Origami

The github issue page can be found in here.

Findings Summary

ID	Description	Severity
M-01	OrigamiOToken::circulatingSupply will underflow when users burn their tokens.	Medium

[M-01] OrigamiOToken::circulatingSupply will underflow when users burn their tokens.

Bug Description

OrigamiOToken::circulatingSupply will underflow when users burn their tokens.

Attack Scenario

OrigamiOToken::circulatingSupply will underflow when users burn their tokens.

Proof Of Concept

Add the following test to OrigamiOToken.t.sol:

function test_circulatingSupplyUnderflow() public {
        address exploiter = makeAddr("EXPLOITER");
        vm.prank(origamiMultisig);
        oToken.amoMint(exploiter, 100);
        console.log(oToken.circulatingSupply());
        vm.prank(exploiter);
        oToken.burn(100);
        console.log(oToken.circulatingSupply());
    }

Foundry Result:

Running 1 test for test/foundry/unit/investments/OrigamiOToken.t.sol:OrigamiOTokenTestAccess
[PASS] test_circulatingSupplyUnderflow() (gas: 70396)
Logs:
  0
  115792089237316195423570985008687907853269984665640564039457584007913129639836

Test result: ok. 1 passed; 0 failed; 0 skipped; finished in 4.06ms
 
Ran 1 test suites: 1 tests passed, 0 failed, 0 skipped (1 total tests)

Recommended Mitigation

overrides ERC20Burnable functions if not used.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

2024-02-origami.md

2024-02-origami.md

Origami

Findings Summary

[M-01] OrigamiOToken::circulatingSupply will underflow when users burn their tokens.

Bug Description

Attack Scenario

Proof Of Concept

Recommended Mitigation

Files

2024-02-origami.md

Latest commit

History

2024-02-origami.md

File metadata and controls

Origami

Findings Summary

[M-01] OrigamiOToken::circulatingSupply will underflow when users burn their tokens.

Bug Description

Attack Scenario

Proof Of Concept

Recommended Mitigation