If extra reward token is "protected token" it the rewards will be taken by other protocols #44
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate
This issue or pull request already exists
invalid
This doesn't seem right
Comments
code423n4
added
3 (High Risk)
|
Duplicate of #255 |
|
Disputed per #255 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2022-05-vetoken/blob/2d7cd1f6780a9bcc8387dea8fecfbd758462c152/contracts/VoterProxy.sol#L109-L119
Vulnerability details
Impact
Misallocation of extra reward tokens
Proof of Concept
Let's think of a scenario where CRV is being used as an extra incentive for a pickle finance gauge. The extra rewards will be sent to voterProxy but when the extra rewards stash tries to claim them, the tokens will be blocked because CRV is a protected token. Instead those rewards will be given to CRV stakers when claimed.
Tools Used
Recommended Mitigation Steps
When extra fees are collected, the balance before and after the claim should be logged to figure out how many tokens have been transferred and logged in a mapping to record how many are claimable by that specific protocol
The text was updated successfully, but these errors were encountered: