The amount stored in the recipient’s committedFGEN balance overwrites any previously-committed value. Additionally, this also allows anyone to commit an amount of “0” to any account, deleting their commitment entirely.
Ensure the committed amount is added to the existing commitment.
- ConsenSys Audit Fei Finding 3.1
- Application Logic
- Critical Severity
- Overwrite Value Instead-of Adding Value
- Add to Existing Value
- Youtube Reference
- Critical severity finding from Consensys Diligence Audit of Fei Protocol