Uncapped Weekly Emission Setting
Summary
The setWeeklyEmission function allows the controller to set a new weekly emission rate. However, there is no validation to ensure that _weeklyEmission does not exceed a predefined MAX_WEEKLY_EMISSION limit, potentially allowing an excessively large emission rate.
Vulnerability Details
The function
setWeeklyEmissionaccepts_weeklyEmissionas a parameter and directly assigns it toperiodState.emissionwithout any upper limit checks.This could lead to unintended consequences, such as excessive token emissions that could disrupt the system’s economic balance.
Impact
Inflation risk: Without an upper bound, a large emission value could cause excessive token inflation, reducing token value.
System instability: If emissions are set too high, it could lead to unintended reward distributions, breaking incentive mechanisms.
Tools Used
Manual code review
Recommendations
-
Introduce a check to ensure
_weeklyEmissiondoes not exceed a predefinedMAX_WEEKLY_EMISSION:function setWeeklyEmission(uint256 _weeklyEmission) external onlyController {require(_weeklyEmission <= MAX_WEEKLY_EMISSION, "Exceeds maximum emission limit");periodState.emission = _weeklyEmission;emit EmissionUpdated(_weeklyEmission);}
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.