Submission Details
Severity:
`BaseGauge::getRewardPerToken` has wrong value in calculation
Vulnerability Details
BaseGauge::getRewardPerToken#L574 has wrong value in the calculation.
/**
* @notice Calculates current reward per token
* @return Current reward per token value
*/
function getRewardPerToken() public view returns (uint256) {
if (totalSupply() == 0) {
return rewardPerTokenStored;
}
return rewardPerTokenStored + ( 👇👇
(lastTimeRewardApplicable() - lastUpdateTime) * rewardRate * 1e18 / totalSupply()
);
}
Impact
It should use BIPS for calculation.
BIPS 10000 and 1e18 is not the same.
Tools Used
Manual
Recommendations
Use BIPS for calculation. Like 10000
/**
* @notice Calculates current reward per token
* @return Current reward per token value
*/
function getRewardPerToken() public view returns (uint256) {
if (totalSupply() == 0) {
return rewardPerTokenStored;
}
return rewardPerTokenStored + (
- (lastTimeRewardApplicable() - lastUpdateTime) * rewardRate * 1e18 / totalSupply()
+ (lastTimeRewardApplicable() - lastUpdateTime) * rewardRate * 10000 / totalSupply()
);
}
Updates
Lead Judging Commences
inallhonesty about 1 month ago
Submission Judgement Published Assigned finding tags:
BaseGauge reward calculations divide by 1e18 despite using 1e4 precision weights, causing all user weights to round down to zero and preventing reward distribution
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.