GalloDaSballo
commented
2 years ago Disagree that this is a vulnerability as other findings in the contest have shown how we could even more the reward token to the bribesProcessor
Closed code423n4 closed 2 years ago
GalloDaSballo
commented
2 years ago Disagree that this is a vulnerability as other findings in the contest have shown how we could even more the reward token to the bribesProcessor
Lines of code
https://github.com/Badger-Finance/vested-aura/blob/d504684e4f9b56660a9e6c6dfb839dcebac3c174/contracts/MyStrategy.sol#L279-L281
Vulnerability details
Impact
Vault cannot be fully emptied
Proof of Concept
Whenever rewards are earned they are automatically locked into the the Aura Locker. Since that reward will then earn more rewards while locked, there will be more rewards to be collected when that lock is finished which will then be locked again. This means that there will forever be rewards locked in the contract
Tools Used
Recommended Mitigation Steps
Add a bool for reinvesting harvested rewards. When the strategy is winding down then set the bool to false to allow all the rewards to be collected but not locked