Submission Details
Severity:
writeCheckPoint not called during emergencyWithdraw
Summary
The emergency withdraw failed to set the checkPoint to zero.
Vulnerability Details
The emergencyWithdraw allow users to withdraw locked tokens before the expiry
function emergencyWithdraw() external nonReentrant {
if (emergencyWithdrawDelay == 0 || block.timestamp < emergencyWithdrawDelay)
revert EmergencyWithdrawNotEnabled();
LockManager.Lock memory userLock = _lockState.locks[msg.sender];
if (userLock.amount == 0) revert NoTokensLocked();
uint256 amount = userLock.amount;
uint256 currentPower = balanceOf(msg.sender);
delete _lockState.locks[msg.sender];
delete _votingState.points[msg.sender];
_burn(msg.sender, currentPower);
raacToken.safeTransfer(msg.sender, amount);
emit EmergencyWithdrawn(msg.sender, amount);
}
The problem with the current implementation is that it failed to call the writeCheckpoint which resets the voting power to zero, this will mean that even after withdrawing the user's voting is not resets to zero.
Impact
User voting is not resets even after withdrawing
Tools Used
Manual review
Recommendations
Call the writeCheckPoint in the emergencyWithdraw function.
Updates
Lead Judging Commences
inallhonesty 4 months ago
Submission Judgement Published Assigned finding tags:
veRAACToken::emergencyWithdraw doesn't update checkpoint - innacurate historical voting power, inconsistent state
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.