User which is a contract who doesn't have a receive function can't burn his token to get the governance power, because ethOwed ether are transferred to him. This is correct even if ethOwed is 0.
Tools Used
Manual audit
Recommended Mitigation Steps
Consider separating the ETH claiming logic to another function or use wETH.
Lines of code
https://github.com/PartyDAO/party-contracts-c4/blob/3896577b8f0fa16cba129dc2867aba786b730c1b/contracts/crowdfund/Crowdfund.sol#L487
Vulnerability details
Impact
User which is a contract who doesn't have a receive function can't burn his token to get the governance power, because
ethOwed
ether are transferred to him. This is correct even ifethOwed
is 0.Tools Used
Manual audit
Recommended Mitigation Steps
Consider separating the ETH claiming logic to another function or use wETH.