Reward distribution will fail, which leads to the DOSes of the core functions.
Details
The distribute function is used to distribute rewards to all users, and safeTransferFrom is used to distribute ERC20 tokens. However, this does not take into account that if one of the users is on the blacklist, safeTransferFrom will fail, causing the entire function to be reverted.
Tools Used
VScode
Recommended Mitigation Steps
The amount of rewards received by users can be stored in a list, allowing users to actively claim them.
Lines of code
https://github.com/code-423n4/2024-07-reserve/blob/main/contracts/p1/Distributor.sol#L169-L175
Vulnerability details
Impact
Reward distribution will fail, which leads to the DOSes of the core functions.
Details
The distribute function is used to distribute rewards to all users, and safeTransferFrom is used to distribute ERC20 tokens. However, this does not take into account that if one of the users is on the blacklist, safeTransferFrom will fail, causing the entire function to be reverted.
Tools Used
VScode
Recommended Mitigation Steps
The amount of rewards received by users can be stored in a list, allowing users to actively claim them.
Assessed type
Token-Transfer