Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Design flaw with emergencyWithdraw()

oxaudron

Summary

The emergencyWithdraw() design flow doesn't seem valid due to the following reason

  1. It doesn't update the checkpoint states

  2. Also if someone is withdrawing their funds with emergency there should be fee/penalty mechanism implemented, that will ensure the stability of the system.

Vulnerability Details

emergencyWithdraw is same as withdraw function, the only difference is just that the withdraw function depends on time period specified in userLock.end. And in the emergencyWithdraw the time period specified is that of emergencyWithdrawDelay and also emergencyWithdrawDelay should be set with the help of enableEmergencyWithdraw.
The issue in the design is that :

_checkpointState.writeCheckpoint(msg.sender, 0);

However this doesn't exist in emergencyWithdraw()

  • Also the emergencyWithdraw should charge extra fees, because it will effect the stability of the system. However it's not the case.

Impact

  • Discrepancy in states

  • Ability to cause instability to the system

Tools Used

Manual Review

Recommendations

  • Add the following line to emergencyWithdraw :

+ _checkpointState.writeCheckpoint(msg.sender, 0);

  • Implement penalty/fee system for emergencyWithdraw

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::emergencyWithdraw doesn't update checkpoint - innacurate historical voting power, inconsistent state

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!