Platform: Code4rena
Start Date: 12/04/2023
Pot Size: $60,500 USDC
Total HM: 21
Participants: 199
Period: 7 days
Judge: hansfriese
Total Solo HM: 5
Id: 231
League: ETH
Rank: 102/199
Findings: 2
Award: $22.67
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: decade
Also found by: 0x3b, 0xDACA, 0xWaitress, 0xWeiss, 0xkaju, Arz, Aymen0909, BPZ, EloiManuel, HaCk0, J4de, Jerry0x, Jiamin, John, Juntao, Kek, Lalanda, MiloTruck, Mukund, PNS, RedTiger, Ruhum, Satyam_Sharma, ToonVH, Tricko, Udsen, ak1, anodaram, bin2chen, carrotsmuggler, cccz, circlelooper, deadrxsezzz, giovannidisiena, jasonxiale, joestakey, juancito, karanctf, kenta, kodyvim, ladboy233, lil_eth, lukino, markus_ether, marwen, mrpathfindr, nobody2018, parlayan_yildizlar_takimi, peakbolt, ravikiranweb3, rbserver, rvierdiiev, silviaxyz, volodya, zhuXKET, zzebra83
0.0748 USDC - $0.07
In Equity.restructureCapTable, there is a for loop iterating i.
Inside that, it refers addressesToWipe[0]. But actually it should be addressesToWipe[i].
No meaning if the function calls _burn for the same address multiple times.
I think this is just the developer's mistake.
VSCode
Original:
File: Equity.sol 313: address current = addressesToWipe[0];
Fixed:
File: Equity.sol 313: address current = addressesToWipe[i];
#0 - c4-pre-sort
2023-04-20T14:22:46Z
0xA5DF marked the issue as duplicate of #941
#1 - c4-judge
2023-05-18T14:27:33Z
hansfriese marked the issue as satisfactory
#2 - c4-judge
2023-05-18T14:32:26Z
hansfriese changed the severity to 2 (Med Risk)