Residual Funds Accumulation in Profit Distribution
Summary
An issue exists in the getUnsaved profit calculation that results in small residual amounts of profit not being claimable by users. This issue leads to a buildup of unallocated profit within the contract, which cannot be accessed by users or distributed accurately.
Vulnerability Details
The getUnsaved function calculates profits for each user by dividing based on a constant. Due to the nature of the calculation, small portions of profit that users are entitled to may not be included in their final claimable amount. Instead, these small residual amounts remain within the contract, where they accumulate as unclaimable funds.
This calculation leaves small amounts of profit in the contract for each user, as the calculation does not distribute every portion of profit precisely.
Impact
Over time, the residual funds left in the contract add up, leading to a significant amount of profit being withheld from users. This impacts the fairness and accuracy of profit distribution whereby each user's claim will consistently omit these residuals, impacting their total payout and since there is no way these profits can be claimed, the funds will be stuck in the contract forever.
Tools Used
Manual Review
Recommendations
Consider implementing a mechanism to track and reallocate these residual funds over time
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.