Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Fractal Protocol>Informational findings>Insufficient code documentation
GeneralOverview
Findings
High (2)
Medium (1)
Low (1)
Informational (4)Access Control eventsInternal inconsistenciesLack of documentationInsufficient code documentation
DiscussionNotable observations
Category: Business Logic

Insufficient code documentation

Informational Severity
Informational Impact
N/A Likelihood

Description

We found that the code quality unsatisfactory for certain functions, namely:

  • DateUtils.sol: _daysToDate

function _daysToDate(uint256 _days) internal pure returns (uint256 year, uint256 month, uint256 day) {
	int256 __days = int256(_days);
	int256 L = __days + 68569 + OFFSET19700101;
	
	int256 N = 4 * L / 146097;
	L = L - (146097 * N + 3) / 4;
	int256 _year = 4000 * (L + 1) / 1461001;
	L = L - 1461 * _year / 4 + 31;
	int256 _month = 80 * L / 2447;
	int256 _day = L - 2447 * _month / 80;
	L = _month / 11;
	_month = _month + 2 - 12 * L;
	_year = 100 * (N - 49) + _year + L;
	...

_daysToDate uses a lot of abstract math to converts days to a date.

  • DateUtils.sol: _daysFromDate

function _daysFromDate(uint256 year, uint256 month, uint256 day)
	internal pure returns (uint256 _days) {
	require(year >= 1970, “Error”);
	int _year = int(year);
	int _month = int(month);
	int _day = int(day);

	int __days = _day
		- 32075
		+ 1461 * (_year + 4800 + (_month - 14) / 12) / 4
		+ 367 * (_month - 2 - (_month - 14) / 12 * 12) / 12
		- 3 * ((_year + 4900 + (_month - 14) / 12) / 100) / 4
		- OFFSET19700101;

	_days = uint256(__days);
}

_daysFromDate uses a lot of optimized math to converts days to a date.

  • Vault.sol: Compute

function compute () public {
	...
	for (uint256 i = currentPeriod + 1; i <= newPeriod; i++) {
		_records[i].apr = _records[i - 1].apr;
		_records[i].totalDeposited = _records[i - 1].totalDeposited;

		uint256 diff = uint256(_records[i - 1].apr) * USDF_DECIMAL_MULTIPLIER * uint256(100) / uint256(365);
		_records[i].tokenPrice = _records[i - 1].tokenPrice + (diff / uint256(10000));
		_records[i].dailyInterest = _records[i - 1].totalDeposited * uint256(_records[i - 1].apr) / uint256(365) / uint256(100);
	}
	...
}

A lack of comments here renders this function difficult to understand.

Impact

Code maturity is very important in a code base, this is because commented out code and unused variables can result in increased complexity and confusion when developers have to modify the business logic.

Remediation

The issue has been acknowledged by Fractal.

Zellic © 2024Back to top ↑