Platform: Code4rena
Start Date: 12/04/2023
Pot Size: $60,500 USDC
Total HM: 21
Participants: 199
Period: 7 days
Judge: hansfriese
Total Solo HM: 5
Id: 231
League: ETH
Rank: 70/199
Findings: 2
Award: $50.88
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: Josiah
Also found by: 0xDACA, Diana, Emmanuel, Kumpa, Nyx, RaymondFam, Ruhum, __141345__, bin2chen, carlitox477, lil_eth, nobody2018, rbserver
28.2764 USDC - $28.28
According to code comment, Position.reduceLimitForClone(uint256) should Adjust this position's limit to give away half of the remaining limit to the clone.
This requirement is not meet by the function.
Allows someone how is cloning a position to get more than half of the remaining limit.
https://gist.github.com/carlitox477/c80c5b1d660709d4f6b68b20d1e5b6d6
The reduction should be done by just \frac{limit - minted}{2} according to comments. This means that parameter _minimum should not be taken into account when reduceLimitForClone is called, given that the remaining limit = limit - minted. This means:
function reduceLimitForClone() external noChallenge noCooldown alive onlyHub returns (uint256) { uint256 reduction = (limit - minted)/2; // this will fail with an underflow if minimum is too high limit -= reduction; return reduction; }
#0 - c4-pre-sort
2023-04-20T09:54:07Z
0xA5DF marked the issue as duplicate of #932
#1 - c4-judge
2023-05-18T14:16:19Z
hansfriese marked the issue as satisfactory