`MAX_TOTAL_SUPPLY` can be bypassed of `veRAACToken`.
Summary
The function veRAACToken::increase allows users to increase their locked RAAC tokens and consequently their voting power. However, it does not implement a check to ensure that the total supply does not exceed the MAX_TOTAL_SUPPLY limit. This bypasses the supply constraints enforced in the lock function.
Vulnerability Details
In the function veRAACToken::lock, a total supply check ensures that the total supply of locked tokens does not exceed MAX_TOTAL_SUPPLY:
However, the function veRAACToken::increase does not have a similar total supply check. This omission allows the total locked supply to exceed MAX_TOTAL_SUPPLY, potentially leading to governance inflation and an unbounded increase in voting power.
Key Issue in Code:
Lack of total supply validation in
veRAACToken::increase.The function
_lockState::increaseLockcontains some validation checks, but it does not verify that total supply remains within limits.
Impact
Bypassing the maximum total supply constraint, allowing users to increase locked tokens indefinitely.
Governance power inflation, leading to unfair voting dynamics.
Potential economic manipulation, as users could exceed expected supply constraints.
Tools Used
Manual review
Recommendations
Add a total supply check in
veRAACToken::increasesimilar tolock.Modify
_lockState::increaseLockto include:if (totalSupply() + amount > MAX_TOTAL_SUPPLY) revert TotalSupplyLimitExceeded();
Lead Judging Commences
veRAACToken::increase doesn't check the token supply, making it possible to mint over the MAX
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.