han/2025-01-scai-idrcoin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add audit commenet on IDRCoin and a bit of BankHub

Browse Source
This commit is contained in:
han 2025-01-24 22:35:41 +07:00
parent 0e38a0c45c
commit c89b446cd7
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/BankHub.sol
View File

@ -75,6 +75,7 @@ contract BankHub {
// withdraw IDRCoin from saving account // withdraw IDRCoin from saving account
// user's interest would be applied here // user's interest would be applied here
function withdraw(uint256 _amount, address _fromBank) external { function withdraw(uint256 _amount, address _fromBank) external {
// @audit: what if user already deposited to certain bank, then its no longer whiteListed anymore?
require(whiteListed[_fromBank], "bank not whitelisted"); require(whiteListed[_fromBank], "bank not whitelisted");
require(savingAmount[msg.sender] >= _amount, "insufficient balance"); require(savingAmount[msg.sender] >= _amount, "insufficient balance");
@ -144,6 +145,7 @@ contract BankHub {
// collect all IDRCoin from bank // collect all IDRCoin from bank
// this is used to punish bank that misbehave // this is used to punish bank that misbehave
function revokeWhiteList(address _bank) external onlyOwner { function revokeWhiteList(address _bank) external onlyOwner {
// @audit: a bit sus
if (idrcoin.balanceOf(_bank) > 0) { if (idrcoin.balanceOf(_bank) > 0) {
idrcoin.transferFrom(_bank, owner, idrcoin.balanceOf(_bank)); idrcoin.transferFrom(_bank, owner, idrcoin.balanceOf(_bank));
} }

1
src/IDRCoin.sol
View File

@ -96,6 +96,7 @@ contract IDRCoin is ERC20 {
// first we normalize the amount in usd by dividing it with its own decimals // first we normalize the amount in usd by dividing it with its own decimals
// then we multiply it with the conversion rate and IDRC decimals // then we multiply it with the conversion rate and IDRC decimals
// result is the amount of IDRC to mint with the correct decimals // result is the amount of IDRC to mint with the correct decimals
// @audit: the math calculation is a bit sus
uint256 amountInIDR = (amountInUSD / 10 ** usdt.decimals()) *CONVERSION_RATE * 10 ** decimals(); uint256 amountInIDR = (amountInUSD / 10 ** usdt.decimals()) *CONVERSION_RATE * 10 ** decimals();
mint_(msg.sender, amountInIDR); mint_(msg.sender, amountInIDR);