Function collectReward
is calculating the rewards for the users eligible for a reward. However and underflow is possible.
uint256 amountRewards = (count / requiredMartenitsaTokens) - _collectedRewards[msg.sender];
is not using any checks preventing overflow/underflow.
Division: The line uint256 amountRewards = (count / requiredMartenitsaTokens) - _collectedRewards[msg.sender]; performs division to calculate the number of rewards to distribute. However, if count is less than requiredMartenitsaTokens, the result of the division will be zero.
Subtraction: Then, subtracting _collectedRewards[msg.sender] from this result might cause unexpected behavior. If _collectedRewards[msg.sender] is greater than the division result, it could result in a negative value, which is likely not the intended behavior.
To fix this, you should ensure that the division result is at least as large as _collectedRewards[msg.sender] before subtracting.
Manual review
Use openzeppelin safemath or add
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.