Submission Details
Severity:
Incorrect Teacher Wage Distribution
Summary
A critical flaw exists in the teacher wage distribution logic that could cause fund exhaustion and failed transactions when multiple teachers are present.
Vulnerability Details
function graduateAndUpgrade(address _levelTwo, bytes memory) public onlyPrincipal {
..................
// wrong allocates 35% to each teacher instead of dividing it among all teachers
uint256 payPerTeacher = (bursary * TEACHER_WAGE) / PRECISION;
uint256 principalPay = (bursary * PRINCIPAL_WAGE) / PRECISION;
..........................
}
Impact
❗️Fund transfers will fail due to insufficient contract balance
❗️Principal's 5% share becomes unreachable
❗️Graduation/upgrade process becomes permanently blocked
❗️Teachers receive incorrect/inflated payments
Tools Used
Manual code review
Recommendations
function graduateAndUpgrade(address _levelTwo, bytes memory) public onlyPrincipal {
..................
// Calculate total teacher pool first
uint256 totalTeacherPool = (bursary * TEACHER_WAGE) / PRECISION;
// Then divide equally between teachers
uint256 payPerTeacher = totalTeacherPool / listOfTeachers.length;
uint256 principalPay = (bursary * PRINCIPAL_WAGE) / PRECISION;
..........................
}
Updates
Lead Judging Commences
yeahchibyke about 1 month ago
Submission Judgement Published Assigned finding tags:
incorrect teacher pay calculation
`payPerTeacher` in `graduateAndUpgrade()` is incorrectly calculated.
yeahchibyke about 1 month ago
Submission Judgement Published Assigned finding tags:
incorrect teacher pay calculation
`payPerTeacher` in `graduateAndUpgrade()` is incorrectly calculated.
Rewards breakdown
nSLOC
243This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.