c4-judge
commented
5 months ago Trumpero marked the issue as duplicate of #966
Closed c4-judge closed 5 months ago
c4-judge
commented
5 months ago Trumpero marked the issue as duplicate of #966
Trumpero
commented
5 months ago This issue should receive only 50% partial credit due to its lack of quality and maximum impact
c4-judge
commented
5 months ago Trumpero marked the issue as partial-50
Judge has assessed an item in Issue #514 as 2 risk. The relevant finding follows:
L-01 Anyone could increase interpolation endTime by 30 days just by distributing 1 wei.
Lines of code
https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/main/src/tokens/ERC20RebaseDistributor.sol#L364
Impact
Anyone can call distribute with 1 Wei as amount and update the interpolation of
__rebasingSharePrice&__unmintedRebaseRewardsby 30 daysTools Used
manual review
Recommended Mitigation Steps
Add a minimum amount check to the distribute function