Root cause: sweepUnclaimedBonus is the only fund-moving function that moves tokens out of the pool without setting the claimsStarted finality latch, so the moderator's flagOutcome correction window stays open after the bonus has already left the contract.
Impact: a subsequent (legal) SURVIVED → good-faith CORRUPTED correction re-snapshots a totalBonus that was already swept to recoveryAddress, so the named whitehat is paid only the principal and loses the entire bonus pool.
Normal behavior: finality is meant to latch on the first value movement — every claim/sweep sets claimsStarted = true, and flagOutcome may only re-flag (correct a mis-flagged outcome) while claimsStarted == false (DESIGN.md §4). For a good-faith CORRUPTED outcome the named whitehat is entitled to the entire pool = stake + bonus (DESIGN.md §12).
The issue: sweepUnclaimedBonus, in the riskWindowStart == 0 branch, sends the whole snapshotTotalBonus to recoveryAddress and zeroes totalBonus, but never sets claimsStarted. The re-flag window therefore stays open after real funds left. A later flagOutcome(CORRUPTED, goodFaith=true, attacker) recomputes bountyEntitlement from the now-zeroed totalBonus, so the whitehat's entitlement excludes the bonus that already left.
Likelihood:
The registry reaches terminal CORRUPTED while no pool interaction ever observed an active-risk state, leaving riskWindowStart == 0 — a reachable state the design explicitly accounts for (DESIGN.md §5).
The moderator flags SURVIVED (the documented out-of-scope judgement, §8) and then reclassifies to good-faith CORRUPTED through the correction window §4 exists for, while the permissionless sweepUnclaimedBonus is called in between — the recoveryAddress sponsor is financially motivated to sweep, since it captures the bonus that would otherwise go to the whitehat.
Impact:
The named good-faith whitehat receives only the principal; the entire bonus pool is permanently diverted to recoveryAddress.
The loss equals the whole bonus — the sponsor's full incentive budget, which can be a multiple of the principal — so the good-faith reward mechanism guaranteed by §12 is destroyed.
Full test in test/unit/ConfidencePool.sweepReflagBonus.t.sol (3 tests pass; forge test --match-contract SweepReflagBonus -vv). Core exploit — principal P = 100, bonus B = 40, whitehat receives 100 instead of 140:
Reserve the bonus until finality is actually latched, regardless of riskWindowStart:
Alternative: forbid re-flagging into CORRUPTED once any bonus has been swept, or size bountyEntitlement in flagOutcome from stakeToken.balanceOf(address(this)) instead of the mutable-since-flag snapshotTotalBonus.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.