Skip to content
This repository has been archived by the owner on Jan 21, 2024. It is now read-only.

Yuki - Slightly increasing the vote factor can result to beneficiaries not able to claim their tokens. #175

Closed
sherlock-admin opened this issue Jul 22, 2023 · 0 comments
Closed

Yuki - Slightly increasing the vote factor can result to beneficiaries not able to claim their tokens. #175

sherlock-admin opened this issue Jul 22, 2023 · 0 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue

Comments

@sherlock-admin
Copy link
Contributor

sherlock-admin commented Jul 22, 2023
edited
Loading

Yuki

high

Slightly increasing the vote factor can result to beneficiaries not able to claim their tokens.

Summary

Slightly increasing the vote factor can result to beneficiaries not able to claim their tokens.

Vulnerability Detail

Increasing the vote factor can result to unexpected outcome, as beneficiaries won't be able to claim their tokens.

When executing claim, the function calculates the amount of votes it has to burn based on the formula in the function
tokensToVotes. This can be problematic if the vote power increases and can lead to the following scenario:

  • A beneficiary is initialized and voting power is minted to it based on the current factor.
  • Time passes and the vote factor slightly increases
  • The beneficiary tries to claim his tokens but as the vote factor increased, the function will try to burn more voting power than the user has and it will revert.
  • In the end the beneficiary won't be able to claim his rewards.
  function _executeClaim(
    address beneficiary,
    uint256 totalAmount
  ) internal virtual override returns (uint256 _claimed) {
    _claimed = super._executeClaim(beneficiary, totalAmount);

    // reduce voting power through ERC20Votes extension
    _burn(beneficiary, tokensToVotes(_claimed));
  }
  function tokensToVotes(uint256 tokenAmount) private view returns (uint256) {
    return (tokenAmount * voteFactor) / fractionDenominator;
  }

Impact

Duo to difference between the two vote factors, when the beneficiary was initialized and after the vote factor increases. The beneficiary won't be able to claim his tokens, as the function will try to burn more voting power than the beneficiary has.

Code Snippet

https://github.com/sherlock-audit/2023-06-tokensoft/blob/main/contracts/contracts/claim/abstract/AdvancedDistributor.sol#L87

https://github.com/sherlock-audit/2023-06-tokensoft/blob/main/contracts/contracts/claim/abstract/AdvancedDistributor.sol#L73

Tool used

Manual Review

Recommendation

The one way to fix this issue would be to burn the whole amount of voting power the beneficiary has, only if the tokens claimed have more voting power than the user has. This will prevent the issue from not being able to claim rewards, if vote factor increases over time.

Duplicate of #55
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Jul 26, 2023
@sherlock-admin sherlock-admin changed the title Melted Spruce Oyster - Slightly increasing the vote factor can result to beneficiaries not able to claim their tokens. Yuki - Slightly increasing the vote factor can result to beneficiaries not able to claim their tokens. Aug 6, 2023
@sherlock-admin sherlock-admin added the Reward A payout will be made for this issue label Aug 6, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin