Submission Details
Severity:
updateFeeType can directly impact undistributed fees retroactively
Description
The updateFeeType function in FeeCollector immediately changes fee distribution parameters for all undistributed fees, regardless of when they were collected.
function updateFeeType(uint8 feeType, FeeType calldata newFee) external override {
feeTypes[feeType] = newFee;
}
function _calculateDistribution(uint256 totalFees) internal view returns (uint256[4] memory shares) {
for (uint8 i = 0; i < 8; i++) {
FeeType memory feeType = feeTypes[i]; // Uses current fee configuration
totalCollected += feeAmount;
// Calculate shares using current feeType
}
}
This allows fee parameters to be changed before distribution, breaking the expected distribution scheme that was in place when fees were collected.
Recommendation
Track fee configurations with collected fees:
struct CollectedFee {
uint256 amount;
FeeType feeConfig;
}
mapping(uint8 => CollectedFee[]) public collectedFees;
Or force distribution of existing fees before allowing fee type updates:
function updateFeeType(uint8 feeType, FeeType calldata newFee) external {
if(_calculateTotalFees() > 0) revert UndistributedFees();
feeTypes[feeType] = newFee;
}
Updates
Lead Judging Commences
inallhonesty 3 months ago
Submission Judgement Published Assigned finding tags:
FeeCollector::updateFeeType applies new distribution parameters retroactively to already collected fees, allowing governance to change expected distribution outcomes before execution
inallhonesty 3 months ago
Submission Judgement Published Assigned finding tags:
FeeCollector::updateFeeType applies new distribution parameters retroactively to already collected fees, allowing governance to change expected distribution outcomes before execution
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.