Liquid Staking
Stakelink
DeFiHardhatOracle
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

No check in the constructor that adding fees array not exceed from limit 10000.

aua_oo7

Summary

Vulnerability Details

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/core/lstRewardsSplitter/LSTRewardsSplitter.sol#L50-L57

there is limit 10000 for Fees array basisPoints collection that should not exceed from 10000, however the _totalFeesBasisPoints() function check that the Fees array receiver basisPoints sum not exceed from 10000. In the constructor after adding the fees array there is no check to see is the fee receiver basisPoints not exceed from limit.

Impact

receivers basisPoints may exceed from the maximum limit, breaks protocol invariants.

Tools Used

VCs, Manual Review

Recommendations

call the _totalFeesBasisPoints() function and check that fee receiver basisPoints is in range.

```solidity

constructor(address _lst, Fee[] memory _fees, address _owner) {

controller = ILSTRewardsSplitterController(msg.sender);

lst = IERC677(_lst);

for (uint256 i = 0; i < _fees.length; ++i) {

fees.push(_fees[i]);

}

+++ if (_totalFeesBasisPoints() > 10000) revert FeesExceedLimit();

_transferOwnership(_owner);

```

Updates

Lead Judging Commences

inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

aua_oo7 Submitter
10 months ago
inallhonesty Lead Judge
10 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.