📄

Report #27979

Report Date
January 23, 2024
Status
Confirmed
Payout
50,000

Manipulating the Total Stalk/Roots Ratio for Gain.

‣
Report Info

BIR-12: Earned Beans Theft

BIC Response

Based on our bounty page, this submission's ( Smart Contract - High ) reward is capped at the lower of (a) 100% of practicable economic damage, or (b) USD 100 000 (paid 1:1 in Beans), primarily taking into consideration the Funds at Risk. There is a minimum reward of USD 10 000 for High severity smart contract bug reports.

However, we don't believe it is practical to precisely quantify the practicable economic damage in this report as a result of the exploit being more or less profitable at different times.

The report points out that during Seasons over the last few months, the attack has been profitable by various amounts, including a particular Season (and following Seasons until certain conditions change) where up to 20,000 Beans could have been stolen in each block during the 10 block Vesting Period.

Given this economic damage that could occur at various points in time (and for many of the reasons outlined earlier in the thread), the BIC has determined that this bug report be rewarded 50,000 Beans.