GalloDaSballo
commented
2 years ago Earn is sending funds to the strategy, the strategy is a BrickedStrategy that does nothing, I fail to see any vulnerability here
Closed code423n4 closed 2 years ago
GalloDaSballo
commented
2 years ago Earn is sending funds to the strategy, the strategy is a BrickedStrategy that does nothing, I fail to see any vulnerability here
Lines of code
https://github.com/code-423n4/2022-04-badger-citadel/blob/main/src/StakedCitadel.sol#L717
Vulnerability details
earn can be called many times and each time more money will be transferred to the strategy, and the money in the strategy can be above the desired percentage of the money that should be in the strategy.