Fjord Token Staking

Fjord

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Users will be penalized when they should not

mrmorningstar

Summary

User will be penalized and incur loss of rewards.

Vulnerability Details

PoC:
Imagine scenario where user staked and waited for full lockCycle to be over so he can unstake and claim his rewards. The issue arise when he unstake even thou he waited for full lockCycle (which is 6 weeks) if he want to claim his rewards in the same epoch. In order to do that he will be penalized otherwise he must wait another 3 cycles. (In other words he need to wait minimum 9 weeks in order to get his rewards).

Type following test in unstake.t.sol to prove this:

function testUnstakeandClaimInSameEpoch() public{

// Total added reward is 7 ether over 7 epochs

_addRewardAndEpochRollover(1 ether, 7);

assertEq(fjordStaking.currentEpoch(), 8);

uint256 balanceBefore = token.balanceOf(address(this));

// 10 ether staked

vm.expectEmit();

emit Unstaked(address(this), 1, 10 ether);

uint256 total = fjordStaking.unstake(1, 10 ether);

assertEq(total, 10 ether);

assertEq(fjordStaking.totalStaked(), 0 ether);

uint256 balanceAfter = token.balanceOf(address(this));

assertEq(balanceAfter, balanceBefore + 10 ether);

// user want to claim rewards in same epoch when he unstaked

// isClaimEarly = false to not get penalized (he waited for full lockCycle for this)

fjordStaking.claimReward(false);

// request will revert because the claimCycle would be applied still

vm.expectRevert();

fjordStaking.completeClaimRequest();

}

The test will pass and this would prove that user could not claim their rewards in the same epoch when they unstaked otherwise they must agree to be penalized in order to get their rewards in the same epoch which will incur in lost of potential rewards for user and dissatisfaction with the protocol.

The same scenario can apply even if used don't unstake their tokens but want to claim rewards after lockCycle period is over.

Impact

User will be penalized and incur loss of rewards.

Tools Used

Manual Review

Recommendations

Make sure only users who want to claim rewards before the lockCycle period is over must wait for claimCycle to pass in order to not be penalized.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

662

30 USDC / LOC

High Medium

16,000 USDC

Low

2,500 USDC

Judges

1,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.