code423n4 commented 1 year ago

Lines of code

Vulnerability details

Original Issue

M-12 - Tier odds in TieredLiquidityDistributor are incorrect

Details

The issue was about incorrectly setting the Tier Odds, specifically for the highest tier.

As per the documentation, the Canary Tier and the highest normal prize tier should be 1, and in the previous implementation, only the Canary Tier was set to 1.

Mitigation

As part of the mitigation, new logic to set the Tier Odds at construction time was introduced.
Now, when the contract is deployed, it is computed the estimated prizes for all the different available tiers, a min, and a max number of tiers are set (3-10, respectively), and the Tier Odds are computed in the constructor().
- The new update fixes the issue of not setting correctly the highest normal tier.
```
constructor(uint8 _numberOfTiers, uint8 _tierShares, uint8 _reserveShares, uint24 _grandPrizePeriodDraws) {
...
...
...
```
TIER_ODDS_0_3 = TierCalculationLib.getTierOdds(0, 2, _grandPrizePeriodDraws); TIER_ODDS_1_3 = SD59x18.wrap(1000000000000000000); TIER_ODDS_2_3 = SD59x18.wrap(1000000000000000000); TIER_ODDS_0_4 = TierCalculationLib.getTierOdds(0, 3, _grandPrizePeriodDraws); TIER_ODDS_1_4 = TierCalculationLib.getTierOdds(1, 3, _grandPrizePeriodDraws); TIER_ODDS_2_4 = SD59x18.wrap(1000000000000000000); TIER_ODDS_3_4 = SD59x18.wrap(1000000000000000000); TIER_ODDS_0_5 = TierCalculationLib.getTierOdds(0, 4, _grandPrizePeriodDraws); TIER_ODDS_1_5 = TierCalculationLib.getTierOdds(1, 4, _grandPrizePeriodDraws); TIER_ODDS_2_5 = TierCalculationLib.getTierOdds(2, 4, _grandPrizePeriodDraws); TIER_ODDS_3_5 = SD59x18.wrap(1000000000000000000); TIER_ODDS_4_5 = SD59x18.wrap(1000000000000000000); TIER_ODDS_0_6 = TierCalculationLib.getTierOdds(0, 5, _grandPrizePeriodDraws); TIER_ODDS_1_6 = TierCalculationLib.getTierOdds(1, 5, _grandPrizePeriodDraws); TIER_ODDS_2_6 = TierCalculationLib.getTierOdds(2, 5, _grandPrizePeriodDraws); TIER_ODDS_3_6 = TierCalculationLib.getTierOdds(3, 5, _grandPrizePeriodDraws); TIER_ODDS_4_6 = SD59x18.wrap(1000000000000000000); TIER_ODDS_5_6 = SD59x18.wrap(1000000000000000000);

... ... ... }

Conclusion

The implemented mitigation solves the original issue.

c4-judge commented 1 year ago

Picodes marked the issue as satisfactory