After a pool has expired without observing active risk during the covered term, later active-risk observations should not make the pool eligible for bad-faith corrupted seizure. _markRiskWindowStart() currently caps late observations to expiry, so a post-expiry UNDER_ATTACK observation writes riskWindowStart = expiry. Later, claimExpired() treats that marker as if in-term risk existed and can auto-resolve the pool as bad-faith CORRUPTED.
The risk marker is backdated when observed after expiry:
claimExpired() then uses only riskWindowStart != 0 to decide whether a corrupted registry state can seize the pool:
Any caller can persist the late marker through pokeRiskWindow() or through claimExpired() while the registry is active-risk.
Stakers lose principal and bonus to recoveryAddress even though the first active-risk observation happened after the covered term ended.
Mechanical finality sets claimsStarted, which prevents the moderator from correcting the outcome after the bad-faith path has been selected.
Do not open a risk window after the pool has expired.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.