Core Contracts

Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Submission Details
Severity: medium
Valid

In the `veRAACToken::increase` function, users can easily pass the MAX_LOCK_AMOUNT

Summary

increase function is used to increase a users lock amount. The issue here is that there is no check to prevent the user from surpassing the MAX_LOCK_AMOUNT. The contract on checks that the amount is < MAX_LOCK_AMOUNT during lock during increase it doesnt do the same.

Vulnerability Details

path

function increase(uint256 amount) external nonReentrant whenNotPaused {
// Increase lock using LockManager
_lockState.increaseLock(msg.sender, amount); // <===== increases without checking if its greater than the max
_updateBoostState(msg.sender, locks[msg.sender].amount);
// Update voting power
LockManager.Lock memory userLock = _lockState.locks[msg.sender];
(int128 newBias, int128 newSlope) = _votingState.calculateAndUpdatePower(
msg.sender,
userLock.amount + amount,
userLock.end
);

Impact

Users or malicious users can pass the max_lock_amount check, giving them great power in governance

Tools Used

manual review

Recommendations

check the max_lock_amount agaisnt the users lock.amount + amount

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::increase doesn't check the maximum total locked amount

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.