Stolen rewards in StakingFundsVault #39
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-147
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/StakingFundsVault.sol#L315
https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/StakingFundsVault.sol#L343
https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/SyndicateRewardsProcessor.sol#L67
Vulnerability details
Impact
All rewards can be stolen from StakingFundsVault.
Proof of Concept
https://gist.github.com/clems4ever/b7dd7a6155ac01a9b5e1d8504cd8b5b0
Run with forge test
Tools Used
Manual review and forge
Recommended Mitigation Steps
accumulatedETHPerLPShare
andclaimed
.StakingFundsVault
LPToken
.The text was updated successfully, but these errors were encountered: