Open code423n4 opened 1 year ago
https://github.com/code-423n4/2023-01-popcorn/blob/d95fc31449c260901811196d617366d6352258cd/src/vault/Vault.sol#L35
Detailed description of the impact of this finding.
There is an incorrect value of the constant SECONDS_PER_YEAR, which should be in seconds not days
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Manual Review
This should be changed to uint256 constant SECONDS_PER_YEAR = 31557600;
RedVeil marked the issue as disagree with severity
RedVeil marked the issue as sponsor disputed
dmvt changed the severity to QA (Quality Assurance)
dmvt marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-01-popcorn/blob/d95fc31449c260901811196d617366d6352258cd/src/vault/Vault.sol#L35
Vulnerability details
Impact
Detailed description of the impact of this finding.
There is an incorrect value of the constant SECONDS_PER_YEAR, which should be in seconds not days
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
https://github.com/code-423n4/2023-01-popcorn/blob/d95fc31449c260901811196d617366d6352258cd/src/vault/Vault.sol#L35
Tools Used
Manual Review
Recommended Mitigation Steps
This should be changed to uint256 constant SECONDS_PER_YEAR = 31557600;