Platform: Code4rena
Start Date: 12/04/2023
Pot Size: $60,500 USDC
Total HM: 21
Participants: 199
Period: 7 days
Judge: hansfriese
Total Solo HM: 5
Id: 231
League: ETH
Rank: 103/199
Findings: 2
Award: $22.67
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: decade
Also found by: 0x3b, 0xDACA, 0xWaitress, 0xWeiss, 0xkaju, Arz, Aymen0909, BPZ, EloiManuel, HaCk0, J4de, Jerry0x, Jiamin, John, Juntao, Kek, Lalanda, MiloTruck, Mukund, PNS, RedTiger, Ruhum, Satyam_Sharma, ToonVH, Tricko, Udsen, ak1, anodaram, bin2chen, carrotsmuggler, cccz, circlelooper, deadrxsezzz, giovannidisiena, jasonxiale, joestakey, juancito, karanctf, kenta, kodyvim, ladboy233, lil_eth, lukino, markus_ether, marwen, mrpathfindr, nobody2018, parlayan_yildizlar_takimi, peakbolt, ravikiranweb3, rbserver, rvierdiiev, silviaxyz, volodya, zhuXKET, zzebra83
0.0748 USDC - $0.07
An investor who decides to save the Frankencoin system in the event of a restructuring could lose almost all of their investment due to a typo in the code that does not properly wipe the balances of other investors.
In case a restructuring is needed (equity being less than 1000 ZCHF or even negative), if an investor decides to save the system, they would want to wipe everyone else's FPS balance, to avoid sharing their bailout money with them. See the comments about this situation here:
For example, let's assume there are 3 holders of FPS:
Alice has: 1,000 FPS Bob has: 1,000 FPS Denis has: 30,000 FPS Alice has more than 3% of the voting power (1000/32,000) > 0.03. Alice decides to save the system after a devastating loss where the equity stands at -1,000,000 ZCHF. She decides to call the restructure function and wipe Bob and Denis. She calls the restructure function but only manages to wipe Bob (due to the typo). She receives no error message about the impossibility of wiping Denis. She believes Denis is wiped as well.
Alice invests 2,000,000 ZCHF into the system, expecting to be the only owner of FPS. She believes there is no need to split the investment in two (i.e., first sends 1,001,000 ZCHF to make the system operational again and get 1,000 FPS, and then sends the difference). She transfers 2,000,000 ZCHF from her wallet to the Equity Contract and receives 1,000 more FPS.
She expects to own 100% of the equity of the restructured system (1,000,000 ZCHF). Instead, she will own only 6.25% of the FPS (2,000/32,000). Alice loses almost all of the ZCHF she was supposed to get.
Manual review
Change addressesToWipe[0] to addressesToWipe[i]; https://github.com/code-423n4/2023-04-frankencoin/blob/1022cb106919fba963a89205d3b90bf62543f68f/contracts/Equity.sol#L313
#0 - c4-pre-sort
2023-04-20T15:32:19Z
0xA5DF marked the issue as duplicate of #941
#1 - c4-judge
2023-05-18T14:29:19Z
hansfriese marked the issue as satisfactory
#2 - c4-judge
2023-05-18T14:32:26Z
hansfriese changed the severity to 2 (Med Risk)