Potential Loss of Funds During a Pot Close Event
Summary
In the closePot function, when a pot is closed, there can be a difference between the sum of the claimant cuts and the real funds to be claimed.
Vulnerability Details
In the closePot function, when a pot is closed, since the claimantCut is calculated using the i_players.length variable, it can lead to a difference between the length of i_players and the length of claimants, resulting in a fund loss.
Let's say that for a pot of 50 tokens for Alice and 100 tokens for John the only claimant is Alice, once the pot is closed, from the 100 tokens left in the pot:
10 tokens will go for the manager cut.
90 tokens will be distributed to the claimants with the formula:
uint256 claimantCut = (remainingRewards - managerCut) / i_players.length;
So in this example, we have 100 tokens as remaining rewards, 10 tokens as manager cut, and 2 players in the pot. The claimant cut will be 45 tokens, but the remaining 45 tokens will be lost since there is only one claimant.
Impact
Loss of funds if there are players that never claimed their cut.
Tools Used
Manual Revision
Recommendations
Instead of using i_players.length use claimants.length to calculate the real claimant cut.
Lead Judging Commences
Incorrect distribution in closePot()
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.