Liquid Staking
Stakelink
DeFiHardhatOracle
50,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Incorrect Share Balance Adjustment in _withdraw Function

aycozynfada

Summary

The _withdraw function in the provided Solidity code adjusts the share balances before calculating the sharesAmount. This can lead to incorrect share balance adjustments and potential discrepancies in the staking contract.

Vulnerability Details

The function subtracts the shareAmount from the operatorshareBalances and pool totalShares before calculating the sharesAmount per stake using lst.getSharesByStake(_amount). This sequence will result in incorrect share balance adjustments.

function _withdraw(address _operator, uint256 _amount) private {
shareBalances[_operator] -= shareAmount; // subtracting shares before getting expected shares from lst
totalShares -= sharesAmount;
uint256 sharesAmount = lst.getSharesByStake(_amount);
emit Withdraw(_operator, _amount, sharesAmount);
}

}

Impact

Incorrect token calculation in the staking pool leading to inflated balance

High

Tools Used

manual review

Recommendations

Ensure that the sharesAmount is calculated before making any adjustments to the share balances.t;

function _withdraw(address _operator, uint256 _amount) private {
uint256 sharesAmount = lst.getSharesByStake(_amount); // calculate sharesAmount first
shareBalances[_operator] -= sharesAmount; // adjust share balances after calculation
totalShares -= sharesAmount;
emit Withdraw(_operator, _amount, sharesAmount);
}

}

Updates

Lead Judging Commences

inallhonesty Lead Judge
11 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.