Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Missing Total Lock Amount Check in LockManager::increaseLock

Dowsers

Description

The LockManager::increaseLock function allows users to increase their locked RAAC tokens amount to gain more voting power and rewards without changing the lock duration. The function implements a check for individual lock amount limits but lacks the verification of the maximum total locked amount, allowing the protocol's total locked tokens to exceed the designed maximum.

function increaseLock(
LockState storage state,
address user,
uint256 additionalAmount
) internal {
Lock storage lock = state.locks[user];
if (!lock.exists) revert LockNotFound();
if (lock.end <= block.timestamp) revert LockExpired();
// Maximum lock amount
if (lock.amount + additionalAmount > state.maxLockAmount) revert AmountExceedsLimit();
@> // Maximum total locked amount
@> // if (state.totalLocked + additionalAmount > state.maxTotalLocked) revert AmountExceedsLimit();
lock.amount += additionalAmount;
state.totalLocked += additionalAmount;
emit LockIncreased(user, additionalAmount);
}

Risk

Likelihood: Medium

  • Users continuously lock tokens to increase their voting power and rewards

  • The protocol reaches maxTotalLocked when many users participate in governance

  • The missing check allows unlimited total locks

Impact: High

  • Protocol's economic model breaks when total locked amount exceeds design limits

  • Exceeding maxTotalLocked breaks the voting power calculations and reward distributions

  • The governance system becomes unbalanced as the total voting power exceeds designed limits

Recommended Mitigation

function increaseLock(
LockState storage state,
address user,
uint256 additionalAmount
) internal {
Lock storage lock = state.locks[user];
if (!lock.exists) revert LockNotFound();
if (lock.end <= block.timestamp) revert LockExpired();
// Maximum lock amount
if (lock.amount + additionalAmount > state.maxLockAmount) revert AmountExceedsLimit();
- // Maximum total locked amount
- // if (state.totalLocked + additionalAmount > state.maxTotalLocked) revert AmountExceedsLimit();
+ // Enforce maximum total locked amount
+ if (state.totalLocked + additionalAmount > state.maxTotalLocked) revert AmountExceedsLimit();
lock.amount += additionalAmount;
state.totalLocked += additionalAmount;
emit LockIncreased(user, additionalAmount);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::increase doesn't check the maximum total locked amount

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::increase doesn't check the maximum total locked amount

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.