Incorrect calculated fee reward for ERC20Quest #407
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-605
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Erc20Quest.sol#L96-L98
https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Erc20Quest.sol#L89-L93
https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Erc20Quest.sol#L100-L104
Vulnerability details
Impact
More than enough funds might be redeemed from ERC20Quest.
Proof of Concept
withdrawFee
has been executed.withdrawFee
has been executed. -- But here protocolFeeRecipient will receive fees for TWO users, Although it should has received only for one.Tools Used
Manual audit
Recommended Mitigation Steps
As I mentioned early add possibility to call
withdrawFee()
only once.And in
protocolFee()
instead of calculating fees only for redeemed users calculates fee over all users.But your idea may be to send commissions only for those users who participated.
In this case, you need to allow
withdrawFee()
to be called as many times as you want, but at the same time maintain the number of commissions already withdrawn and the number of participants who have collected their awards.Like this:
The text was updated successfully, but these errors were encountered: