Platform: Code4rena
Start Date: 04/05/2022
Pot Size: $50,000 DAI
Total HM: 24
Participants: 71
Period: 5 days
Judge: Justin Goro
Total Solo HM: 14
Id: 119
League: ETH
Rank: 55/71
Findings: 1
Award: $74.55
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: horsefacts
Also found by: 0x1f8b, 0xYamiDancho, 0xf15ers, 0xkatana, ACai, AlleyCat, Bruhhh, Dravee, Funen, GimelSec, Hawkeye, IllIllI, MaratCerby, PPrieditis, Picodes, Ruhum, TerrierLover, VAD37, berndartmueller, csanuragjain, defsec, delfin454000, eccentricexit, ellahi, fatherOfBlocks, gzeon, hansfriese, hickuphh3, hyh, ilan, joestakey, juicy, kebabsec, oyc_109, rajatbeladiya, reassor, rfa, robee, samruna, simon135, sorrynotsorry, throttle
74.5546 DAI - $74.55
https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/MerkleResistor.sol#L245-L246
A require should be used to prevent (maxTotalPayments - minTotalPayments) turns negative, i.e.require(maxTotalPayments >= minTotalPayments).
This is not used in the initialize funciton as well.
Ideally, maxTotalPayments should be greater than minTotalPayments, i.e. require(maxTotalPayments > minTotalPayments), so that there will be positive coinsPerSecond given positive paymentSlope and totalCoins.
https://github.com/code-423n4/2022-05-factorydao/blob/main/contracts/MerkleVesting.sol#L117
Similar to the above issue, a require shoule be used to prevent (endTime - startTime) turns non-positive, i.e. require(endTime > startTime).
#0 - illuzen
2022-05-12T09:03:00Z
all duplicates