Insufficient Validation of Claimable Balance in claimAndSwap Function Could Disrupt Keeper Operations
Summary
The claimAndSwap function in the strategyOp contract does not validate the claimable balance before executing the claim. If the requested _amountClaim exceeds the actual claimable balance, the claim will fail, causing disruptions in the operation of keepers, who rely on this function to manage funds efficiently.
Vulnerability Details
The claimAndSwap function in the StrategyOp contract fails to validate the requested _amountClaim against the claimable balance. This oversight means that if a keeper unintentionally attempts to claim an amount greater than what is available, the transaction will revert during the claim execution. This can lead to frustration for keepers who rely on successful claims to manage funds efficiently.
Affected Code Block:
This line allows for claims that exceed the available amount, leading to potential transaction failures
Impact
Failed Claims: Keepers may encounter failures when attempting to claim amounts greater than the actual claimable balance, leading to transaction reverts.
Wasted Resources: Each failed claim transaction incurs gas costs, impacting the economic viability for keepers operating on tight margins.
Operational Delays: Disruptions in claiming could delay subsequent operations, affecting the overall efficiency and responsiveness of the protocol.
Tools Used
Manual Review
Recommendations
Add Validation: Implement a check for the claimable balance before calling the claim function.
For example:
This approach will ensure that keepers can only attempt to claim amounts that are actually available, preventing unnecessary transaction failures and enhancing the operational efficiency of the protocol
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.