Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

veRAACToken.sol::getLockedBalance() and veRAACToken.sol::getLockEndTime() will always return 0

tamer

Summary

veRAACToken.sol::getLockedBalance() and veRAACToken.sol::getLockEndTime() are using the locks mapping to return the values of the lockedBalance and it's endTime, but the locks mapping is never been set/used, resulting in always returning 0.

Vulnerability Details

Users that make call to this functions will get a 0 value in return, instead of the real values.
The locks mapping is never updated or set to any value which results in that this two functions to always return 0.

/**
* @notice Gets the amount of RAAC tokens locked by an account
* @dev Returns the raw locked token amount without time-weighting
* @param account The address to check
* @return The amount of RAAC tokens locked by the account
*/
function getLockedBalance(address account) external view returns (uint256) {
// @audit-partOne this will always return 0
// consider using _lockState.locks[account].amount
return locks[account].amount;
}
/**
* @notice Gets the lock end time for an account
* @dev Returns the timestamp when the lock expires
* @param account The address to check
* @return The unix timestamp when the lock expires
*/
function getLockEndTime(address account) external view returns (uint256) {
// @audit-partTwo this will always return 0
// consider using _lockState.locks[account].end
return locks[account].end;
}

Impact

Users who call this function will always receive 0, leading to misleading information about their locked tokens or the lock end time.

POC with instructions How to run the test:

  1. Add the test inside test/unit/core/tokens/veRAACToken.test.js

  2. Run this to execute the test: npx hardhat test --grep "LOCK POCS"

describe("LOCK POCS", () => {
it("should not always return 0 when calling getLockedBalance() and getLockEndTime(), but they do", async () => {
// npx hardhat test --grep "LOCK POCS"
// i am not expert with hardhat tests so i cannot make it work with
// npx hardhat test --grep "should not always return 0 when calling getLockedBalance() and getLockEndTime(), but they do"
const amount = ethers.parseEther("1000");
const duration = 365 * 24 * 3600; // 1 year
await veRAACToken.connect(users[0]).lock(amount, duration);
// we check if both functions return 0
expect(await veRAACToken.connect(users[0]).getLockedBalance(users[0])).to.be.equal(0);
expect(await veRAACToken.connect(users[0]).getLockEndTime(users[0])).to.be.equal(0);
// check that the values that should be returned are not 0
const lockPosition = await veRAACToken.connect(users[0]).getLockPosition(users[0]);
expect(lockPosition.amount).to.be.gt(0);
expect(lockPosition.end).to.be.gt(0);
expect(lockPosition.power).to.be.gt(0);
});
});

Tools Used

Manual

Recommendations

function getLockedBalance(address account) external view returns (uint256) {
- return locks[account].amount;
+ return _lockState.locks[account].amount;
}
function getLockEndTime(address account) external view returns (uint256) {
- return locks[account].end;
+ return _lockState.locks[account].end;
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::getLockEndTime and getLockedBalance returns 0 by reading from unused locks mapping instead of _lockState, making lock expiry times unavailable to clients

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::getLockEndTime and getLockedBalance returns 0 by reading from unused locks mapping instead of _lockState, making lock expiry times unavailable to clients

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!