function restructureCapTable(address[] calldata helpers, address[] calldata addressesToWipe) public {
require(zchf.equity() < MINIMUM_EQUITY);
checkQualified(msg.sender, helpers);
for (uint256 i = 0; i<addressesToWipe.length; i++){
address current = addressesToWipe[0]; -----------------always 0 is used instead of i
_burn(current, balanceOf(current));
}
}
Tools Used
Recommended Mitigation Steps
We suggest to use correct index value to access the element from array.
Lines of code
https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Equity.sol#L309-L316
Vulnerability details
Impact
When array of addresses are passed to restructure in the emergency situation, contract would revert due to accessing the first index always.
Not able to restructure in single call during emergency.
Proof of Concept
https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Equity.sol#L309-L316
Tools Used
Recommended Mitigation Steps
We suggest to use correct index value to access the element from array.