Negligible Pending Rewards after First Distribution
Summary
Due to the flawed update mechanism in claimRewards, users may end up with zero pending rewards after their initial distribution.
Vulnerability Details
In the code https://github.com/Cyfrin/2025-02-raac/blob/main/contracts/core/collectors/FeeCollector.sol#L486-L487
The totalDistributed value always goes up and does not reduce. After a user claims rewards, the contract updates the user’s baseline by setting userRewards[user] equal to totalDistributed. Since totalDistributed is a cumulative figure that continuously increases, and the reward calculation subtracts userRewards[user] from the new share,the new share is a fraction of totalDistributed based on user voting power / total voting power.
We can assume that
userRewards[user] <= totalDistributed,
user voting power <= total voting power
so therefore share as totalDistributed * user voting power/ total voting power will always be <= totalDistributed
And this means in most cases share < userRewards[user] because of the slahing of total distributed amount by ratio of voting power usually around <=10% and share needs to be > userRewards[user] to earn rewards
Over time, this results in the computed pending rewards always being zero or negligible due to increasing value of userRewards[user], effectively halting further reward accumulation for the user.
Impact
The incentive structure becomes ineffective, potentially undermining the overall tokenomics and stakeholder participation.
Tools Used
Manual Review
Recommendations
Redesign the reward tracking mechanism to properly accumulate and account for rewards over time.
Lead Judging Commences
FeeCollector::claimRewards sets `userRewards[user]` to `totalDistributed` seriously grieving users from rewards
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.