Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Retroactive of Emission Rate in `RAACMinter::tick()` Function

0x23r0

Summary

The RAACMinter contract’s tick() function updates the emission rate before minting tokens for elapsed blocks. As a result, the new emission rate is applied retroactively to all blocks since the last update. This flaw causes over-minting if the rate increases or under-minting if it decreases, leading to inaccurate token distribution.

Vulnerability Details

The current implementation of the tick() function follows these steps:

  1. Emission Rate Update:
    The function checks if the emission update interval has passed and calls updateEmissionRate(). This updates the emission rate to a new value.

  2. Token Minting:
    The function then calculates the number of blocks elapsed since the last update:

    uint256 blocksSinceLastUpdate = currentBlock - lastUpdateBlock;

    It uses the newly updated emissionRate to compute the tokens to mint:

    uint256 amountToMint = emissionRate * blocksSinceLastUpdate;

    Consequently, tokens for all blocks since the last update are minted using the new rate.

Proof-of-Concept (POC)

  1. Assumptions:

    • Previous emission rate: 1 token per block.

    • New emission rate (after update): 2 tokens per block.

    • Elapsed blocks since the last update: 10 blocks.

  2. Expected Behavior:
    Tokens minted for the 10 blocks should be:

    1 token/block * 10 blocks = 10 tokens

  3. Actual Behavior:
    Since the new rate is applied retroactively, tokens minted are:

    2 tokens/block * 10 blocks = 20 tokens

  4. Result:
    Over-minting occurs, as the new emission rate is incorrectly applied to blocks that should have been rewarded at the previous, lower rate. Conversely, if the new rate were lower than the previous one, under-minting would occur.

Impact

  • Retroactively applying the updated emission rate results in incorrect token distributions. Over-minting inflates the supply, while under-minting reduces rewards.

    The flawed token emission process can destabilize the protocol’s tokenomics, affecting incentives, market dynamics, and stakeholder trust.

Tools Used

Manual Review

Recommendation

Modify the tick() function to first mint tokens using the current emission rate for elapsed blocks and then update the emission rate afterward. This ensures that past blocks are rewarded based on the rate in effect during those blocks. For example:

function tick() external nonReentrant whenNotPaused {
- if (emissionUpdateInterval == 0 || block.timestamp >= lastEmissionUpdateTimestamp + emissionUpdateInterval) {
- updateEmissionRate();
- }
uint256 currentBlock = block.number;
uint256 blocksSinceLastUpdate = currentBlock - lastUpdateBlock;
if (blocksSinceLastUpdate > 0) {
uint256 amountToMint = emissionRate * blocksSinceLastUpdate;
if (amountToMint > 0) {
excessTokens += amountToMint;
lastUpdateBlock = currentBlock;
raacToken.mint(address(stabilityPool), amountToMint);
emit RAACMinted(amountToMint);
}
}
// Update the emission rate after minting
+ if (emissionUpdateInterval == 0 || block.timestamp >= lastEmissionUpdateTimestamp + emissionUpdateInterval) {
+ updateEmissionRate();
+ }
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RAACMinter tick applies new emission rates retroactively to past blocks by updating rate before minting tokens for previous period

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RAACMinter tick applies new emission rates retroactively to past blocks by updating rate before minting tokens for previous period

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.