Closed code423n4 closed 2 years ago
this is an expected behaviour
as @lacoop6tu indicated, this is not a bug but intended behavior. only users with an active lock maintain a non-zero virtual balance (i.e. voting power) in the system
Expected behaviour. Marking invalid.
Lines of code
https://github.com/code-423n4/2022-08-fiatdao/blob/fece3bdb79ccacb501099c24b60312cd0b2e4bb2/contracts/VotingEscrow.sol#L540-L544 https://github.com/code-423n4/2022-08-fiatdao/blob/fece3bdb79ccacb501099c24b60312cd0b2e4bb2/contracts/VotingEscrow.sol#L646-L650
Vulnerability details
Impact
Checkpoint called with incorrect values
Proof of Concept
At
quitLock()
andwithdraws()
you setLockedBalance.delegated
to zero. I is not explained in the documentation but as I understand this variable stores the amount of tokens delegated to this address by others accounts. Am I wrong? Setting to zero and then calling_checkpoint
with this value will produce incorrect values if the account has been delegated votes from others.Recommended Mitigation Steps
Remove
newLocked.delegated = 0;