Consider scenario:
1, User A, B, C, D are council members and have tokenId= 0, 1, 2, 3.
2, User B's NFT is burned, balance of user D, which is balances[3] is set to balances[1].
3, User D are not able to claim rewards because there is no token left in balances[3].
Impact
Latest user in council member list will lost rewards
Do not change sort of balances when burning. When distribute tokens to council member, do not distribute rewards to balances location that being burned
grearlake
high
Latest council member will lost rewards after burning council member NFT
Summary
After burning council member NFT, latest user in council member list will lost rewards due to updating of
balances
arrayVulnerability Detail
Function
burn()
is used to burn council member NFT:Consider scenario: 1, User A, B, C, D are council members and have tokenId= 0, 1, 2, 3. 2, User B's NFT is burned, balance of user D, which is balances[3] is set to balances[1]. 3, User D are not able to claim rewards because there is no token left in balances[3].
Impact
Latest user in council member list will lost rewards
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/sablier/core/CouncilMember.sol#L92-#L111
Tool used
Manual Review
Recommendation
Do not change sort of
balances
when burning. When distribute tokens to council member, do not distribute rewards tobalances
location that being burnedDuplicate of #199