Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Valid

`totalSupply` is not overriden which is problematic in voting escrows

s4muraii77

Summary

totalSupply is not overriden which is problematic in voting escrows

Vulnerability Details

Calling totalSupply in a voting escrow contract is supposed to return the voting power. Here, we have this code:

function getTotalVotingPower() external view override returns (uint256) {
return totalSupply();
}

The issue is that totalSupply() is not overriden, it is simply inherited from ERC20 so this will return the total minted tokens. This is extremely problematic, if we take a look at Curve's voting escow implementation, we can see how it should work:

def totalSupply(t: uint256 = block.timestamp) -> uint256:
"""
@notice Calculate total voting power
@dev Adheres to the ERC20 `totalSupply` interface for Aragon compatibility
@return Total voting power
"""
_epoch: uint256 = self.epoch
last_point: Point = self.point_history[_epoch]
return self.supply_at(last_point, t)

The function is used in many places across the protocol, thus calculations using it will be completely incorrect.

Impact

Completely wrong calculations, state and so on.

Tools Used

Manual Review

Recommendations

Override the function and implement functionality which factors in decay and so on.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Time-Weighted Average Logic is Not Applied to Reward Distribution in `FeeCollector`

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Time-Weighted Average Logic is Not Applied to Reward Distribution in `FeeCollector`

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!