search

sherlock-audit / 2024-05-tokensoft-distributor-contracts-update-judging

3 stars 2 forks source link

gajiknownnothing - Inadequate check on token amount adjustment #3

Closed sherlock-admin4 closed 4 months ago

sherlock-admin4 commented 4 months ago

gajiknownnothing

medium

Inadequate check on token amount adjustment

Summary

The AdvancedDistributor::adjust() function decreases the allocated token amount of a user without adequately checking against the claimed token amount. This can lead to a scenario where the decreased token amount is greater than the pending claimable token amount, resulting in insufficient token balance in the contract.

Vulnerability Detail

For example, assume distributionRecord.total = 1000e18 and records[beneficiary].claimed = 800e18:

  1. Execute the adjust() function with amount = -900e18.
  2. Since the condition distributionRecord.total >= diff is true, distributionRecord.total will be updated to 100e18, and 900e18 tokens will be transferred out from the contract.
  3. The beneficiary then claims 100e18.

As a result, the contract will end up distributing a total of 800e18 + 900e18 + 100e18 tokens, causing a deficit in the contract's token balance.

Impact

Insufficient token balance could fail the token claiming.

Code Snippet

https://github.com/sherlock-audit/2024-05-tokensoft-distributor-contracts-update/blob/67edd899612619b0acefdcb0783ef7a8a75caeac/contracts/packages/hardhat/contracts/claim/abstract/AdvancedDistributor.sol#L126-L132

Tool used

Manual Review

Recommendation

Consider adding the aforementioned check.

Duplicate of #43