Incorrect Total Supply Check in lock Function
Summary
The lock function in the veRAACToken contract is designed to allow users to lock RAAC tokens and mint veRAAC tokens representing voting power. However, there is a critical issue in the total supply check:
The function checks if
totalSupply() + amount > MAX_TOTAL_SUPPLY, whereamountis the number of RAAC tokens being locked.However, the actual amount minted as veRAAC tokens is the voting power, which is different from the token amount.
The check should be
totalSupply() + newPower > MAX_TOTAL_SUPPLY.
Vulnerability Details
The voting power is calculated based on the lock duration and is often less than the locked token amount.
The issue arises because the total supply check compares the locked token amount (amount) + totalSupply() of veRAAC tokens. However, the actual amount minted as veRAAC tokens is the voting power. Since duration is often less than MAX_LOCK_DURATION, the voting power is usually less than the locked token amount. This discrepancy causes the total supply check to fail even when the total supply of veRAAC tokens is within the limit.
Impact
Incorrect check prevent users from locking tokens even when the total supply of veRAAC tokens is within the limit.
Tools Used
Manaul
Recommendations
Compare the total supply of veRAAC tokens with the minted voting power instead of the locked token amount.
Lead Judging Commences
Incorrect `MAX_TOTAL_SUPPLY` check in the `veRAACToken::lock/extend` function of `veRAACToken` could harm locking functionality
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.