No checks to make sure totalReward is equal to the total amount of reward in the rewards array in ContestManager::createContest
Summary
The issue identified pertains to the createContest function, which takes an array of players, an array of corresponding rewards, a token, and a total rewards amount. The function does not currently verify whether the sum of the rewards in the rewards array matches the specified totalRewards.
Vulnerability Details
The createContest function is responsible for initializing a new contest by accepting the following parameters:
players: An array containing the addresses of the participants.rewards: An array containing the reward amounts corresponding to each player.token: The ERC-20 token to be used for the rewards.totalRewards: The total amount of tokens allocated for the contest.
However, the function lacks a critical check to ensure that the sum of all values in the rewards array equals totalRewards. This oversight can lead to discrepancies in the distribution of rewards, where:
The sum of rewards in the
rewardsarray could be less thantotalRewards, leaving unallocated tokens.The sum could exceed
totalRewards, resulting in an over-commitment of tokens that the protocol may not be able to fulfill.
Impact
Financial Loss: Inconsistent reward distribution could lead to financial losses either for the participants (if rewards are under-allocated) or for the protocol (if over-allocated).
Tools Used
Manual Review
Recommendations
Add a check to ensure that the sum of all values in the rewards array equals totalRewards
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.