Submission Details
Severity:
No incentive or enforcement for users to call `FeeCollector.sol::collectFee()` function.
Summary
The purpose of
collectFee()function is to collect fee from users and store inFeeCollector.sol.The
FeeCollector.sol::collectFee()is external function and isn't interacting with any of protocol's other contract.so this function is intended to be called by users seperatily (not assciated with any deposit or withdraw) operation.
Users will not pay the fee, if they are not forced to do that.
Vulnerability Details
Flaw in current architechture,
Impact
FeeCollector.sol will lack suffiecint RAAC tokens, required for other operations.
Tools Used
Manual
Recommendations
Reconsider the architecture.
Updates
Lead Judging Commences
inallhonesty 7 months ago
Submission Judgement Published Assigned finding tags:
RAACToken::burn sends tax directly to FeeCollector without using collectFee(), causing tokens to bypass accounting and remain undistributed. `collectFee` is not used anywhere.
inallhonesty 7 months ago
Submission Judgement Published Assigned finding tags:
RAACToken::burn sends tax directly to FeeCollector without using collectFee(), causing tokens to bypass accounting and remain undistributed. `collectFee` is not used anywhere.
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420
USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.