Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

MarketCreator:participateInMarket() doesn´t consider FOT tokens

0xlrivo

Summary

MarketCreator:participateInMarket() doesn´t consider FOT tokens

Vulnerability Details

As we can see the function credits the depositor with the exact amount specified, assumption that can be broken if the quoteAsset is a FOT token:

function participateInMarket(uint256 marketId, uint256 amount) external nonReentrant {
// ...
market.totalDeposits += amount; // <@
UserPosition storage position = userPositions[marketId][msg.sender];
if (position.exists) {
position.amount += amount; // <@
position.lockEndTime = block.timestamp + market.lockDuration;
} else {
userPositions[marketId][msg.sender] = UserPosition(amount, block.timestamp + market.lockDuration, true); // <@
}
// will transfer less than amount if quoteAsset is a FOT token
market.quoteAsset.safeTransferFrom(msg.sender, address(this), amount);
emit Participated(marketId, msg.sender, amount);
}

Additionally, redemptions may fail because they also try to transfer back the registered amount, when in reality they've received less.

Impact

  • User will receive slightly more rewards since they're computed on the credited amount

  • Redemptions may fail

Tools Used

  • Manual Review

Recommendations

Either make sure owner can't create markets with FOT tokens or implement logic to get the actual deposited amount by comparing the token's balance before and after the transfer

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Out of scope

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.