Lines of code

Vulnerability details

Impact

During the code review, It has been observed that reward calculation has been done with execute_epoch_operations function. However, the config are stored in the storage. When the anc_purchase_factor is updated by the owner, the execute_epoch_operations is not called.

Proof of Concept

1. Navigate to the following contract.

https://github.com/code-423n4/2022-02-anchor/blob/main/contracts/money-market-contracts/contracts/overseer/src/contract.rs#L192

2. Config is updated with update_config function.

   if let Some(threshold_deposit_rate) = threshold_deposit_rate {
   config.threshold_deposit_rate = threshold_deposit_rate;
   }

   if let Some(buffer_distribution_factor) = buffer_distribution_factor {
   config.buffer_distribution_factor = buffer_distribution_factor;
   }

   if let Some(anc_purchase_factor) = anc_purchase_factor {
   config.anc_purchase_factor = anc_purchase_factor;
   }

   if let Some(target_deposit_rate) = target_deposit_rate {
   config.target_deposit_rate = target_deposit_rate;
   }

   if let Some(epoch_period) = epoch_period {
   config.epoch_period = epoch_period;
   }

   if let Some(price_timeframe) = price_timeframe {
   config.price_timeframe = price_timeframe;
   }

3. After the update, execute_epoch_operations function is not called. That will cause to out-of-date data.

Tools Used

Code Review

Recommended Mitigation Steps

Consider calling execute_epoch_operations function after config update.

The text was updated successfully, but these errors were encountered:

All reactions