Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Incorrect values returned by `updateTotalWeight`

falendar

Summary

The updateTotalWeight function in BoostController returns zeros for totalWeight and votingPower because it queries them using the BoostController's own address which has no lock positions in veRAACToken.

Vulnerability Details

The function retrieves values using BoostController's address:

function updateTotalWeight() internal view returns (
uint256 totalWeight,
uint256 totalVotingPower,
uint256 votingPower
) {
return (
> veToken.getLockPosition(address(this)).amount,
veToken.getTotalVotingPower(),
> veToken.getVotingPower(address(this), block.timestamp)
);
}

Since BoostController has no mechanism to create lock positions in veRAACToken, this will always return zeros for totalWeight and votingPower, potentially affecting boost calculations.

Impact

High: Core boost calculation function returns incorrect values, likely affecting all boost-related functionality in the protocol.

Recommendations

The boost calculation architecture is broken. Review and fix the boost calculation architecture and ensure totalWeight and votingPower are used correctly and queried using the correct addresses.

Updates

Lead Judging Commences

inallhonesty Lead Judge 5 months ago
Submission Judgement Published
Validated
Assigned finding tags:

BoostController::updateTotalWeight queries its own nonexistent lock position and voting power when calculating boosts, resulting in zero values that break all boost calculations

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.