caventa - Should burn existing minted token for all beneficiaries before changing voteFactor

[sherlock-admin]

caventa

medium

Should burn existing minted token for all beneficiaries before changing voteFactor

Summary

Should burn existing minted token for all beneficiaries before changing voteFactor

Vulnerability Detail

ERC20Votes token is minted based on beneficiary's total amount

struct DistributionRecord {
  uint120 total; // total token quantity claimable
}

It is calculated using the following formula

TokenToVotes = (tokenAmount * voteFactor) / fractionDenominator

where the minting procedure can be accessible by owner or anyone. [Note: if only owner can mint the token, then this issue is invalid].

The voteFactor can be changed by owner.

  function setVoteFactor(uint256 _voteFactor) external onlyOwner {
    voteFactor = _voteFactor;
    emit SetVoteFactor(voteFactor);
  }

Before changing voteFactor, system should ensure all tokens minted using old voteFactor to be burned using old voteFactor.

Impact

If not, either 1 or 2 would happen

1. Beneficiary's distributionRecord.total may have record even when all his tokens are burned
2. Beneficiary's distributionRecord.total may have zero record, yet his tokens are not yet finish burned

Code Snippet

https://github.com/sherlock-audit/2023-06-tokensoft/blob/main/contracts/contracts/claim/abstract/AdvancedDistributor.sol#L84
https://github.com/sherlock-audit/2023-06-tokensoft/blob/main/contracts/contracts/claim/abstract/AdvancedDistributor.sol#L94
https://github.com/sherlock-audit/2023-06-tokensoft/blob/main/contracts/contracts/claim/abstract/AdvancedDistributor.sol#L120
https://github.com/sherlock-audit/2023-06-tokensoft/blob/main/contracts/contracts/claim/abstract/AdvancedDistributor.sol#L126

Tool used

Manual Review

Recommendation

Should burn existing minted token for all beneficiaries before changing voteFactor

Duplicate of #55