The functions SDLPool::staked
(line 129) and SDLPool::effectiveBalanceOf
(line 138) contain the same logic by reading and returning the same state variable SDLPool::efectiveBalances
.
Considering SDLPool inherits from RewardsPoolController, which is an abstract
contract and requires the implementation of staked
by the child, removeeffectiveBalanceOf
from the codebase and use the afforementioned function to read the effective balance of the stakers.
SDLPoolPrimary::_storeUpdatedLock
After the lock of a user is updated the _storeUpdatedLock
function calculates a diffTotalAmount
that represents an amount of effective balance that should be credited or deducted from the owner and from the total effective balance in the pool. This amount it's expected to be either positive or negative, but due to the constraints in the codebase the amount will always be equal or greater with respect to the previous value.
The pool offers to stakers two ways to update their positions:
Using SDLPoolPrimary::extendLockDuration
function
Calling the transferAndCall
method on the SDL token
Despite which method the staker chooses to update their position it's expected that the new locking duration MUST be equal or greater than the current period and the user cannot stake zero tokens to the pool.
The following checks are in place in the code base:
In SDLPoolPrimary::onTokenTransfer
In SDLPool::_updateLock
This means that when the boost amount and the new stake amount are calculate these amounts will remain the same or increase.
Resulting in diffTotalAmount
staying the same or increasing.
The summary can be demonstrated with a series of fuzz tests using with Foundry.
Create a new test file and add the following code.
Add and execute the following test cases.
After calculating diffTotalAmount
just add the amount to the effective balance of the owner and the pool.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.