search

code-423n4 / 2023-05-ajna-findings

2 stars 0 forks source link

User is not able to claim reward from last epoch #393

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/RewardsManager.sol#L396

Vulnerability details

Impact

Last epoch reward is not included in claimed reward. When user calls function claimRewards he provide as arguments tokenId_ (NFT) and specific epoch epochToClaim_ to which to be calculated reward. After passing of the conditions, in function _claimRewards for computing of the reward is used function _calculateAndClaimRewards. The computing of the reward start from lastClaimedEpoch and go through all epochs until reaching of epochToClaim_. Unfortunatly, the for loop will skip calculating of epochToClaim_ and reward for this epoch will not be included in the total reward. link.

This problem occurs in calculateRewards in 337 line

Proof of Concept

Tests do not cover this scenario

Tools Used

Mannual review

Recommended Mitigation Steps

Use epoch <= epochToClaim_ instead of epoch < epochToClaim_ code

Assessed type

Loop

c4-sponsor commented 1 year ago

ith-harvey marked the issue as sponsor disputed

ith-harvey commented 1 year ago

in _calculateAndClaimRewards rewards are not calculated for current epoch but for next epoch by calling _calculateNextEpochRewards https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-core/src/RewardsManager.sol#LL339C13-L339C40

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Invalid