Submission Details
Severity:
The validation logic of MAX_TOTAL_SUPPLY is incorrect
Summary
When user interact with veRAACToken::lock deposit raacToken to get voting power , MAX_TOTAL_SUPPLY is checked. However protocol use `amout` as increased supply.
Vulnerability Details
function lock(uint256 amount, uint256 duration) external nonReentrant whenNotPaused {
if (amount == 0) revert InvalidAmount();
if (amount > MAX_LOCK_AMOUNT) revert AmountExceedsLimit();
if (totalSupply() + amount > MAX_TOTAL_SUPPLY) revert TotalSupplyLimitExceeded();
if (duration < MIN_LOCK_DURATION || duration > MAX_LOCK_DURATION)
revert InvalidLockDuration();
`totalSupply() + amount` is compare with MAX_TOTAL_SUPPLY to ensure not exceed the max supply.
// Calculate initial voting power
(int128 bias, int128 slope) = _votingState.calculateAndUpdatePower(
msg.sender,
amount,
unlockTime
);
// Update checkpoints
uint256 newPower = uint256(uint128(bias));
_checkpointState.writeCheckpoint(msg.sender, newPower);
// Mint veTokens
_mint(msg.sender, newPower);
emit LockCreated(msg.sender, amount, unlockTime);
}
the amount need to be convert to newPower via `calculateAndUpdatePower` which is less than amount if duration is not the max 1460 days
Thus above validation is incorrect
Impact
calculationn error
Tools Used
foundry
Recommendations
add `newPower ` to totalSupply instead of amount
Updates
Lead Judging Commences
inallhonesty 6 months ago
Submission Judgement Published Assigned finding tags:
Incorrect `MAX_TOTAL_SUPPLY` check in the `veRAACToken::lock/extend` function of `veRAACToken` could harm locking functionality
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.