contract Vether4 function _recordBurn does not check that _eth > 0, thus it is possible to pass this check multiple times:
if (mapEraDay_MemberUnits[_era][_day][_member] == 0)
If the user hasn't contributed to this day yet, it updates mapMemberEra_Days, mapEraDay_MemberCount, and mapEraDay_Members. However, when msg.value is 0 it is possible to trigger this condition again and again as mapEraDay_MemberUnits still remains 0.
Recommended Mitigation Steps
Either do not allow burns of 0 _eth or add an extra check in the if statement.
Handle
paulius.eth
Vulnerability details
Impact
contract Vether4 function _recordBurn does not check that _eth > 0, thus it is possible to pass this check multiple times: if (mapEraDay_MemberUnits[_era][_day][_member] == 0) If the user hasn't contributed to this day yet, it updates mapMemberEra_Days, mapEraDay_MemberCount, and mapEraDay_Members. However, when msg.value is 0 it is possible to trigger this condition again and again as mapEraDay_MemberUnits still remains 0.
Recommended Mitigation Steps
Either do not allow burns of 0 _eth or add an extra check in the if statement.