Closed code423n4 closed 1 year ago
0xA5DF marked the issue as primary issue
0xA5DF marked the issue as low quality report
This is actually off by one wei rather than 1 wad, QA
hansfriese changed the severity to QA (Quality Assurance)
hansfriese marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L293
Vulnerability details
Impact
As described in comments that there should always be atleast 1 share but it use less then sign which makes it atleast 2 shares
Proof of Concept
https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L293 In below code snipet as the comment describe there is always atleast one share but in require statement it adds shares with ONE_DEC18 constant which is equal to 1 share. Example: So if totalShares are 2 and I want to redeem 1 it will revert as
1 + 1 < 2
condition will fail inside require.Tools Used
Manual review
Recommended Mitigation Steps
Use less then or equal to sign