Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Incorrect Excess Token Accounting in Minter Contract

mahdikarimi

Summary

The mintRewards function in the Minter contract incorrectly assumes that the excessTokens variable represents actual tokens held in the contract. However, the tick function updates excessTokens while transferring tokens to the Stability Pool, leading to a scenario where mintRewards attempts to transfer excess tokens but transaction reverts due to insufficient balance.

Vulnerability Details

  1. The tick function is responsible for minting reward tokens for the Stability Pool based on the emission rate.

  2. It updates excessTokens with the amount of tokens to be minted and then transferring them to the Stability Pool, it means contract balance is not updated despite that excessToken variable has been updated.

  3. The mintRewards function attempts to use excessTokens to transfer tokens before minting new ones. However, since contract doesn't have as much as excessToken balance, the transfer function reverts.

  4. If mintRewards tries to transfer excessTokens and the contract does not have a sufficient balance, the transaction reverts.

Root Cause

  • The tick function incorrectly increments excessTokens while contract balance is not added.

  • The mintRewards function assumes that excessTokens reflects actual token balance.

Impact

  • The mintRewards function fails when attempting to transfer excessTokens, causing reward distribution to break.

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RAACMinter wrong excessTokens accounting in tick function

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RAACMinter wrong excessTokens accounting in tick function

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.