Closed c4-judge closed 4 months ago
Judge has assessed an item in Issue #74 as 3 risk. The relevant finding follows:
The lockOnBehalf() allows any user to donate 1 wei to extend the unlocking time of any player's locks.
Location: LockManager::lockOnBehalf()
function lockOnBehalf( address _tokenContract, uint256 _quantity, address _onBehalfOf ) external payable notPaused onlyActiveToken(_tokenContract) onlyConfiguredToken(_tokenContract) nonReentrant { address tokenOwner = msg.sender; address lockRecipient = msg.sender; if (_onBehalfOf != address(0)) { lockRecipient = _onBehalfOf; } _lock(_tokenContract, _quantity, tokenOwner, lockRecipient); }
Location: LockManager::_lock()
function _lock( address _tokenContract, uint256 _quantity, address _tokenOwner, address _lockRecipient ) private { // SNIPPED lockedToken.lastLockTime = uint32(block.timestamp); lockedToken.unlockTime = uint32(block.timestamp) + uint32(_lockDuration); }
alex-ppg marked the issue as duplicate of #165
alex-ppg marked the issue as partial-25
Judge has assessed an item in Issue #74 as 3 risk. The relevant finding follows:
[L-01] Donation to extend the unlocking time of other players
The lockOnBehalf() allows any user to donate 1 wei to extend the unlocking time of any player's locks.
Location: LockManager::lockOnBehalf()
Location: LockManager::_lock()