search

code-423n4 / 2022-12-tigris-findings

8 stars 4 forks source link

Extending period in `Lock` contract will block user funds #558

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/Lock.sol#L84-L92 https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/Lock.sol#L73 https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/Lock.sol#L103

Vulnerability details

Impact

Extending lock will block users' funds.

Contract: Lock.sol

Proof of Concept

Locking tokens with function lock(...) will update mapping mapping totalLocked for given asset with value of amount, here: totalLocked[_asset] += _amount. However, when extending lock with function extendLock(...) the mapping totalLocked is not updated. This blocks user funds, since to relea tokens with release(...) function, the released amount is subtracted in mapping totalLocked. This makes every amount passed in extendLock(...) not be able to release. This may also allow malicious user to block other users' funds by locking tokens, extending lock with large amount and then releasing - other users will not be able to release their funds.

Tools Used

Manual review.

Recommended Mitigation Steps

Consider updating mapping totalLocked on extending lock.

c4-judge commented 1 year ago

GalloDaSballo marked the issue as duplicate of #23

c4-judge commented 1 year ago

GalloDaSballo marked the issue as satisfactory