Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Valid

Double adding of amount lead to over adding of the newPower when increasing lock

ChainProof

Summary

The locked amount is added twice which will lead to over-calculation of the newPower when increasing lock.

Vulnerability Details

The increase allow users to increase their raac token locking amount in order to mint more veRAAC

function increase(uint256 amount) external nonReentrant whenNotPaused {
// Increase lock using LockManager
_lockState.increaseLock(msg.sender, amount);
_updateBoostState(msg.sender, locks[msg.sender].amount);
// Update voting power
LockManager.Lock memory userLock = _lockState.locks[msg.sender];
(int128 newBias, int128 newSlope) = _votingState.calculateAndUpdatePower(
msg.sender,
@> userLock.amount + amount,
userLock.end
);
// Update checkpoints
uint256 newPower = uint256(uint128(newBias));
_checkpointState.writeCheckpoint(msg.sender, newPower);
// Transfer additional tokens and mint veTokens
raacToken.safeTransferFrom(msg.sender, address(this), amount);
_mint(msg.sender, newPower - balanceOf(msg.sender));
emit LockIncreased(msg.sender, amount);
}

An issue with this implementation is that , when calculating the newPower it adds the amount on top of the already added amount during the lockState.increaseLock, this will lead to over minting of the veRAAC token.

Impact

Amount that's already added is readded again when calculating the newPower.

Tools Used

Manual review

Recommendations

Remove the + amount and just provide the amount because it was already updated during lockState.increaseLock.

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::increase doubles the voting power of users

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.