Open hats-bug-reporter[bot] opened 1 month ago
@luzzif Can you please point out the issue here? From what I can understand, the leaf does not interfere with other campaigns since we're validating it against a specific campaign.root when verifying the calldata.
@luzzif Can you please point out the issue here? From what I can understand, the leaf does not interfere with other campaigns since we're validating it against a specific campaign.root when verifying the calldata.
I applied the label at a glance but looking back at this you're right. This issue is most likely invalid.
Github username: -- Twitter username: -- Submission hash (on-chain): 0x1fa8659dd2efe45d37c0008b42ac8093589363ff81837b5dd011af77e6e2347e Severity: high
Description: Description\ The function Metrom._processRewardClaim computes the _leaf node of the merkle tree according to the code below:
However, the leaf node may colide with other nodes, since the same owner, with the same token may have the same amout of reward available in another campain.
Attack Scenario\ It may me able to provide a proof for a node that does not exist.
Attachments
The _leaf1 and _leaf2 are going to colide and have the same node. Including the campainId would avoid that.