Skip to content
This repository has been archived by the owner on Sep 22, 2024. It is now read-only.

s1ce - calculateMaxAllocation computes max allocation incorrectly #172

Closed
sherlock-admin4 opened this issue Mar 20, 2024 · 0 comments
Closed

s1ce - calculateMaxAllocation computes max allocation incorrectly #172

sherlock-admin4 opened this issue Mar 20, 2024 · 0 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue

Comments

@sherlock-admin4
Copy link
Contributor

sherlock-admin4 commented Mar 20, 2024
edited by Evert0x
Loading

s1ce

high

calculateMaxAllocation computes max allocation incorrectly

Summary

calculateMaxAllocation takes the maximum of userMaxAllc and maxAllocation in order to compute the max allocation. However, it should be taking the minimum.

Vulnerability Detail

Here is the relevant code:

    function calculateMaxAllocation(address _sender) public returns (uint256) {
        uint256 userMaxAllc = _maxTierAllc(_sender);

        if (userMaxAllc > maxAllocation) {
            return userMaxAllc;
        } else {
            return maxAllocation;
        }
    }

The way that this is currently written, even if the user has very little or even no allocation, they will get up to maxAllocation. This is clearly not intended protocol design and ends up allowing users to take way more allocation than intended, defeating the purpose of a private token sale. Users can also sybil with this to take extreme amounts more allocation than intended.

Impact

Users can take way more allocation than intended

Code Snippet

https://github.com/sherlock-audit/2024-03-zap-protocol/blob/main/zap-contracts-labs/contracts/TokenSale.sol#L259

Tool used

Manual Review

Recommendation

Take min instead of max

Duplicate of #152
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Mar 23, 2024
@Hash01011122 Hash01011122 removed Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Mar 27, 2024
@sherlock-admin2 sherlock-admin2 changed the title Savory Khaki Goldfish - calculateMaxAllocation computes max allocation incorrectly s1ce - calculateMaxAllocation computes max allocation incorrectly Mar 28, 2024
@sherlock-admin2 sherlock-admin2 added the Non-Reward This issue will not receive a payout label Mar 28, 2024
This was referenced Apr 3, 2024
Closed
Open
@Evert0x Evert0x added the Medium A valid Medium severity issue label Apr 20, 2024
@sherlock-admin4 sherlock-admin4 added Reward A payout will be made for this issue and removed Non-Reward This issue will not receive a payout labels Apr 20, 2024
@sherlock-admin2 sherlock-admin2 added the Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label label Apr 21, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Evert0x @Hash01011122 @sherlock-admin2 @sherlock-admin4