search

code-423n4 / 2022-04-badger-citadel-findings

0 stars 1 forks source link

cannot set asset cap to the current cumulative funded amount #146

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-04-badger-citadel/blob/main/src/Funding.sol#L297

Vulnerability details

In this require, the message is

"cannot decrease cap below global sum of assets in"

However, it would also fail if _assetCap is equal to funding.assetCumulativeFunded.

Recommended Mitigation Steps

change to:

        require(
            _assetCap >= funding.assetCumulativeFunded,
            "cannot decrease cap below global sum of assets in"
        )
jack-the-pug commented 2 years ago

It's a QA