Report Date
November 26, 2022
Status
Closed
Payout
CWE-834: Excessive Iteration (UPDATE: enrootDeposit)
‣
BIC Response
This is not a security bug report because repeated calling of enrootDeposit(s) is expected behavior. Any calls to enrootDeposit(s) that do not update the Deposit's BDV to a higher value would simply be wasting gas.
If I understand the above right enroot for direct deposits can only be done once per season to add revitalized stalk and seed to balances
This is incorrect, as the BDV of Unripe Deposits can change at any time.
It also unclear what the attack vector is in this bug report.
Due to these reasons, we are closing the submission and no reward will be issued.