search

code-423n4 / 2021-11-streaming-findings

0 stars 0 forks source link

reset depositTokenAmount in creatorClaimSoldTokens #268

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

pauliax

Vulnerability details

Impact

function creatorClaimSoldTokens should nullify depositTokenAmount, otherwise it may not be possible to recover deposit tokens later because the balance will be lower than accounted depositTokenAmount:

  uint256 excess = ERC20(token).balanceOf(address(this)) - (depositTokenAmount - redeemedDepositTokens);

Recommended Mitigation Steps

Possible solution (function creatorClaimSoldTokens):

    uint112 amount = depositTokenAmount;
    depositTokenAmount = 0;
0xean commented 2 years ago

dupe of #121