Submission Details
Severity:
Inequation statement could lead to an empty share
Inequation statement could lead to an empty share
Description
The function fund_investor has the following statement at the beginning of the function :
assert (
self.issued_shares <= self.public_shares_cap
), "Share cap reached!!!"
and with those following lines :
share_price: uint256 = (
net_worth // max(self.issued_shares, 1)
if self.issued_shares > 0
else INITIAL_SHARE_PRICE
)
new_shares: uint256 = msg.value // share_price
available: uint256 = self.public_shares_cap - self.issued_shares
# investor may lose money because he is last
if new_shares > available:
new_shares = available
when self.issued_shares == self.public_shares_cap, it will lead to a 0 share for the investor.
Risk
impact(High) : Investor will lose his/her money for 0 shares given
Likelyhood (Low) : It is relatively unlikely that self.issued_shares == self.public_shares_cap but the risk is not zero.
Recommended Mitigation
The recommended mitigation is to make the inequation strict :
assert (
- self.issued_shares <= self.public_shares_cap
+ self.issued_shares < self.public_shares_cap
), "Share cap reached!!!"
Rewards breakdown
nSLOC
265This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.