c4-judge
commented
11 months ago Picodes marked the issue as satisfactory
Open code423n4 opened 12 months ago
c4-judge
commented
11 months ago Picodes marked the issue as satisfactory
Lines of code
Vulnerability details
Original Issue
M-27 - Inconsistent behavior for canary claims in claimer
Details
There was an issue when calculating the
feePerClaimwhen claiming prizes using the Claimer contract, the problem was that only theprizePool.claimCount()was considered to compute the fees, and theprizePool.canarayClaimCount()was not used, thus, if the claimer would not get the fees when claiming prizes from a Canary Tier.Mitigation
As part of the mitigation, the Canary and normal tiers claiming logic was unified, and now it doesn't matter if the claim is made in a Canary or a normal tier, in either of the two types of tiers, the
prizePool.claimCount()variable will be increased, thus, the problem in the Claimer contract is mitigated.Conclusion
The implemented mitigation solves the original issue.