Description:
The contract does not adequately validate the _amount parameter in the unstake and unstakeVested functions. While it checks for basic conditions like _amount > 0, it does not ensure that the _amount is within the valid range relative to the user's actual staked balance.

Location:

src/FjordStaking.sol

• unstake function (Line 455)

• unstakeVested function (Line 524)

Issue:
If the _amount parameter is not properly validated against the user's actual staked balance, a malicious or unintended input could cause incorrect calculations, leading to potential underflows, overflows, or inconsistencies in the user's staking data.

Impact:

• This issue could lead to incorrect data being stored or manipulated within the contract, potentially allowing users to unstake more tokens than they have or causing other unintended behaviors.

Tools used: Manual Review.

Recommendations:
Implement additional validation checks to ensure that the _amount parameter does not exceed the user's staked balance.

Potential changes:

• Add validation to ensure _amount is within the user's actual staked balance.

Changes needed for which line of code:

• Enhanced Validation.