You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: Description
The VirtualRewarderCheckpoints.writeCheckpoint() function in the SingelTokenVirtualRewarderUpgradeable contract may not correctly handle multiple updates within the same block. This can lead to inconsistencies in the recorded checkpoints, potentially causing incorrect state representation for token balances and total supply. The function uses an in-memory read of the last checkpoint and updates it if the timestamp matches the current block's timestamp. This approach can lead to issues when multiple updates occur within the same block, as only the last update will be recorded, potentially overwriting previous updates within the same block.
Attack Scenario\
Initial State:
User A has a balance of 100 tokens.
The total supply is 1000 tokens.
Multiple Updates in the Same Block:
User A deposits 50 tokens(using deposit function).
User A withdraws 30 tokens(using withdraw function).
Expected Behavior:
Two separate checkpoints should be recorded, one for the deposit and one for the withdrawal.
Actual Behavior:
Only one checkpoint is recorded, reflecting the final state after both operations, potentially missing intermediate state changes.
I think this issue is similar to #43 as it explains the same consequences of writing checkpoint multiple times inside a block /
Lack of POC + further explanations
Github username: --
Twitter username: --
Submission hash (on-chain): 0x414a5ff840357199b971057ea08e9ec4b2a8a0de477fbc8fb7d9d67cf3d8625e
Severity: medium
Description:
Description
The
VirtualRewarderCheckpoints.writeCheckpoint()
function in theSingelTokenVirtualRewarderUpgradeable
contract may not correctly handle multiple updates within the same block. This can lead to inconsistencies in the recorded checkpoints, potentially causing incorrect state representation for tokenbalances
andtotal supply
. The function uses anin-memory
read of the last checkpoint and updates it if thetimestamp
matches the current block'stimestamp
. This approach can lead to issues whenmultiple updates
occur within thesame block
, as only thelast update
will be recorded, potentiallyoverwriting
previousupdates
within the same block.Attack Scenario\
Initial State:
User A has a balance of 100 tokens.
The total supply is 1000 tokens.
Multiple Updates in the Same Block:
User A deposits 50 tokens(using deposit function).
User A withdraws 30 tokens(using withdraw function).
Expected Behavior:
Two separate checkpoints should be recorded, one for the deposit and one for the withdrawal.
Actual Behavior:
Only one checkpoint is recorded, reflecting the final state after both operations, potentially missing intermediate state changes.
Attachments
The text was updated successfully, but these errors were encountered: