MyCut
First Flight #23
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Pot: closePot sends funds to ContestManager.sol and tokens are stuck

trooper

Summary

When calling closePot the function calculates the managers cut and sends it to the msg.sender. As this is a onlyOwner function and the ContestManger.sol is used to deploy pot's, the msg.sender is the ContestManger.sol. He receives the tokens and real owner never gets them.

Vulnerability Details

As the msg.sender inside of the closePot always will be the ContestManger.sol, that contract receives the manager cut and real owner never gets them, as they are stuck in the ContestManger.sol contract.

Impact

The manger will lose his cut and the tokens are stuck inside the ContestManager.sol contract.

Tools Used

manual review

Recommendations

Consider updating the closePot function to send the manager cut to the owner of the ContestManager.sol contract like so:

--- a/Pot.sol.orig
+++ b/Pot.sol
@@ -52,7 +52,7 @@ contract Pot is Ownable(msg.sender) {
}
if (remainingRewards > 0) {
uint256 managerCut = remainingRewards / managerCutPercent;
- i_token.transfer(msg.sender, managerCut);
+ i_token.transfer(Ownable(msg.sender).owner(), managerCut);
uint256 claimantCut = (remainingRewards - managerCut) / i_players.length;
for (uint256 i = 0; i < claimants.length; i++) {
Updates

Lead Judging Commences

equious Lead Judge 11 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Owner's cut is stuck in ContestManager

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.