Dria

Summary

Validators provide scores for the output generated by a particular request. These scores are intended to assess the quality of the output and avoid rewarding generators who produce substandard output. A validator can score from 0e18 to 1e18 based on their judgment of the output. The scores should only affect the fees for the generator with poor output, not the validator's own fee.

Vulnerability Details

Consider the following scenario:

• Number of Generations: 1

• Number of Validations Required: 5

• Validator Scores: [0.9, 0.9, 0.9, 0.9, 1] (Ignoring the 18 decimals)

• Mean of Scores Array: 0.92

• Standard Deviation: 0.04

Due to the condition below used to determine validator fee eligibility:

• Validators who score below 0.88 or above 0.96 do not receive their fee.

• In this example, a validator who provided a score of 1 does not receive the fee, despite performing a valid evaluation with only a minor score deviation.

• Scores should only impact the generator’s fee, not the validator’s (as confirmed by the sponsor).

Impact

This vulnerability has the following potential impacts:

• Validators may feel compelled to conform to the majority score rather than providing an honest assessment of the generator's output.

• Validators may lose their fee for honest validation.

Tools Used

Manual review

Recommendations

Remove the following condition in finalizeValidation: