Platform: Code4rena
Start Date: 21/04/2022
Pot Size: $75,000 USDC
Total HM: 7
Participants: 45
Period: 7 days
Judge: 0xean
Total Solo HM: 5
Id: 111
League: ETH
Rank: 9/45
Findings: 1
Award: $4,218.75
🌟 Selected for report: 0
🚀 Solo Findings: 0
User adds weight to a gauge that hasn't been added
In addition to adding to a nonexistent gauge it also increments _totalWeight which only contains weight for live gauges. This value then results in https://github.com/fei-protocol/flywheel-v2/blob/77bfadf388db25cf5917d39cd9c0ad920f404aad/src/token/ERC20Gauges.sol#L208 returning values for reward distribution that account for the nonexistent gauge but never send tokens to it resulting in reward tokens being permanently stuck in FlywheelGaugeRewards.sol
For a mapping all keys exist in solidity so using a key that has not been added will instead returns an empty weight. This means that nothing would throw an error allowing the user to add weight to a nonexistent gauge
Use isGauge() instead of _deprecatedGauges.contains(gauge)
#0 - Joeysantoro
2022-04-27T03:35:30Z
#5 dup
#1 - itsmetechjay
2022-04-27T19:22:02Z
Per warden's help desk request, we added in additional information under the Impact section.