Core Contracts

Summary

The updatePeriod function in the GaugeController contract is externally callable without proper access restrictions, which can lead to race conditions and strategic manipulation of gauge period rollovers.

Vulnerability Details

The updatePeriod function is declared as external and guarded only by the whenNotPaused modifier. This design allows any user to call the function at any time, regardless of whether they have a vested interest or appropriate permissions to trigger a period rollover. Since the gauge periods are used to calculate time-weighted averages for reward distribution, the manual update mechanism creates an opportunity for users to manipulate the timing of period rollovers. For example, a user might strategically call updatePeriod right before interacting with other functions that depend on an up-to-date period, thereby influencing the average values used in reward calculations.

Additionally, there are no automated checks within other functions to determine if the period is stale and needs to be updated. This reliance on an externally callable function for period rollover may lead to inconsistencies in the state, depending on the timing of when updatePeriod is invoked.

Impact

If exploited, this race condition could allow malicious or strategic users to manipulate the gauge's time-weighted averages and, consequently, the reward distribution. This may result in unfair reward allocation, potentially harming the protocol's integrity and disadvantaging honest participants.

Tools Used

• Manual code review

Recommended Mitigation

• Automatic Rollovers: Consider integrating period rollover logic into functions that rely on the period data. This ensures that state-dependent calculations always use up-to-date period information without relying on external calls.

• Restrict Access: Limit the ability to call updatePeriod to authorized roles (e.g., a designated contract role or automated system process) instead of allowing public access.

• Additional Checks: Add internal checks in reward distribution functions to verify if the current period is stale and, if so, trigger an automatic update of the period.