search

code-423n4 / 2023-04-frankencoin-findings

5 stars 4 forks source link

Malicious redeem prevention #982

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L275

Vulnerability details

Impact

Sending FPS to a person affects his voteAnchor and can prevent him from withdrawing money for a long time

Proof of Concept

Since canRedeem function is using voteAnchor to determine holding period https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L136 and sending FPS evokes adjustRecipientVoteAnchor, which shifts VoteAnchor forward https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L157 then you can send x FPS to a person that only is holding x FPS for 90 days to prevent him from redeeming for a month and a half. https://github.com/code-423n4/2023-04-frankencoin/blob/main/contracts/Equity.sol#L161

Recommended Mitigation Steps

Choose different redeeming mechanism, like requests with timestamps and transfer freeze

c4-pre-sort commented 1 year ago

0xA5DF marked the issue as duplicate of #668

c4-pre-sort commented 1 year ago

0xA5DF marked the issue as duplicate of #922

c4-judge commented 1 year ago

hansfriese marked the issue as unsatisfactory: Invalid