search

sherlock-audit / 2023-12-flatmoney-judging

9 stars 8 forks source link

xiaoming90 - Unlocked points can be locked up again #204

Closed sherlock-admin2 closed 5 months ago

sherlock-admin2 commented 5 months ago

xiaoming90

medium

Unlocked points can be locked up again

Summary

Unlocked points can be locked up again, preventing users from exchanging their points for something of value.

Vulnerability Detail

Assume that the unlockTaxVest is 1 year and Bob has 10000 points already unlocked on 31 Dec 2023.

On 1 Jan 2024, Bob minted 1 point. As a result, the unlock date of his account is set to one year later, which is around 31 Dec 2024. All his points, including those already unlocked 10000 points, will be subjected to the new unlock date of 31 Dec 2024. Thus, Bob's already unlocked points will be locked again.

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/PointsModule.sol#L147

File: PointsModule.sol
139:     /// @notice Sets the unlock time for newly minted points.
140:     /// @dev    If the user has existing locked points, then the new unlock time is calculated based on the existing locked points.
141:     ///         The newly minted points are included in the `lockedAmount` calculation.
142:     function _setMintUnlockTime(address account, uint256 mintAmount) internal returns (uint256 newUnlockTime) {
143:         uint256 lockedAmount = _lockedAmount[account];
144:         uint256 unlockTimeBefore = unlockTime[account];
145: 
146:         if (unlockTimeBefore <= block.timestamp) {
147:             newUnlockTime = block.timestamp + unlockTaxVest;
148:         } else {
149:             uint256 newUnlockTimeAmount = (block.timestamp + unlockTaxVest) * mintAmount;
150:             uint256 oldUnlockTimeAmount = unlockTimeBefore * (lockedAmount - mintAmount);
151:             newUnlockTime = (newUnlockTimeAmount + oldUnlockTimeAmount) / lockedAmount;
152:         }
153: 
154:         unlockTime[account] = newUnlockTime;
155:     }

Impact

Points that have already been unlocked (already passed the unlockTaxVest) will be locked up again, preventing users from exchanging their points for something of value with the protocol.

Code Snippet

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/PointsModule.sol#L147

Tool used

Manual Review

Recommendation

Ensure that unlocked points are not locked up again.

Duplicate of #200

sherlock-admin commented 5 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid