c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
Open code423n4 opened 1 year ago
c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
Lines of code
Vulnerability details
Issue mitigated
About the problem
Before update, users had ability to delegate to address 0 in case if they want to opt out of participating in draws. Such action will make their balance to be delegated to 0 always and they will have no ability to undo this action.
Solution
This issue was fixed, by treating 0 address as
SPONSORSHIP_ADDRESS, so such case will not happen anymore. In case if user delegates to 0 address, that will mean that he donates his odds to win.