withdrawRemainingTokens function doesn't work properly if withdrawFee function called before #66
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-122
edited-by-warden
satisfactory
satisfies C4 submission criteria; eligible for awards
Comments
code423n4
added
3 (High Risk)
|
kirk-baird marked the issue as duplicate of #42 |
|
kirk-baird marked the issue as not a duplicate |
|
kirk-baird marked the issue as duplicate of #61 |
|
kirk-baird marked the issue as satisfactory |
c4-judge
added
satisfactory
c4-judge
removed
the
3 (High Risk)
|
kirk-baird changed the severity to 2 (Med Risk) |
c4-judge
added
2 (Med Risk)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Erc20Quest.sol#L85
https://github.com/rabbitholegg/quest-protocol/blob/8c4c1f71221570b14a0479c216583342bd652d8d/contracts/Erc20Quest.sol#L96-L98
Vulnerability details
Impact
Due to protocolsFee doesnt update with withdrawFee withdraw remaining function doesn't understand protocol fees withdrawn before and give missing money for owner.
Proof of Concept
Contract token balance decrease with withdrawFee however protocolFee doesnt update. While calculating remaining tokens,even if withdrawFee has been called before, it still take into account of this fee amount in line-85,so it gives missing amount of token to quote owner.
Tools Used
Recommended Mitigation Steps
Update protocolFee() after using withdrawFee().
The text was updated successfully, but these errors were encountered: