Fjord Token Staking
Fjord
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Ineffective conditional check in `claimReward()` function

gajiknownnothing

Summary

In the claimReward() function of the FjordStaking contract, a conditional check designed to prevent users from claiming rewards prematurely is structured in a way that renders part of the condition redundant.

Vulnerability Details

If the condition claimReceipts[msg.sender].requestEpoch > 0 is true, the second condition claimReceipts[msg.sender].requestEpoch >= currentEpoch - 1 will always be true, making the second part of the condition redundant:

FjordStaking#claimReward
625: // do not allow to claimReward while user have pending claimReceipt
626: // or user have claimed from the last epoch
627: if (
628: claimReceipts[msg.sender].requestEpoch > 0
629: || claimReceipts[msg.sender].requestEpoch >= currentEpoch - 1
630: ) revert ClaimTooEarly();

Impact

While this redundancy does not directly introduce a vulnerability, it complicates the code's readability and could mislead developers maintaining the contract.

Tools Used

vscode

Recommendations

// do not allow to claimReward while user have pending claimReceipt
- // or user have claimed from the last epoch
- if (
- claimReceipts[msg.sender].requestEpoch > 0
- || claimReceipts[msg.sender].requestEpoch >= currentEpoch - 1
- ) revert ClaimTooEarly();
+ if (claimReceipts[msg.sender].requestEpoch > 0) revert ClaimTooEarly();
Updates

Lead Judging Commences

inallhonesty Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.