claimYieldFeeShares
can lead to loss of yieldFeeBalance
#240
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-59
🤖_10_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
sufficient quality report
This report is of sufficient quality
Lines of code
https://github.com/code-423n4/2024-03-pooltogether/blob/main/pt-v5-vault/src/PrizeVault.sol#L611
Vulnerability details
Summary
PrizeVault::claimYieldFeeShares
Transfers yield fee shares to the yield fee recipient. instead of decreasing transferred shares it resets the yieldFeeBalance even for partial sharesImpact
yieldFeeBalance will lost due to incorrect update
Proof of Concept
https://github.com/code-423n4/2024-03-pooltogether/blob/main/pt-v5-vault/src/PrizeVault.sol#L611
Transferring
_shares
should decreaseyieldFeeBalance
by_shares
, while it resets the yieldFeeBalance to zeroTools Used
Manual
Recommended Mitigation Steps
Assessed type
Math
The text was updated successfully, but these errors were encountered: