Upgraded Q -> 2 from #258 [1706641869227] #1277
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
duplicate-994
partial-50
Incomplete articulation of vulnerability; eligible for partial credit only (50%)
Comments
c4-judge
added
the
2 (Med Risk)
c4-judge
added a commit
that referenced
this issue
Jan 30, 2024
|
Trumpero marked the issue as duplicate of #994 |
|
This issue should receive only 50% partial credit due to its lack of quality and evidence |
|
Trumpero marked the issue as partial-50 |
c4-judge
added
the
partial-50
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Judge has assessed an item in Issue #258 as 2 risk. The relevant finding follows:
[L-9] Any borrower can receive
rewardsby adding weight to thetermbefore repayment.When interests accrue from borrowers, these interests are immediately distributed to token holders based on their respective weights.
https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/2376d9af792584e3d15ec9c32578daa33bb56b43/src/governance/ProfitManager.sol#L396-L399
Hence, any borrower can add weight before repayment, receive
rewards, and subsequently withdraw their added weight.Need a logic similar to rebasing tokens.
The text was updated successfully, but these errors were encountered: