Omniscia Alliance Block Audit

CompoundingRewardsPool Manual Review Findings

CRP-01M: Invalid Reward Addition

Type	Severity	Location
Logical Fault	Major	CompoundingRewardsPool.sol:L42-L46

Description:

The addMoreRewards function can be exploited to overflow the amountTransferred variable as the transfer being performed is from the contract to itself thus being possible for any value less-than-or-equal-to the balance of the contract at a given point in time.

Example:

contracts/V2/CompoundingRewardsPool.sol

42function addMoreRewards(address rewardsToken, uint256 _tokenAmount) public {
43    amountTransferred += _tokenAmount;
44    IERC20Detailed(rewardsToken).safeTransfer(address(this), _tokenAmount);
45    emit AdditioanalRewardsAdded(msg.sender,_tokenAmount);
46}

Recommendation:

We advise the workflow of the function to be corrected to perform a safeTransferFrom invocation from the msg.sender to the address(this) as currently, funds are transferred to itself ineffectually.

Alleviation:

The correct reward addition workflow is now applied to the codebase, invoking safeTransferFrom from the msg.sender to the contract.

Omniscia Alliance Block Audit

CompoundingRewardsPool Manual Review Findings

CompoundingRewardsPool Manual Review Findings

CRP-01M: Invalid Reward Addition

Description:

Example:

Recommendation:

Alleviation:

TreasuryOperated.sol (TOD-S)

CompoundingRewardsPoolFactory.sol (CRF-M)

On this page