Submission Details
Severity:
Fee receivers of LSTRewardSplitters can be denied of fees
Summary
LSTRewardsSplitter:splitRewards can be called on every block to deny rewards being distributed to the fee receivers.
Vulnerability Details
The function LSTRewardsSplitter:splitRewards can be used by a malicious actor to deny / grief the fee receiver's fee.
This can be performed by calling the function on every block ensuring the rewards are not getting distributed as intended.
function _splitRewards(uint256 _rewardsAmount) private {
for (uint256 i = 0; i < fees.length; ++i) {
Fee memory fee = fees[i];
@> uint256 amount = (_rewardsAmount * fee.basisPoints) / 10000; // when _rewardsAmount * fee.basisPoints < 10000, would result in 0 fee being distributed
if (fee.receiver == address(lst)) {
IStakingPool(address(lst)).burn(amount);
} else {
lst.safeTransfer(fee.receiver, amount);
}
}
principalDeposits = lst.balanceOf(address(this));
emit RewardsSplit(_rewardsAmount);
}
This would deny the fee receivers from receiving any fee.
Impact
Loss of fees for the fee receivers.
Tools Used
Manual review
Recommendations
It is recommended to allow calling of splitRewards in a certain interval.
Updates
Prize pool breakdown
Total prize
50,000 USDC
nSLOC
2,53020
USDC / LOC
42,000 USDC
4,250 USDC
3,750 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.