Fjord Token Staking

Fjord

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

The `early claimer` will `incur a penalty less than 50%` if the claimer has majority stake in the `FjordStaking` contract

Udsen

Summary

The early claimer will incur a penalty less than 50% if the claimer has majority stake in the FjordStaking contract

Vulnerability Details

The FjordStaking.claimReward function allows claimer to claim the rewards early for a penalty by setting the _isClaimEarly intput boolean parameter to true. The penalty is 50% of the unclaimedRewards of the claimer. The penalty amount is deducted from the unclaimedRewards amount and the remainder (other 50%) is sent to the claimer (msg.sender) via fjordToken.safeTransfer call. The penalty amount is kept in the contract and this amount will be again distributed among the stakers in the FjordStaking._checkEpochRollover function call, since the pendingRewards calculation uses the fjordToken balance of the staking contract (fjordToken.balanceOf(address(this))) in its calculation. The penalty amount is also included in the fjordToken balance amount of the staking contract thus distributing the penalty amount among the stakers in the epoch (This happens via rewardPerToken[epoch] updation).

But the issue here is if there is a whale staker owning majority of the staked amount in the FjordStaking contract he will not incur a 50% penalty for early claiming of rewards. This is since his initial penalty of 50% is later distributed among the stakers and the whale staker being the majority stake holder he will get majority of that 50% penalty back to himself.

Impact

Hence the above vulnerability breaks the intended purpose of the protocol, of applying 50% penalty on early claiming, because whale stakers have the opportunity to claim early, for a lesser net penalty percentage since majority of the initial 50% penalty is again rewarded back to the whale staker during the FjordStaking._checkEpochRollover function call.

https://github.com/Cyfrin/2024-08-fjord/blob/main/src/FjordStaking.sol#L616
https://github.com/Cyfrin/2024-08-fjord/blob/main/src/FjordStaking.sol#L644-L654
https://github.com/Cyfrin/2024-08-fjord/blob/main/src/FjordStaking.sol#L699-L709

Tools Used

Manual Review and VSCode

Recommendations

Hence it is recommended to implement a seperate mechanism to distribute the penalty amount among the other stakers (other than the early claimer who is being penalized) in the FjordStaking contract.

Updates

Lead Judging Commences

inallhonesty Lead Judge

10 months ago

inallhonesty Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Design choice

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

662

30 USDC / LOC

High Medium

16,000 USDC

Low

2,500 USDC

Judges

1,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.