Platform: Code4rena
Start Date: 23/06/2023
Pot Size: $60,500 USDC
Total HM: 31
Participants: 132
Period: 10 days
Judge: 0xean
Total Solo HM: 10
Id: 254
League: ETH
Rank: 92/132
Findings: 1
Award: $43.05
🌟 Selected for report: 0
🚀 Solo Findings: 0
43.047 USDC - $43.05
this vulnerability would cause rewardPerTokenStored has an incorrect value.
rewardPerTokenStored = rewardPerTokenStored + (amount * 1e36 / token.decimals()) / totalStaked();
this line is converting the token decimals to 1e18 for consistent calculations.
but some ERC20 tokens decimals() function doesnt't return 1e18 such as USDC stable token decimals() returns 6. This would cause an calculating error.
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
stableToken to some ERC20 token such as USDCManual Review
ERC20
#0 - c4-pre-sort
2023-07-11T18:57:01Z
JeffCX marked the issue as duplicate of #501
#1 - c4-judge
2023-07-28T15:40:28Z
0xean marked the issue as satisfactory