Submission Details
Severity:
`LibIncentive.fracExp()` omits one case.
Title
LibIncentive.fracExp() omits one case.
Github link
Summary
LibIncentive.fracExp() omits one case.
Vulnerability Details
fracExp() returns the scaled sunrise reward according to secondsLate.
File: LibIncentive.sol
63: function fracExp(
64: uint256 beans,
65: uint256 secondsLate
66: ) internal pure returns (uint256 scaledSunriseReward) {
...
400: } else if (secondsLate <= 240) {
...
440: if (secondsLate <= 238) { //@audit missing 239~240
441: return _scaleReward(beans, 10_677_927);
442: }
443: } else if (secondsLate <= 270) {
444: if (secondsLate <= 242) {
445: return _scaleReward(beans, 11_111_494);
446: }
But while checking multiple cases, it doesn't return a proper result when secondsLate is between 239 and 240.
So fracExp() will return scaledSunriseReward = 0 in this case and users might get no rewards after calling sunrise().
Impact
Users wouldn't get rewards after calling sunrise().
Tools Used
Manual Review
Recommendations
fracExp() should have one more case for secondsLate of (238, 240).
Updates
Lead Judging Commences
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
LibIncentive misses `240` case
Prize pool breakdown
Total prize
250,000 USDC
nSLOC
12,28520 USDC / LOC
220,000 USDC
10,000 USDC
20,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.