If the Staking_period
had already ended, a user changes her mind and decides NOT to deposit her already staked
ETH into the vault
, It becomes impossible for her to unstake
and claim her ETH
Since the protocol design and logic only allows a user to unstake
only within the stake_period
, user funds get stuck with the protocol if she did not unstake
before that period of 4 weeks
elapse
here is a foundry test for the vulnerability
users are forced against their will to deposit into the vault else the funds get stucked in the protocol
poor UX and centralization issue as users will be forced to deposit their staked ETH before they can claim them
manual review
foundry test
as far as users have not deposited their staked ETH into the vault, Steak::unstake
should allow them to unstake their ETH any time they want
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.