The `if (_isPastMinDistributionPeriod())` check will prevent the distribution from completing before `mint()`/`burn()`/`burnFrom()` is called in the case where `distribute()` was called directly but not enough times to complete the distribution.

[c4-bot-3]

Lines of code

https://github.com/code-423n4/2024-02-althea-liquid-infrastructure/blob/3adc34600561077ad4834ee9621060afd9026f06/liquid-infrastructure/contracts/LiquidInfrastructureERC20.sol#L268 https://github.com/code-423n4/2024-02-althea-liquid-infrastructure/blob/3adc34600561077ad4834ee9621060afd9026f06/liquid-infrastructure/contracts/LiquidInfrastructureERC20.sol#L290 https://github.com/code-423n4/2024-02-althea-liquid-infrastructure/blob/3adc34600561077ad4834ee9621060afd9026f06/liquid-infrastructure/contracts/LiquidInfrastructureERC20.sol#L303

Vulnerability details

Since this same check is inside the distribute() function itself, its use is pretty much redundant in the following functions: mintAndDistribute(), burnAndDistribute(), burnFromAndDistribute().

The below check appears in above three functions, and could be removed due to the same check in the distribute() function:

        if (_isPastMinDistributionPeriod()) {
            distributeToAllHolders();
        }

Here it appears in the distribute() function:

        if (!LockedForDistribution) {
            require(_isPastMinDistributionPeriod(), "MinDistributionPeriod not met");
            _beginDistribution();
        }

Recommendation:

Remove the if (_isPastMinDistributionPeriod()) check so that we only have this in the three affected functions:

            distributeToAllHolders();

Assessed type

Invalid Validation

[0xRobocop]

Spam

[c4-pre-sort]

0xRobocop marked the issue as insufficient quality report

[c4-judge]

0xA5DF marked the issue as unsatisfactory: Invalid