Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Inconsistent Fund Flow Causes Redemption Failure in ZENO Contract

0x23r0

Summary

The Auction contract transfers USDC from buyers directly to a designated business address, while the ZENO contract's redeem functions rely on the USDC balance held within the ZENO contract itself. This misalignment results in redemption failures, as the ZENO contract never receives the USDC needed to redeem tokens.

Vulnerability Details

Fund Flow in Auction Contract:
In the buy function of the Auction contract, when a user purchases ZENO tokens, the cost is calculated and the USDC is transferred from the buyer to the business address:

uint256 cost = price * amount;
require(usdc.transferFrom(msg.sender, businessAddress, cost), "Transfer failed");
Consequently, all USDC collected in the auction goes directly to the businessAddress.
Redemption Logic in ZENO Contract:
The ZENO contract's redeem and redeemAll functions expect the contract to hold sufficient USDC funds:

USDC.safeTransfer(msg.sender, amount);
Since the USDC is not stored within the ZENO contract (it is sent to the business address), any attempt to redeem ZENO tokens will fail due to insufficient USDC balance.

Proof-of-Concept (POC)

Auction Purchase:
- A buyer purchases ZENO tokens by calling buy(amount).
- The contract transfers USDC from the buyer to the business address.
USDC Distribution:
- All USDC funds end up in the businessAddress.
- The ZENO contract, however, does not receive any USDC during this process.
Redemption Attempt:
- When the buyer later calls redeem(amount) on the ZENO contract (after maturity), the function attempts:
  USDC.safeTransfer(msg.sender, amount);
- Since the ZENO contract's USDC balance is zero, the transfer fails, causing the redemption to revert.

Impact

Users are unable to redeem their ZENO tokens for USDC, which undermines the intended economic mechanism of the auction.
Buyers who acquire ZENO tokens during the auction will not be able to realize their value through redemption, potentially causing financial loss.

Failure in the redemption process can lead to a loss of confidence in the protocol and discourage future participation in auctions.

Tools Used

Manual Review

Recommendations

Reconfigure the fund flow so that the USDC received from buyers is forwarded to or held by the ZENO contract, ensuring that the redeem functions can access the necessary funds. Alternatively, modify the redemption logic to source USDC from the business address or another designated fund source.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!