Misleading Withdraw Event Emission
Summary
The withdraw and _withdraw functions of the priorityPool contract contain an inconsistency in the withdrawal event emission. The event emitted in _withdraw does not accurately reflect the actual amount of tokens transferred to the user. This can lead to confusion for users and potential discrepancies in user interfaces or external systems relying on event logs.
https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/core/priorityPool/PriorityPool.sol#L271
Vulnerability Details
In the priorityPool _withdraw function is called from the main Withdraw function and the following event is emited:
This emission does not accurately represent the actual withdrawal process in the withdraw(), as _amount that is passed to the internal withdraw is already a reduced amount from the original withdrawal request (it had tokens removed from it due to queued withdrawals if _shouldUnqueue is true). Additionally the actual tokens transferred to the user at the end of the withdraw are specified as:
The amount that is specified in the event at the end of withdraw period is completely different from the amount of tokens sent to the user
Impact
This can lead to incorrect off-chain tracking of withdrawals causing discrepancies in user balances and overall system state interpretation.
Tools Used
Manual review
Recommendations
Move the Withdraw event to the main withdraw function to accurately represent all aspects of the withdrawal.
Lead Judging Commences
Wrong value emitted in PriorityPool::withdraw event
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.