Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2022-03-JOYN-FINDINGS-ISSUES-133
HistoryApr 04, 2022 - 12:00 a.m.

Royalties do Not Support Fee-On-Transfer Tokens

2022-04-0400:00:00
Code4rena
github.com
4
JSON

Lines of code
<https://github.com/code-423n4/2022-03-joyn/blob/main/splits/contracts/Splitter.sol#L149-L169&gt;

Vulnerability details

Impact

The RoyaltyVault.sol contract interacts with the Splitter.sol to send accumulated royalties to the collection’s respective recipients. The sendToSplitter() function will query the balance of the royalty asset and send the amount after fee deductions to the splitter contract. However, the recipient of these funds expects the entire amount as Splitter.incrementWindow() is called on this amount. If fee-on-tokens or any rebasing token is used here, then the splitter contract will receive less than the sent amount. As a result, some users will not be able to claim their entire proportion of the royalties.

Recommended Mitigation Steps

Consider taking a snapshot of the token balance before and after the transfer and treat the difference between these two amounts as the received token amount. This will be compatible with all types of tokens and avoid any issues where users are unable to withdraw their entire deposited amount.

The text was updated successfully, but these errors were encountered:

All reactions

JSON