feat: 14 day cooldown withdraw, deposit min

[sambacha]

THIS CHECKLIST IS NOT COMPLETE. Use --show-ignored-findings to show all the results.
Summary

• unchecked-transfer (26 results) (High)
• divide-before-multiply (21 results) (Medium)
• incorrect-equality (2 results) (Medium)
• reentrancy-no-eth (16 results) (Medium)
• unused-return (6 results) (Medium)
• pess-dubious-typecast (12 results) (Medium)

unchecked-transfer

Impact: High
Confidence: Medium

• ID-0
  FoldCaptiveStakingV2.claimInsurance(uint128) ignores return value by token1.transfer(owner,amount1)

src/FOLD_StakingV2.sol#L366-L400

• ID-1
  FoldCaptiveStakingV2.collectFees() ignores return value by token1.transfer(msg.sender,fee1Owed)

src/FOLD_StakingV2.sol#L267-L282

• ID-2
  FoldCaptiveStakingV2.deposit(uint256,uint256,uint256) ignores return value by token0.transferFrom(msg.sender,address(this),amount0)

src/FOLD_StakingV2.sol#L193-L231

• ID-3
  FoldCaptiveStaking.claimInsurance(uint128) ignores return value by token1.transfer(owner,amount1)

src/FoldCaptiveStaking.sol#L358-L392

• ID-4
  FoldCaptiveStaking.claimInsurance(uint128) ignores return value by token0.transfer(owner,amount0)

src/FoldCaptiveStaking.sol#L358-L392

• ID-5
  FoldCaptiveStakingV2.deposit(uint256,uint256,uint256) ignores return value by token0.transfer(msg.sender,amount0 - actualAmount0)

src/FOLD_StakingV2.sol#L193-L231

• ID-6
  FoldCaptiveStaking.withdraw(uint128) ignores return value by token0.transfer(msg.sender,amount0)

src/FoldCaptiveStaking.sol#L290-L327

• ID-7
  FoldCaptiveStaking.deposit(uint256,uint256,uint256) ignores return value by token0.transfer(msg.sender,amount0 - actualAmount0)

src/FoldCaptiveStaking.sol#L185-L223

• ID-8
  FoldCaptiveStaking.collectRewards() ignores return value by WETH9.transfer(msg.sender,rewardsOwed)

src/FoldCaptiveStaking.sol#L277-L286

• ID-9
  FoldCaptiveStakingV2.deposit(uint256,uint256,uint256) ignores return value by token1.transfer(msg.sender,amount1 - actualAmount1)

src/FOLD_StakingV2.sol#L193-L231

• ID-10
  FoldCaptiveStakingV2.compound() ignores return value by token1.transfer(msg.sender,fee1Owed - actualAmount1)

src/FOLD_StakingV2.sol#L234-L264

• ID-11
  FoldCaptiveStaking.compound() ignores return value by token0.transfer(msg.sender,fee0Owed - actualAmount0)

src/FoldCaptiveStaking.sol#L226-L256

• ID-12
  FoldCaptiveStaking.collectFees() ignores return value by token0.transfer(msg.sender,fee0Owed)

src/FoldCaptiveStaking.sol#L259-L274

• ID-13
  FoldCaptiveStaking.withdraw(uint128) ignores return value by token1.transfer(msg.sender,amount1)

src/FoldCaptiveStaking.sol#L290-L327

• ID-14
  FoldCaptiveStakingV2.collectFees() ignores return value by token0.transfer(msg.sender,fee0Owed)

src/FOLD_StakingV2.sol#L267-L282

• ID-15
  FoldCaptiveStakingV2.withdraw(uint128) ignores return value by token0.transfer(msg.sender,amount0)

src/FOLD_StakingV2.sol#L298-L335

• ID-16
  FoldCaptiveStakingV2.claimInsurance(uint128) ignores return value by token0.transfer(owner,amount0)

src/FOLD_StakingV2.sol#L366-L400

• ID-17
  FoldCaptiveStaking.deposit(uint256,uint256,uint256) ignores return value by token1.transfer(msg.sender,amount1 - actualAmount1)

src/FoldCaptiveStaking.sol#L185-L223

• ID-18
  FoldCaptiveStaking.deposit(uint256,uint256,uint256) ignores return value by token0.transferFrom(msg.sender,address(this),amount0)

src/FoldCaptiveStaking.sol#L185-L223

• ID-19
  FoldCaptiveStakingV2.withdraw(uint128) ignores return value by token1.transfer(msg.sender,amount1)

src/FOLD_StakingV2.sol#L298-L335

• ID-20
  FoldCaptiveStaking.compound() ignores return value by token1.transfer(msg.sender,fee1Owed - actualAmount1)

src/FoldCaptiveStaking.sol#L226-L256

• ID-21
  FoldCaptiveStakingV2.compound() ignores return value by token0.transfer(msg.sender,fee0Owed - actualAmount0)

src/FOLD_StakingV2.sol#L234-L264

• ID-22
  FoldCaptiveStaking.collectFees() ignores return value by token1.transfer(msg.sender,fee1Owed)

src/FoldCaptiveStaking.sol#L259-L274

• ID-23
  FoldCaptiveStakingV2.deposit(uint256,uint256,uint256) ignores return value by token1.transferFrom(msg.sender,address(this),amount1)

src/FOLD_StakingV2.sol#L193-L231

• ID-24
  FoldCaptiveStakingV2.collectRewards() ignores return value by WETH9.transfer(msg.sender,rewardsOwed)

src/FOLD_StakingV2.sol#L285-L294

• ID-25
  FoldCaptiveStaking.deposit(uint256,uint256,uint256) ignores return value by token1.transferFrom(msg.sender,address(this),amount1)

src/FoldCaptiveStaking.sol#L185-L223

divide-before-multiply

Impact: Medium
Confidence: Medium

• ID-26
  TickMath.maxUsableTick(int24) performs a multiplication on the result of a division:
  • (MAX_TICK / tickSpacing) * tickSpacing

src/libraries/TickMath.sol#L32-L36

• ID-27
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xffcb9843d60f6159c9db58835c926644) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-28
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0x31be135f97d08fd981231505542fcfa6) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-29
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xe7159475a2c29b7443b29c7fa6e889d9) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-30
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xff2ea16466c96a3843ec78b326b52861) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-31
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xfe5dee046a99a2a811c461f1969c3053) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-32
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xf987a7253ac413176f2b074cf7815e54) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-33
  TickMath.minUsableTick(int24) performs a multiplication on the result of a division:
  • (MIN_TICK / tickSpacing) * tickSpacing

src/libraries/TickMath.sol#L39-L43

• ID-34
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xa9f746462d870fdf8a65dc1f90e061e5) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-35
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xfff97272373d413259a46990580e213a) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-36
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xfff2e50f5f656932ef12357cf3c7fdcc) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-37
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0x2216e584f5fa1ea926041bedfe98) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-38
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xf3392b0822b70005940c7a398e4b70f3) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-39
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xff973b41fa98c081472e6896dfb254c0) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-40
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xffe5caca7e10e4e61c3624eaa0941cd0) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-41
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0x70d869a156d2a1b890bb3df62baf32f7) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-42
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xd097f3bdfd2022b8845ad8f792aa5825) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-43
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0x48a170391f7dc42444e8fa2) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-44
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0xfcbe86c7900a88aedcffc83b479aa3a4) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-45
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0x5d6af8dedb81196699c329225ee604) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

• ID-46
  TickMath.getSqrtPriceAtTick(int24) performs a multiplication on the result of a division:
  • price = (price * 0x9aa508b5b7a84e1c677de54f3e99bc9) >> 128
  • price = ~ 0 / price

src/libraries/TickMath.sol#L50-L109

incorrect-equality

Impact: Medium
Confidence: High

• ID-47
  FoldCaptiveStaking.initialize() uses a dangerous strict equality:
  • liquidity == 0

src/FoldCaptiveStaking.sol#L69-L103

• ID-48
  FoldCaptiveStakingV2.initialize() uses a dangerous strict equality:
  • liquidity == 0

src/FOLD_StakingV2.sol#L77-L111

reentrancy-no-eth

Impact: Medium
Confidence: Medium

• ID-49
  Reentrancy in FoldCaptiveStaking.withdraw(uint128):
  External calls:
  • collectFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
    • token0.transfer(msg.sender,fee0Owed)
    • token1.transfer(msg.sender,fee1Owed)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
      State variables written after the call(s):
  • collectRewards()
    • balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)
      FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • balances[msg.sender].amount -= liquidity
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • liquidityUnderManagement -= uint256(liquidity)
    FoldCaptiveStaking.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStaking.claimInsurance(uint128)
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.initialize()
  • FoldCaptiveStaking.liquidityUnderManagement
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L290-L327

• ID-50
  Reentrancy in FoldCaptiveStaking.compound():
  External calls:
  • collectPositionFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
  • (liquidity,actualAmount0,actualAmount1) = positionManager.increaseLiquidity(params)
  • token0.transfer(msg.sender,fee0Owed - actualAmount0)
  • token1.transfer(msg.sender,fee1Owed - actualAmount1)
    State variables written after the call(s):
  • balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • balances[msg.sender].amount += liquidity
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • liquidityUnderManagement += uint256(liquidity)
    FoldCaptiveStaking.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStaking.claimInsurance(uint128)
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.initialize()
  • FoldCaptiveStaking.liquidityUnderManagement
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L226-L256

• ID-51
  Reentrancy in FoldCaptiveStakingV2.initialize():
  External calls:
  • token0.approve(address(positionManager),type()(uint256).max)
  • token1.approve(address(positionManager),type()(uint256).max)
  • (TOKEN_ID,liquidity,None,None) = positionManager.mint(params)
    State variables written after the call(s):
  • initialized = true
    FoldCaptiveStakingV2.initialized can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.constructor(address,address,address,address)
  • FoldCaptiveStakingV2.initialize()
  • FoldCaptiveStakingV2.initialized
  • FoldCaptiveStakingV2.isInitialized()

src/FOLD_StakingV2.sol#L77-L111

• ID-52
  Reentrancy in FoldCaptiveStaking.deposit(uint256,uint256,uint256):
  External calls:
  • collectFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
    • token0.transfer(msg.sender,fee0Owed)
    • token1.transfer(msg.sender,fee1Owed)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
      State variables written after the call(s):
  • collectRewards()
    • balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)
      FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L185-L223

• ID-53
  Reentrancy in FoldCaptiveStakingV2.collectRewards():
  External calls:
  • WETH9.transfer(msg.sender,rewardsOwed)
    State variables written after the call(s):
  • balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L285-L294

• ID-54
  Reentrancy in FoldCaptiveStakingV2.withdraw(uint128):
  External calls:
  • collectFees()
    • token0.transfer(msg.sender,fee0Owed)
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
    • token1.transfer(msg.sender,fee1Owed)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
      State variables written after the call(s):
  • collectRewards()
    • balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)
      FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • balances[msg.sender].amount -= liquidity
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • liquidityUnderManagement -= uint256(liquidity)
    FoldCaptiveStakingV2.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.claimInsurance(uint128)
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.initialize()
  • FoldCaptiveStakingV2.liquidityUnderManagement
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L298-L335

• ID-55
  Reentrancy in FoldCaptiveStaking.deposit(uint256,uint256,uint256):
  External calls:
  • collectFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
    • token0.transfer(msg.sender,fee0Owed)
    • token1.transfer(msg.sender,fee1Owed)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
  • token0.transferFrom(msg.sender,address(this),amount0)
  • token1.transferFrom(msg.sender,address(this),amount1)
  • (liquidity,actualAmount0,actualAmount1) = positionManager.increaseLiquidity(params)
  • token0.transfer(msg.sender,amount0 - actualAmount0)
  • token1.transfer(msg.sender,amount1 - actualAmount1)
    State variables written after the call(s):
  • balances[msg.sender].amount += liquidity
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • liquidityUnderManagement += uint256(liquidity)
    FoldCaptiveStaking.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStaking.claimInsurance(uint128)
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.initialize()
  • FoldCaptiveStaking.liquidityUnderManagement
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L185-L223

• ID-56
  Reentrancy in FoldCaptiveStakingV2.deposit(uint256,uint256,uint256):
  External calls:
  • collectFees()
    • token0.transfer(msg.sender,fee0Owed)
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
    • token1.transfer(msg.sender,fee1Owed)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
      State variables written after the call(s):
  • collectRewards()
    • balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)
      FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L193-L231

• ID-57
  Reentrancy in FoldCaptiveStaking.initialize():
  External calls:
  • token0.approve(address(positionManager),type()(uint256).max)
  • token1.approve(address(positionManager),type()(uint256).max)
  • (TOKEN_ID,liquidity,None,None) = positionManager.mint(params)
    State variables written after the call(s):
  • initialized = true
    FoldCaptiveStaking.initialized can be used in cross function reentrancies:
  • FoldCaptiveStaking.constructor(address,address,address,address)
  • FoldCaptiveStaking.initialize()
  • FoldCaptiveStaking.initialized
  • FoldCaptiveStaking.isInitialized()

src/FoldCaptiveStaking.sol#L69-L103

• ID-58
  Reentrancy in FoldCaptiveStaking.collectRewards():
  External calls:
  • WETH9.transfer(msg.sender,rewardsOwed)
    State variables written after the call(s):
  • balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L277-L286

• ID-59
  Reentrancy in FoldCaptiveStakingV2.claimInsurance(uint128):
  External calls:
  • collectPositionFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
      State variables written after the call(s):
  • liquidityUnderManagement -= uint256(liquidity)
    FoldCaptiveStakingV2.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.claimInsurance(uint128)
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.initialize()
  • FoldCaptiveStakingV2.liquidityUnderManagement
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L366-L400

• ID-60
  Reentrancy in FoldCaptiveStakingV2.collectFees():
  External calls:
  • collectPositionFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
  • token0.transfer(msg.sender,fee0Owed)
  • token1.transfer(msg.sender,fee1Owed)
    State variables written after the call(s):
  • balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L267-L282

• ID-61
  Reentrancy in FoldCaptiveStaking.collectFees():
  External calls:
  • collectPositionFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
  • token0.transfer(msg.sender,fee0Owed)
  • token1.transfer(msg.sender,fee1Owed)
    State variables written after the call(s):
  • balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)
  • balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)
    FoldCaptiveStaking.balances can be used in cross function reentrancies:
  • FoldCaptiveStaking.balances
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L259-L274

• ID-62
  Reentrancy in FoldCaptiveStakingV2.compound():
  External calls:
  • collectPositionFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
  • (liquidity,actualAmount0,actualAmount1) = positionManager.increaseLiquidity(params)
  • token0.transfer(msg.sender,fee0Owed - actualAmount0)
  • token1.transfer(msg.sender,fee1Owed - actualAmount1)
    State variables written after the call(s):
  • balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • balances[msg.sender].amount += liquidity
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • liquidityUnderManagement += uint256(liquidity)
    FoldCaptiveStakingV2.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.claimInsurance(uint128)
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.initialize()
  • FoldCaptiveStakingV2.liquidityUnderManagement
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L234-L264

• ID-63
  Reentrancy in FoldCaptiveStakingV2.deposit(uint256,uint256,uint256):
  External calls:
  • collectFees()
    • token0.transfer(msg.sender,fee0Owed)
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
    • token1.transfer(msg.sender,fee1Owed)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
  • token0.transferFrom(msg.sender,address(this),amount0)
  • token1.transferFrom(msg.sender,address(this),amount1)
  • (liquidity,actualAmount0,actualAmount1) = positionManager.increaseLiquidity(params)
  • token0.transfer(msg.sender,amount0 - actualAmount0)
  • token1.transfer(msg.sender,amount1 - actualAmount1)
    State variables written after the call(s):
  • balances[msg.sender].amount += liquidity
    FoldCaptiveStakingV2.balances can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.balances
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.withdraw(uint128)
  • liquidityUnderManagement += uint256(liquidity)
    FoldCaptiveStakingV2.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStakingV2.claimInsurance(uint128)
  • FoldCaptiveStakingV2.collectFees()
  • FoldCaptiveStakingV2.collectRewards()
  • FoldCaptiveStakingV2.compound()
  • FoldCaptiveStakingV2.deposit(uint256,uint256,uint256)
  • FoldCaptiveStakingV2.initialize()
  • FoldCaptiveStakingV2.liquidityUnderManagement
  • FoldCaptiveStakingV2.withdraw(uint128)

src/FOLD_StakingV2.sol#L193-L231

• ID-64
  Reentrancy in FoldCaptiveStaking.claimInsurance(uint128):
  External calls:
  • collectPositionFees()
    • (amount0Collected,amount1Collected) = positionManager.collect(params)
  • collectRewards()
    • WETH9.transfer(msg.sender,rewardsOwed)
      State variables written after the call(s):
  • liquidityUnderManagement -= uint256(liquidity)
    FoldCaptiveStaking.liquidityUnderManagement can be used in cross function reentrancies:
  • FoldCaptiveStaking.claimInsurance(uint128)
  • FoldCaptiveStaking.collectFees()
  • FoldCaptiveStaking.collectRewards()
  • FoldCaptiveStaking.compound()
  • FoldCaptiveStaking.deposit(uint256,uint256,uint256)
  • FoldCaptiveStaking.initialize()
  • FoldCaptiveStaking.liquidityUnderManagement
  • FoldCaptiveStaking.withdraw(uint128)

src/FoldCaptiveStaking.sol#L358-L392

unused-return

Impact: Medium
Confidence: Medium

• ID-65
  FoldCaptiveStakingV2.initialize() ignores return value by token1.approve(address(positionManager),type()(uint256).max)

src/FOLD_StakingV2.sol#L77-L111

• ID-66
  FoldCaptiveStakingV2.initialize() ignores return value by token0.approve(address(positionManager),type()(uint256).max)

src/FOLD_StakingV2.sol#L77-L111

• ID-67
  FoldCaptiveStakingV2.initialize() ignores return value by (TOKEN_ID,liquidity,None,None) = positionManager.mint(params)

src/FOLD_StakingV2.sol#L77-L111

• ID-68
  FoldCaptiveStaking.initialize() ignores return value by token1.approve(address(positionManager),type()(uint256).max)

src/FoldCaptiveStaking.sol#L69-L103

• ID-69
  FoldCaptiveStaking.initialize() ignores return value by token0.approve(address(positionManager),type()(uint256).max)

src/FoldCaptiveStaking.sol#L69-L103

• ID-70
  FoldCaptiveStaking.initialize() ignores return value by (TOKEN_ID,liquidity,None,None) = positionManager.mint(params)

src/FoldCaptiveStaking.sol#L69-L103

pess-dubious-typecast

Impact: Medium
Confidence: High

• ID-71
  Dubious typecast in FoldCaptiveStaking.claimInsurance(uint128):
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})

src/FoldCaptiveStaking.sol#L358-L392

• ID-72
  Dubious typecast in FoldCaptiveStakingV2.claimInsurance(uint128):
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})

src/FOLD_StakingV2.sol#L366-L400

• ID-73
  Dubious typecast in TickMath.getTickAtSqrtPrice(uint160):
  uint256 => int256 casting occurs in log_2 = (int256(msb) - 128) << 64
  int256 => int24 casting occurs in tickLow = int24((log_sqrt10001 - 3402992956809132418596140100660247210) >> 128)
  int256 => int24 casting occurs in tickHi = int24((log_sqrt10001 + 291339464771989622907027621153398088495) >> 128)

src/libraries/TickMath.sol#L116-L271

• ID-74
  Dubious typecast in FoldCaptiveStakingV2.collectRewards():
  uint256 => uint128 casting occurs in balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)

src/FOLD_StakingV2.sol#L285-L294

• ID-75
  Dubious typecast in FoldCaptiveStaking.compound():
  uint256 => uint128 casting occurs in balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
  uint256 => uint128 casting occurs in balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)

src/FoldCaptiveStaking.sol#L226-L256

• ID-76
  Dubious typecast in FoldCaptiveStakingV2.compound():
  uint256 => uint128 casting occurs in balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
  uint256 => uint128 casting occurs in balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)

src/FOLD_StakingV2.sol#L234-L264

• ID-77
  Dubious typecast in FoldCaptiveStakingV2.withdraw(uint128):
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})

src/FOLD_StakingV2.sol#L298-L335

• ID-78
  Dubious typecast in TickMath.getSqrtPriceAtTick(int24):
  int256 => uint256 casting occurs in mask_getSqrtPriceAtTick_asm_0 = tick >>' 255
  uint256 => int256 casting occurs in tick >' 0

src/libraries/TickMath.sol#L50-L109

• ID-79
  Dubious typecast in FoldCaptiveStaking.withdraw(uint128):
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})
  uint256 => uint128 casting occurs in collectParams = INonfungiblePositionManager.CollectParams({tokenId:TOKEN_ID,recipient:address(this),amount0Max:uint128(amount0),amount1Max:uint128(amount1)})

src/FoldCaptiveStaking.sol#L290-L327

• ID-80
  Dubious typecast in FoldCaptiveStaking.collectFees():
  uint256 => uint128 casting occurs in balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
  uint256 => uint128 casting occurs in balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)

src/FoldCaptiveStaking.sol#L259-L274

• ID-81
  Dubious typecast in FoldCaptiveStaking.collectRewards():
  uint256 => uint128 casting occurs in balances[msg.sender].rewardDebt = uint128(rewardsPerLiquidity)

src/FoldCaptiveStaking.sol#L277-L286

• ID-82
  Dubious typecast in FoldCaptiveStakingV2.collectFees():
  uint256 => uint128 casting occurs in balances[msg.sender].token0FeeDebt = uint128(token0FeesPerLiquidity)
  uint256 => uint128 casting occurs in balances[msg.sender].token1FeeDebt = uint128(token1FeesPerLiquidity)

src/FOLD_StakingV2.sol#L267-L282