search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-20 MitigationConfirmed #83

Open c4-bot-1 opened 8 months ago

c4-bot-1 commented 8 months ago

Lines of code

Vulnerability details

Comments

In the original implementation, when DAO.withdrawPOL() is called, some SALT rewards might be claimed. Withdrawn tokens will be transferred to Liquidizer, however, the claimed SALT reward will remain stuck in DAO.

Mitigation

commit eaf40ef The mitigation removed DAO.withdrawPOL(). The function is no longer used. The original issue was resolved.

Conclusion

Confirmed

c4-judge commented 8 months ago

Picodes marked the issue as satisfactory