Reading Audit Reports - Cally

Walkthrough of the Cally audit report from Code4rena. Learn to find more bugs by reading past audit reports.

Audit Report:
https://code4rena.com/reports/2022-05-cally

More background on H-01
https://youtu.be/Bc4wUMlx4D4?t=265

80Million Qubit Hack - relates to finding H-03
https://halborn.com/explained-the-qubit-hack-january-2022/

Links to relevant findings:
https://github.com/andyfeili/cally

Smart Contract Auditing - Beginner Roadmap
https://www.youtube.com/watch?v=-469Gcye-ZE

Contents:
0:00 - [[H-01] no-revert-on-transfer ERC20 tokens can be drained]
2:19 - [[H-02] Inefficiency in the Dutch Auction due to lower duration]
6:38 - [[H-03] [WP-H0] Fake balances can be created for not-yet-existing ERC20 tokens, which allows attackers to set traps to steal funds from future users]
10:02 - [[M-01] Owner can modify the feeRate on existing vaults and steal the strike value on exercise]
11:21 - [[M-02] It shouldn’t be possible to create a vault with Cally’ own token]
12:57 - [[M-03] User’s may accidentally overpay in buyOption() and the excess will be paid to the vault creator]
14:07 - [[M-04] & [M-08] Support for Special Tokens]
16:43 - [[M-05] Expiration calculation overflows if call option duration ≥ 195 days]
18:20 - [[M-06] Owner can set the feeRate to be greater than 100% and cause all future calls to exercise to revert]
18:39 - [[M-07] Lack of 0 amount check allows malicious user to create infinite vaults]
19:13 - [[M-09] Use safeTransferFrom instead of transferFrom for ERC721 transfers]
19:44 - [[M-10] createVault() does not confirm whether tokenType and token’s type are the same]
21:00 - [Progress Update]