Incorrect Supply Check in `veRAACToken.lock()` Leads to Unnecessary Rejections and Supply Cap Violations
Summary
The lock() function in veRAACToken.sol incorrectly assumes a 1:1 relationship between locked RAAC tokens (_lockState.totalLocked) and veTokens (totalSupply()). This could block RAAC locking too early when totalSupply() is nearing MAX_TOTAL_SUPPLY.
Vulnerability Details
The current condition:
🚨 Incorrectly assumes that:
Locking 1 RAAC always mints 1 veToken ❌
Total veTokens (
totalSupply()) are equal to_lockState.totalLocked❌
As a matter of fact, veTokens are minted using this formula:
Since
duration / MAX_LOCK_DURATIONis between 1/4 and 1, because of the following constraint where MIN_LOCK_DURATION = 365 days (1 year) and MAX_LOCK_DURATION = 1460 days (4 years):
totalSupply()is 0.25× to 1×_lockState.totalLocked
Impact
Users cannot lock RAAC even when veToken supply after calling lock() is below MAX_TOTAL_SUPPLY, reducing participation. Hence, less veTokens than expected could be minted, never reaching MAX_TOTAL_SUPPLY.
Tools Used
Manual
Recommendations
Modify the condition in lock() to ensure it correctly accounts for veToken generation based on duration:
Lead Judging Commences
Incorrect `MAX_TOTAL_SUPPLY` check in the `veRAACToken::lock/extend` function of `veRAACToken` could harm locking functionality
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.