Fjord Token Staking

Fjord

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

`UnstakeAll` doesn't unstake current epoch

johny37

Summary

The natspec of UnstakeAll function mentions that it allows the user to unstake from all epochs at once. However, it doesn't unstake for the current epoch. As a result, a user might expect that all the stakes they have done have been successfully unstaked and if the epoch rollovers, the funds of the user are locked, until the lock period passes.

Vulnerability Details

unstakeAll does not unstake the current's epoch deposit of the user. Users can unstake immediately through the unstake function for the current epoch. However, the same logic is not present in the unstakeAll function that only checks for the deposits that have been made in epochs and the lock time period has elapsed.

Add the following code in the stakeUnstake.t.sol file:

function test_PoC_UnstakeAll() public {

uint256 amountToStake = 1000 ether;

uint256 epochDuration = 86_400 * 7;

vm.prank(alice);

fjordStaking.stake(amountToStake);

skip(epochDuration);

vm.prank(alice);

fjordStaking.stake(amountToStake);

skip(epochDuration * 7);

vm.prank(alice);

fjordStaking.stake(amountToStake);

uint256 balanceBeforeUnstakeAll = token.balanceOf(alice);

vm.prank(alice);

fjordStaking.unstakeAll();

uint256 unstakedAmount = token.balanceOf(alice) - balanceBeforeUnstakeAll;

console.log("unstakedAmount :", unstakedAmount);

assertNotEq(unstakedAmount, 3000 ether);

assertEq(unstakedAmount, 2000 ether);

}

The output of the test is the following:

[PASS] test_PoC_UnstakeAll() (gas: 473219)

Logs:

unstakedAmount : 2000000000000000000000

Suite result: ok. 1 passed; 0 failed; 0 skipped; finished in 803.27ms (2.29ms CPU time)

Impact

Not expected functionality and lock of user funds for the lock period if epoch rollovers.

Tools Used

Manual Review

Recommendations

Consider adding a similar check to the unstakeAll function like the check for the current epoch like unstake function, so that unstakeAll also unstakes immediately the deposit of users for the same epoch.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

662

30 USDC / LOC

High Medium

16,000 USDC

Low

2,500 USDC

Judges

1,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.