increase
function is used to increase a users lock amount. The issue here is that there is no check to prevent the user from surpassing the MAX_LOCK_AMOUNT. The contract on checks that the amount is < MAX_LOCK_AMOUNT during lock
during increase
it doesnt do the same.
Users or malicious users can pass the max_lock_amount check, giving them great power in governance
manual review
check the max_lock_amount agaisnt the users lock.amount + amount
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.