Submission Details
Severity: high
Valid`closeBidTaker` uses `makerInfo.tokenAddress` for point token update making users to not receive their points
Updates
Lead Judging Commences
Submission Judgement Published
Validated
Assigned finding tags:
finding-DeliveryPlace-settleAskTaker-closeBidTaker-wrong-makerinfo-token-address-addToken-balance
Valid high severity, In `settleAskTaker/closeBidTaker`, by assigning collateral token to user balance instead of point token, if collateral token is worth more than point, this can cause stealing of other users collateral tokens within the CapitalPool contract, If the opposite occurs, user loses funds based on the points they are supposed to receive
Prize pool breakdown
Total prize
30,000 USDC
nSLOC
1,22924 USDC / LOC
High Medium
25,000 USDC
Low
2,750 USDC
Judges
2,250 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Community Judging
Submissions are being reviewed by the community.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.