heeze - Incorrect index of checkpoint #785
Comments
sherlock-admin2
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
sherlock-admin2
changed the title
heeze
Medium
Incorrect index of checkpoint
Summary
If the checkpoint is updated and the previous timestamp and current are the same (i.e they are within the same block) the index returned is incorrect.
Vulnerability Detail
The
ProtectedListings::_createCheckpointfunction updates thecollectionCheckpointsmapping whenever a change in the number of listings occurs and returns the index at which the latest checkpoint is stored.In the
ProtectedListings::_createCheckpointfunction if the timestamp of a listing is the same as the previous one in the array thecompoundedFactorof the previous checkpoint is changed and used as the updated checkpoint. However, the index is calculated as the length of the array which is incorrect.Impact
The checkpoint index is incorrect and points to a non-existing array index, and since this is used in calculating the unlock price therefore the unlock price will also be incorrect.
Code Snippet
In https://github.com/sherlock-audit/2024-08-flayer/blob/main/flayer/src/contracts/ProtectedListings.sol#L564-#L567
Tool used
Manual Review
Recommendation
The text was updated successfully, but these errors were encountered: