In case feeRecipient == address(0), no one can claim this fee and it is locked in TokenDistributor contract. Instead this amount of fee should be distributed to members of Party.
Proof of Concept
Scenario
A Party created a Token Distribution with feeBps = 100 but forgot and set feeRecipient == address(0) and supply = 1e18
In _createDistribution() it did not check if feeRecipient == address(0) before substracting fee
Lines of code
https://github.com/PartyDAO/party-contracts-c4/blob/3896577b8f0fa16cba129dc2867aba786b730c1b/contracts/distribution/TokenDistributor.sol#L352-L353
Vulnerability details
Impact
In
TokenDistributor._createDistribution()
function, it did not check iffeeRecipient != address(0)
before excluding fee from member supply.In case
feeRecipient == address(0)
, no one can claim this fee and it is locked in TokenDistributor contract. Instead this amount of fee should be distributed to members of Party.Proof of Concept
Scenario
feeBps = 100
but forgot and setfeeRecipient == address(0)
andsupply = 1e18
_createDistribution()
it did not check iffeeRecipient == address(0)
before substracting fee9e17
token weis is distributed to members and1e17
token weis is locked inTokenDistributor
since no one can claim it.Tools Used
Manual Review
Recommended Mitigation Steps
Consider do not substract
fee
frommemberSupply
in casefeeRecipient == address(0)