Closed code423n4 closed 1 year ago
thereksfour marked the issue as primary issue
TutaRicky marked the issue as disagree with severity
This is not for (2 Med Risk)
thereksfour changed the severity to QA (Quality Assurance)
thereksfour marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2023-03-wenwin/blob/main/src/ReferralSystem.sol#L111-L130
Vulnerability details
Impact
getMinimumEligibleReferralsFactorCalculation
not working at edge cases as per ranges given in documentation.Proof of Concept
https://github.com/code-423n4/2023-03-wenwin/blob/main/src/ReferralSystem.sol#L111-L130
Documentation reference: https://docs.wenwin.com/wenwin-lottery/protocol-architecture/token/rewards/referrals
As per the column for
Previous Draw's Total Tickets Sold (t)
in doc, the last value in range have<=
but in code, its using strictly less than. Which could affect minimum eligible referrals factor calculation at last boundry of range.Tools Used
Manual Review
Recommended Mitigation Steps