Submission Details
Severity:
delegations don't work
Summary
delegations don't work
Vulnerability Details
delegateBoost does not work as it doesn't delegate anything to anyone. It uses userBoosts map to increase userBoosts[msg.sender][to] balances
// This function is useless as it doesn't actually increase the user boost
// also this map - userBoosts is for `[user][pool]`, not `[user][to]`
UserBoost storage delegation = userBoosts[msg.sender][to];
if (delegation.amount > 0) revert BoostAlreadyDelegated();
However that map is meant to be used by pools where it's userBoosts[msg.sender][pool], whihc can be clearly seen from updateUserBoost
function updateUserBoost(address user, address pool) external override nonReentrant whenNotPaused {
if (paused()) revert EmergencyPaused();
if (user == address(0)) revert InvalidPool();
if (!supportedPools[pool]) revert PoolNotSupported();
UserBoost storage userBoost = userBoosts[user][pool];
PoolBoost storage poolBoost = poolBoosts[pool];
Impact
Boost delegations are not recorded properly
They are also never used in math/reward calculations, there is no point in having them.
Tools Used
Manual review
Recommendations
Change that mechanic so it will record boosts in their own map and use them.
Updates
Lead Judging Commences
inallhonesty 7 months ago
Submission Judgement Published Assigned finding tags:
BoostController's delegation system fundamentally broken due to missing pool associations, treating recipient addresses as pools and never properly updating pool boost metrics
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420
USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.