HardlyDifficult
commented
2 years ago That may be a nice improvement, so that epochs are more predictable. Lowering risk and merging with the warden's QA report https://github.com/code-423n4/2022-06-infinity-findings/issues/285
Lines of code
https://github.com/code-423n4/2022-06-infinity/blob/main/contracts/token/InfinityToken.sol#L60-L82
Vulnerability details
Impact
Epochs may effectively start later than they are planned.
Proof of Concept
If
advanceEpoch()was invoked at a different time than the epoch start, following code will renew the current epoch counter:While this should be:
It is also recommended to use cached values in the above code, against what's shown for clarity.
Tools Used
Manual analysis