Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Inadequate Delegation Controls Leading to Self-Delegation

0x23r0

Summary

The BoostController contract contains delegation mechanism that allow users to self-delegate boosts. These flaws undermine the protocol’s governance integrity and economic fairness by enabling users to amplify their influence beyond intended limits.

Vulnerability Details

The delegateBoost function lacks a check to prevent users from delegating boosts to themselves.delegateBoost(to, amount, duration) allows to to be the caller’s own address (msg.sender).

function delegateBoost(
address to,
uint256 amount,
uint256 duration
) external override nonReentrant {
if (paused()) revert EmergencyPaused();
if (to == address(0)) revert InvalidPool();
if (amount == 0) revert InvalidBoostAmount();
if (duration < MIN_DELEGATION_DURATION || duration > MAX_DELEGATION_DURATION)
revert InvalidDelegationDuration();
uint256 userBalance = IERC20(address(veToken)).balanceOf(msg.sender);
if (userBalance < amount) revert InsufficientVeBalance();
UserBoost storage delegation = userBoosts[msg.sender][to];
if (delegation.amount > 0) revert BoostAlreadyDelegated();
delegation.amount = amount;
delegation.expiry = block.timestamp + duration;
delegation.delegatedTo = to;
delegation.lastUpdateTime = block.timestamp;
emit BoostDelegated(msg.sender, to, amount, duration);
}

Impact

Users could dominate multiple pools or governance proposals by over-delegating their influence.

Tools Used

Manual Review

Recommendations

Add a check to ensure users cannot delegate boosts to themselves:

require(to != msg.sender, "Self-delegation disallowed");
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!