Dria

Swan

NFTHardhat

21,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Risk of Premature Fund Withdrawal in LLMOracleCoordinator

yaioxy

Summary

The owner of the LLMOracleCoordinator contract is unable to withdraw funds partially, leading to a potential risk of prematurely withdrawing funds allocated for other users.

Vulnerability Details

In the LLMOracleCoordinator contract, when a user calls the request function, they transfer a totalFee to the contract. This fee consists of the platformFee, the fees for generators, and the fees for validators:

totalFee = platformFee +

(parameters.numGenerations * (generatorFee + (parameters.numValidations * validatorFee)));

After the response and validation phases (if applicable), the generatorFee and validatorFee are sent to the generators and validators, respectively. The contract will be left with platformFee + fees from generators and validators that weren't paid.

The withdrawPlatformFees function, callable only by the owner, is designed to withdraw all remaining funds, including the platformFee. This approach presents an issue: the owner may unintentionally withdraw funds designated for generators and validators if their fees haven’t yet been distributed. Since the function doesn’t allow partial withdrawals, the owner is forced to withdraw all available funds, including those allocated to other parties.

Since request calls are frequent and generation fees and validation fees take time to be distributed, the likelihood of the owner withdrawing funds without affecting other users is very low.

Additionally, the LLMOracleCoordinator contract doesn’t directly transfer funds; it increases the allowance. If the generators and validators haven’t withdrawn their tokens, the owner may unintentionally withdraw them.

Impact

The contract’s lack of partial withdrawal functionality creates a risk where the owner may unintentionally withdraw funds owed to generators and validators. This could result in financial loss for these users.

Tools Used

Manual Review

Recommendations

Implement a partial withdrawal mechanism that enables the owner to withdraw only the platformFee, while keeping the generator and validator fees reserved until fully distributed.
Consider adding a status check to ensure that fees for all completed requests are distributed before allowing the owner to withdraw platform fees.

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago

Submission Judgement Published

Validated

Assigned finding tags:

`withdrawPlatformFees` withdraws the entire balance

Prize pool breakdown

Total prize

21,000 USDC

nSLOC

1,034

20 USDC / LOC

High Medium

20,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.