Incorrect implementation of _clampWeights will cause weights to be amplified.
Summary
Incorrect implementation of _clampWeights will cause weights to be amplified.
Vulnerability Details
In function _clampWeights, the sumOtherWeights is calculated wrongly, which will cause the _weights to be amplified. A specific example is when only one weight is less than absoluteMin, and only one weight is greater than absoluteMax, proportionalRemainder will be equal to (1-absoluteMin)/absoluteMax which may be larger than 1, e.g. weights = [0.2e18, 0.2e18, 0.1e18, 0.5e18] and absoluteMin = 0.2e18, absoluteMax = 0.4e18. Then proportionalRemainder = 0.8/0.4 = 2, sofinal weights will be [0.4e18, 0.4e18, 0.2e18, 0.8e18], which is a total mistake.
Impact
Weights will be calculated wrongly.
Tools Used
None
Recommendations
The correct way to calculate sumOtherWeights is to add all weights greater than or equal to absoluteMin.
Lead Judging Commences
finding_clampWeights_normalizeWeightUpdates_incorrect_calculation_of_sumOtherWeights_proportionalRemainder
Likelihood: Medium/High, when a weight is above absoluteMax. Impact: Low/Medium, weights deviate much faster, and sum of weights also.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.