sherlock-admin
commented
11 months ago 1 comment(s) were left on this issue during the judging contest.
n33k commented:
invalid, very low amount of fund will be stuck because of division
Closed sherlock-admin closed 11 months ago
sherlock-admin
commented
11 months ago 1 comment(s) were left on this issue during the judging contest.
n33k commented:
invalid, very low amount of fund will be stuck because of division
0xc0ffEE
medium
Potential funds stuck in QVBaseStrategy
In
QVBaseStrategycontract, recipient's payout is calculated based on total votes received proportionally to total global votes, multiplied with total pool amount. While the contract does not have any withdraw function for pool manager, there will be potential stuck funds in contract because of rounding down calculationVulnerability Detail
Payout amounts formula
amount = poolAmount * recipient.totalVotesReceived / totalRecipientVotes. Hereamountwill be rounded down and there will be(poolAmount * recipient.totalVotesReceived) % totalRecipientVotesamount of token stuck in the contract for each payout. As long astotalRecipientVotesis large enough, stuck funds will be large (depends on value range of voice credits to be used).Impact
There will be potential stuck funds in pools
Code Snippet
https://github.com/sherlock-audit/2023-09-Gitcoin/blob/main/allo-v2/contracts/strategies/qv-base/QVBaseStrategy.sol#L571
Tool used
Manual Review
Recommendation
Consider adding a withdraw function for pool manager that has delay time