Lines of code
<https://github.com/code-423n4/2023-10-canto/blob/40edbe0c9558b478c84336aaad9b9626e5d99f34/canto_ambient/contracts/mixins/LiquidityMining.sol#L285-L289&gt;

Vulnerability details

During a rewards claim LiquidityMining.sol uses a low-level call with the msg.value as the rewardsToSend to the liquidity providers, but the contract lacks a receive() or fallback() function for funds be deposited in it, leaving the contract empty and unable to send rewards to the liquidity providers when they try to claim rewards.

You can see in the claimConcentratedRewards()

    function claimConcentratedRewards(
        address payable owner,
        bytes32 poolIdx,
        int24 lowerTick,
        int24 upperTick,
        uint32[] memory weeksToClaim
    ) internal {
// More code...
        if (rewardsToSend > 0) {
            (bool sent, ) = owner.call{value: rewardsToSend}("");
            require(sent, "Sending rewards failed");
        }
    }

You can see in the claimAmbientRewards()

 function claimAmbientRewards(
        address owner,
        bytes32 poolIdx,
        uint32[] memory weeksToClaim
    ) internal {
//more code..
        if (rewardsToSend > 0) {
            (bool sent, ) = owner.call{value: rewardsToSend}("");
            require(sent, "Sending rewards failed");
        }
    }

Impact

Rewards cannot be sent out to liquidity providers as there is no way for funds to be deposited in the contract that send out reward (LiquidityMining.sol).

Tools Used

Manual Review

Recommended Mitigation Steps

A recieve or fallback function should be added to LiquidityMining.sol to enable funds to be deposited for reward distribution.

Assessed type

call/delegatecall

The text was updated successfully, but these errors were encountered:

All reactions