Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

In veRAACToken.sol, increase() function does not check that maximum total RAAC tokens locked is reached

0xgremlincat

Summary

In veRAACToken.sol, increase()function adds more tokens to an existing lock without changing the unlock time. However, the function does not check that the added RAAC tokens will result in hitting the defined maxTotalLockedvalue.

Vulnerability Details

function increase(uint256 amount) external nonReentrant whenNotPaused {
// Increase lock using LockManager
_lockState.increaseLock(msg.sender, amount);
_updateBoostState(msg.sender, locks[msg.sender].amount);

In the code snippet above, the increase()function calls _lockState.increaseLock()internally. In this function, the line to check whether the additional RAAC amount added will result in reaching the maxTotalLockedvalue, is commented out in line 13 below.

function increaseLock(
LockState storage state,
address user,
uint256 additionalAmount
) internal {
Lock storage lock = state.locks[user];
if (!lock.exists) revert LockNotFound();
if (lock.end <= block.timestamp) revert LockExpired();
// Maximum lock amount
if (lock.amount + additionalAmount > state.maxLockAmount) revert AmountExceedsLimit();
// Maximum total locked amount
// if (state.totalLocked + additionalAmount > state.maxTotalLocked) revert AmountExceedsLimit();

Impact

The maximum total RAAC tokens allowed to be locked is infinite.

Tools Used

Manual

Recommendations

Include this line: if (state.totalLocked + additionalAmount > state.maxTotalLocked) revert AmountExceedsLimit();in _lockState.increaseLock()

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::increase doesn't check the maximum total locked amount

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!