Open hats-bug-reporter[bot] opened 1 month ago
Invalid, it is claimed directly from contracts like TapiocaOptionBroker
on the init function: https://github.com/Tapioca-DAO/tap-token/blob/ed5d47ef05ddc61c10cd71e7104b44a99c665d55/contracts/options/TapiocaOptionBroker.sol#L489
Github username: -- Twitter username: -- Submission hash (on-chain): 0xee15f36654276bee49dc121ecc1d512f5b80f55d0f17ec450e1c272176859071 Severity: high
Description: Description\
In
oTAP.sol
anybody can become a broker.Attack Scenario\
This is the
brokerClaim()
function:There is a logical error here. The purpose is to call the function only once. But right now anyone can call it after that and become a broker.
To fix the bug change the function to: