search

code-423n4 / 2021-05-visorfinance-findings

0 stars 0 forks source link

getBalanceLocked on line 202 of Visor.sol doesn't return the total balance, just the highest balance #57

Closed code423n4 closed 3 years ago

code423n4 commented 3 years ago

Handle

Sherlock

Vulnerability details

Impact

Causes some internal miscalculations allowing people to take out locked funds using timeUnlockERC20() and delegatedTransferERC20()

Proof of Concept

https://github.com/Evert0x/2021-05-visorfinance/blob/main/contracts/test/Test.ts#L12

Tools Used

Hardhat

Recommended Mitigation Steps

Calculate balance using balance.add( _lockData.balance) on line 207 of Visor.sol

ghost commented 3 years ago

sponsor disputed The highest balance here is the total balance

ghoul-sol commented 3 years ago

I don’t get why highest balance is total balance but will give benefit of the doubt to the sponsor.