Possibly Wrong Implementation in `claimRewards`
Summary
In FeeCollector.sol, an internal function _updateLastClaimTime is defined in FeeCollector.sol#L555, but it is not used in the contract. It seems that this function should be invoked after claimRewards, which is defined in FeeCollector.sol#L199, but it is not being called anywhere in the relevant code.
Vulnerability Details
The _updateLastClaimTime function is likely intended to track the time of the user's last reward claim. However, it is not being called after claimRewards, meaning the contract does not update the user's last claim time when rewards are claimed. This may lead to inaccurate tracking of claim times and could potentially interfere with future reward calculations or any features that depend on this data.
Impact
The lack of updating the last claim time could cause incorrect tracking of the user's rewards, leading to issues such as incorrect reward calculations or user experience inconsistencies. If the function was intended for accurate reward claiming logic (e.g., for future reward claims or bonus calculations), its omission could lead to bugs or unintended behavior.
Tools Used
Manual code review.
Recommendations
To fix this issue, you should call _updateLastClaimTime after the rewards are successfully transferred in the claimRewards function. The modified code would look like this:
By including the _updateLastClaimTime call, the contract will correctly track the last time a user claimed rewards, improving the reliability of the reward system.
Lead Judging Commences
_updateLastClaimTime not properly used to track rewards claim time
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.