Submission Details
Severity:
`taxAmount` of RAAC is not burnt when `feeCollector` is zero
Summary
The RAACToken.burn() function burns the RAAC token of users and send a portion of the burning amount to feeCollector. However, taxAmount of RAAC is not burnt when feeCollector is zero due to incorrect implementation.
Vulnerability Details
The RAACToken.burn() function sends taxAmount of RAAC token to feeCollector. However, when feeCollector is zero it doesn't send it to feeCollector and also doesn't burn it. Therfore, taxAmount remains to user.
/**
* @dev Burns tokens from the caller's balance
* @param amount The amount of tokens to burn
*/
function burn(uint256 amount) external {
uint256 taxAmount = amount.percentMul(burnTaxRate);
_burn(msg.sender, amount - taxAmount);
if (taxAmount > 0 && feeCollector != address(0)) {
@> _transfer(msg.sender, feeCollector, taxAmount);
}
}
Impact
The full amount of user is not burnt.
Tools Used
Manual Review
Recommendations
The calculation of taxAmount needs to account for the possibility that feeCollector is zero.
/**
* @dev Burns tokens from the caller's balance
* @param amount The amount of tokens to burn
*/
function burn(uint256 amount) external {
- uint256 taxAmount = amount.percentMul(burnTaxRate);
+ uint256 taxAmount = feeCollector != address(0) ? amount.percentMul(burnTaxRate) : 0;
_burn(msg.sender, amount - taxAmount);
if (taxAmount > 0 && feeCollector != address(0)) {
_transfer(msg.sender, feeCollector, taxAmount);
}
}
Updates
Lead Judging Commences
inallhonesty 6 months ago
Submission Judgement Published Assigned finding tags:
RAACToken::burn incorrectly deducts tax amount but doesn't burn or transfer it when feeCollector is address(0), preventing complete token burns
inallhonesty 6 months ago
Submission Judgement Published Assigned finding tags:
RAACToken::burn incorrectly deducts tax amount but doesn't burn or transfer it when feeCollector is address(0), preventing complete token burns
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420
USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.