gauge System Codehawks Changes

Contest link: https://www.codehawks.com/report/clsxlpte900074r5et7x6kh96

Codehawks Remediations

• Update the whitelist function such that it does not perform improper logic upon whitelisting a previously whitelisted (i.e deWhitelisted asset). (9c76990)
  • Original finding: https://www.codehawks.com/report/clsxlpte900074r5et7x6kh96#M-03
• Add a reversion to the whitelist function upon inputting an invalid stalkIssuedPerBdv if whitelisting a dewhitelisted asset. (f5bda85)
  • Original finding: https://www.codehawks.com/report/clsxlpte900074r5et7x6kh96#M-03
• Update the defaultGaugePointFunction to return the current gaugePoints if the optimal and current depositedBDV are within bounds. (49cdd76)
  • Original finding: https://www.codehawks.com/report/clsxlpte900074r5et7x6kh96#M-01
• Added comments indicating fee-on-transfer / rebasing tokens are not supported: (1d10ac8)
  • Original finding: https://www.codehawks.com/report/clsxlpte900074r5et7x6kh96#M-02
• Decreased the CHAINLINK_TIMEOUT from 4 hours to 1.5 hours. (4255cf1)
  • Original finding: https://www.codehawks.com/report/clsxlpte900074r5et7x6kh96#M-05

Other Contract Changes

• Increase the maximum Beans that can be rewarded during a gm call in the first available block to 250 beans. (fc905c7)
• Updated enrootDeposits to correctly emit ERC-1155 events. (7b98fe1) (see. EnrootFacet, TokenSilo, LibSilo)
• Fixed a bug where Beanstalk returned the USD/BEAN price instead of BEAN/USD when checking for excessive price. (f96a7ab)

Misc. changes

• Updated diamond ABI (bec353d) (16bb99b)
• Misc library omissions: (c7ca000)

Accepted Risks from Codehawks Findings

M-06. [M] DOS in LibChainlinkOracle when not considering phaseId.

This occurs when the Chainlink oracle updates their phaseAggergator. This has occurred 6 times in the lifetime of the ETH/USD oracle. When a change occurs, Beanstalk will not be able to determine a TWAP for the season, causing a 1 Season DoS. In order to determine the next roundId to query when a phase a phaseAggergator change occurs, Beanstalk needs to be able to call latestRound() on the phase aggregator, which contains access control and thus can only be called by specific contracts. This is an acceptable edge case due to the infrequency of this occurring.

L-01. LibEthUsdOracle returning wrong price on minAnswer, impacting fertilizer minting

The minAnswer of the ETH/USD oracle is 1, which given the decimals precision of 8, means that Ether would need to be lower than 1-e8 dollars in order to effect the protocol. This seems unlikely and unworthy of implementing logic to account for the edge case.

L-02. No validation of total supply of unripe beans & Lp in percentBeansRecapped & percentLPRecapped

In the case that all Unripe assets are Chopped/Converted, users would not be able to Convert between Unripe assets. Given that this would only occur when all assets are chopped, it seems preferable to accept this edge case instead of introducing new logic that may be exploitable.