Report Date
November 12, 2022
Status
Confirmed
Payout
11,000
Cancelling a market pod orders returns multiple of funds deposited
‣
BIR-2: V1 Pod Order Backwards Compatibility
BIC Response
After a review, the BIC believes that this should be classified as Medium (Smart contract unable to operate due to lack of token funds) for the following reasons:
- This bug would have only resulted in an excess of ~105,121 Beans being distributed to the 3 remaining addresses that created a V1 Pod Order before BIP-29 was committed;
- This loss would have only been realized if Farmers withdrew all remaining assets from Beanstalk (Farm balances, the Silo, etc.); and
- More info here:Â https://github.com/BeanstalkFarms/Beanstalk-Governance-Proposals/blob/master/bip/ebip/ebip-4-remove-v1-pod-order-functions.md
Based on our bounty page, this submission and the new proposed severity (Smart Contract - Medium) comes with a reward of $1,000 to $10,000 to be paid in Beans. However, given your graciousness in returning the funds, the BIC would like to reward you 11,000 Beans for this bug report.