The protocol gives the Moderator a "re-flag" window to correct outcome typos before the first legitimate claim sets claimsStarted = true (docs/DESIGN.md §4). While sweepUnclaimedBonus() explicitly avoids setting this latch to prevent griefing via dust donations, claimCorrupted() lacks this protection.
An attacker can bypass the toSweep == 0 check by transferring 1 wei directly to the pool. Calling the permissionless claimCorrupted() sweeps the dust and unconditionally flips claimsStarted to true, prematurely and maliciously closing the Moderator's correction window.
Likelihood:
Any actor can trigger this permissionlessly at virtually zero cost (1 wei) by monitoring for flagOutcome events.
Impact:
The Moderator's administrative re-flag window is permanently bricked.
Typo'd outcomes (e.g., wrong goodFaith status or attacker address) become irreversibly locked, preventing whitehats from receiving legitimate bounties.
Explanation:
The pool is in a CORRUPTED state but currently has no claimable balance. The Moderator's re-flag window is open.
The attacker donates 1 wei of stakeToken directly to the pool contract.
The attacker calls claimCorrupted(), which succeeds because toSweep > 0. This unconditionally sets claimsStarted = true.
The Moderator attempts to call flagOutcome to correct a previous typo, but it reverts with OutcomeAlreadySet.
Only set the claimsStarted finality latch if actual legitimate protocol funds (corruptedReserve) are being swept, ignoring dust donations.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.