The addSplitter()
function in LSTRewardsSplitterController
and the constructor
of LSTRewardsSplitter
lack validation on the cumulative value of _fees.basisPoints
. This omission could result in failures during reward splitting if the total basisPoints
exceeds the allowable limit.
The LSTRewardsSplitterController::addSplitter()
function does not verify whether the sum of the basisPoints
values from the _fees
parameter falls within the acceptable range before deploying the LSTRewardsSplitter
contract. This can potentially lead to errors if the sum exceeds the expected maximum.
Similarly, the constructor
of LSTRewardsSplitter
does not check the total value of _fees.basisPoints
, which could result in errors during the reward splitting process if the cumulative basisPoints
exceeds 10,000.
Without these checks, if the total basisPoints
value exceeds 10,000, the LSTRewardsSplitter::_splitRewards()
function will revert, causing LSTRewardsSplitter::performUpkeep()
and splitRewards()
to fail, potentially disrupting the reward distribution process.
https://github.com/Cyfrin/2024-09-stakelink/blob/ea5574ebce3a86d10adc2e1a5f6d5512750f7a72/contracts/core/lstRewardsSplitter/LSTRewardsSplitterController.sol#L109-L124
https://github.com/Cyfrin/2024-09-stakelink/blob/ea5574ebce3a86d10adc2e1a5f6d5512750f7a72/contracts/core/lstRewardsSplitter/LSTRewardsSplitter.sol#L44-L57
If the sum of _fees.basisPoints
exceeds 10,000, the LSTRewardsSplitter::_splitRewards()
function will fail, resulting in the reversion of the performUpkeep()
and splitRewards()
procedures. This could disrupt reward distribution and degrade the functionality of the staking system.
Manual Review
add a validation check in the LSTRewardsSplitter constructor to ensure that the total basisPoints value of the _fees array does not exceed 10,000.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.