Closed code423n4 closed 2 years ago
WatchPug
https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/Basket/BasketFacet.sol#L153-L158
require( totalSupply.add(_amount) <= this.getCap(), "MAX_POOL_CAP_REACHED" ); uint256 feeAmount = _amount.mul(bs.entryFee).div(10**18);
feeAmount should be considered. Otherwise, the new totalSupply may surpass pool cap.
feeAmount
totalSupply
Duplicate #283
loki-sama
commented
2 years ago loki-sama
commented
2 years ago
Handle
WatchPug
Vulnerability details
https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/Basket/BasketFacet.sol#L153-L158
feeAmountshould be considered. Otherwise, the newtotalSupplymay surpass pool cap.