ctf_sec
high
Tempus depositAndFix function signature mismatch in Lender.sol
The lending function for tempus is implemented below
// Get the Tempus Router from the principal token
address controller = ITempusPool(ITempusToken(principal).pool())
.controller();
// Swap on the Tempus Router using the provided market and params
ITempus(controller).depositAndFix(x, lent, true, r, d);
note x is /// @param x Tempus AMM that executes the swap
We can look into the ITempus interface
interface ITempus {
function depositAndFix(
address,
uint256,
bool,
uint256,
uint256
) external;
if we refered to the deployed Tempus controller
https://etherscan.io/address/0xdb5fd0678eed82246b599da6bc36b56157e4bed8#code
The function for depositAndFix is
/// @dev Atomically deposits YBT/BT to TempusPool and swaps TYS for TPS to get fixed yield
/// See https://docs.balancer.fi/developers/guides/single-swaps#swap-overview
/// @param tempusAMM Tempus AMM to use to swap TYS for TPS
/// @param tokenAmount Amount of YBT/BT to be deposited in underlying YBT/BT decimal precision
/// @param isBackingToken specifies whether the deposited asset is the Backing Token or Yield Bearing Token
/// @param minTYSRate Minimum exchange rate of TYS (denominated in TPS) to receive in exchange for TPS
/// @param deadline A timestamp by which the transaction must be completed, otherwise it would revert
function depositAndFix(
ITempusAMM tempusAMM,
uint256 tokenAmount,
bool isBackingToken,
uint256 minTYSRate,
uint256 deadline
) external payable nonReentrant {
note the first parameter has type ITempusAMM, we just use address, in the interface.
Also looks like tempus is iteractively building new contract.
The function depositAndFix is very different
function depositAndFix(
ITempusAMM tempusAMM,
ITempusPool tempusPool,
ERC20PermitSignature[] calldata erc20Permits,
uint256 tokenAmount,
bool isBackingToken,
uint256 minTYSRate,
uint256 deadline,
address referral
) external payable override nonReentrant returns (uint256, uint256) {
If the function signature mismatched in tempus contract, the lending function for tempus will not be working.
https://github.com/sherlock-audit/2022-10-illuminate/blob/main/src/Lender.sol#L655-L668
https://github.com/sherlock-audit/2022-10-illuminate/blob/main/src/interfaces/ITempus.sol#L8-L16
Manual Review
We recommend the project use the updated implementation for tempus controller function signature, and indeed please change from
interface ITempus {
function depositAndFix(
address,
uint256,
bool,
uint256,
uint256
) external;
to
interface ITempus {
function depositAndFix(
ITempusAMM tempusAMM,
uint256,
bool,
uint256,
uint256
) external;