Normally, when the contract gives or burns BEAT tokens, it should check if the operation worked.
The problem is the contract does not check if BeatToken's mint()
or burnFrom()
functions succeed. If these fail, the contract still updates its state and emits events, so the real token balances and the contract's records can get out of sync.
Likelihood:
This will happen if BeatToken's mint()
or burnFrom()
fails for any reason (like paused contract, not enough allowance, or a bug).
The contract will not notice and will keep going as if everything worked.
Impact:
Users may not get their BEAT tokens or may not have tokens burned, but the contract will say they did.
The contract's state and the real token balances will not match, which can cause confusion and loss of trust.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.