4 matches found
Upgraded Q -> 3 from #161 [1699466057671]
Judge has assessed an item in Issue 161 as 3 risk. The relevant finding follows: L-02 Prime.updateScores will revert if users are added after updating nextScoreUpdateRoundId Vulnerability Details In Prime contract: the updateScores function is meant to update scores of a batch of users when a new...
Upgraded Q -> 2 from #659 [1699030291397]
Judge has assessed an item in Issue 659 as 2 risk. The relevant finding follows: L-01 updateScores will result in DoS if pass a user with an already updated score Impact If updateScores is called for a user who is already updated in the same round, the function will misbehave, causing it to repea...
Upgraded Q -> 2 from #617 [1699030085781]
Judge has assessed an item in Issue 617 as 2 risk. The relevant finding follows: L-01 continue before loop variable increment In updateScores function, the rest of the loop execution is skipped with continue if a user’s score has already been updated. But the updation of the loop variable occurs...
pendingScoreUpdates counts may be corrupted
Lines of code Vulnerability details Vulnerability details Prime.pendingScoreUpdates is used to record the number of users whose score needs to be recalculated when addMarket , updateAlpha , updateMultipliers occurs. Record pendingScoreUpdates=totalIrrevocable + totalRevocable when the above metho...