Platform: Code4rena
Start Date: 09/12/2022
Pot Size: $90,500 USDC
Total HM: 35
Participants: 84
Period: 7 days
Judge: GalloDaSballo
Total Solo HM: 12
Id: 192
League: ETH
Rank: 47/84
Findings: 1
Award: $163.00
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: HollaDieWaldfee
Also found by: 0xbepresent, 0xsomeone, Ruhum, ali_shehab, cccz, csanuragjain, kaliberpoziomka8552, rvierdiiev, sha256yan
162.9965 USDC - $163.00
https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Lock.sol#L84-L92
amount of tokens increased in the contract is updated when calling the lock function, and is decreased when calling the release function. However, since a user can add an amount when calling the extendLock function (see this function https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Lock.sol#L79-L92 ) ( see the comment mention that user can increase time and amount ), but the totalLocked[_asset] is not increased which can lead to totalLocked[_asset] to being in negative.
totalLocked[_asset] will be 100.totalLocked[_asset] is still 100.totalLocked[_asset] will revert.Vscode
increase totalLocked[_asset] when calling the extendLock.
#0 - c4-judge
2022-12-21T15:02:38Z
GalloDaSballo marked the issue as duplicate of #23
#1 - c4-judge
2023-01-22T17:38:07Z
GalloDaSballo marked the issue as satisfactory