On good faith CORRUPTED, claimCorrupted requires bountyClaimed == bountyEntitlement (MustClaimBountyFirst) and never checks corruptedClaimDeadline. After the 180-day window, claimAttackerBounty reverts ClaimWindowExpired, so the whitehat can no longer fill that gate.
Post window leftovers are only recoverable via sweepUnclaimedCorrupted, which forges bountyClaimed = bountyEntitlement and sweeps to recovery. Callers that reuse the bad faith twin claimCorrupted hit a permanent revert that still blames an unfinished bounty.
Likelihood:
Good faith CORRUPTED with an absent / late whitehat is an intended ops path after CORRUPTED_CLAIM_WINDOW.
Keepers and integrators that only call claimCorrupted for “send leftovers to recovery” (works for bad-faith) reuse that entrypoint after the GF window.
Impact:
Funds remain idle until someone discovers sweepUnclaimedCorrupted.
Error message MustClaimBountyFirst is misleading once the attacker can no longer claim.
Run:
Or revert with a dedicated UseSweepUnclaimedCorrupted error after the deadline.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.