-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Aamirusmani1552 - StakingRewardsManager::topUp(...)
Misallocates Funds to StakingRewards
Contracts
#16
Comments
1 comment(s) were left on this issue during the judging contest. takarez commented:
|
@amshirif Will this allow the stakers of the wrong contract funded to retrieve unintended rewards? If yes I will remain as high severity. |
@nevillehuang Yes this would potentially cause those who should have gotten rewards to have received less or non at all, and those who were not intended to get any or less than their desired amount to get more than they should have. |
StakingRewardsManager::topUp(...)
Misallocates Funds to StakingRewards
ContractsStakingRewardsManager::topUp(...)
Misallocates Funds to StakingRewards
Contracts
The protocol team fixed this issue in PR/commit https://github.com/telcoin/telcoin-audit/pull/27. |
The Lead Senior Watson signed-off on the fix. |
Aamirusmani1552
high
StakingRewardsManager::topUp(...)
Misallocates Funds toStakingRewards
ContractsSummary
The
StakingRewardsManager::topUp(...)
contract exhibits an issue where the specifiedStakingRewards
contracts are not topped up at the correct indices, resulting in an incorrect distribution to different contracts.Vulnerability Detail
The
StakingRewardsManager::topUp(...)
function is designed to top up multipleStakingRewards
contracts simultaneously by taking the indices of the contract's addresses in theStakingRewardsManager::stakingContracts
array. However, the flaw lies in the distribution process:GitHub: [254-278]
The rewards are not appropriately distributed to the
StakingRewards
contracts at the specified indices. Instead, they are transferred to the contracts at the loop indices. For instance, if intending to top up contracts at indices[1, 2]
, the actual top-up occurs at indices[0, 1]
.Impact
The consequence of this vulnerability is that rewards will be distributed to the incorrect staking contract, leading to potential misallocation and unintended outcomes
Code Snippet
Here is a test for PoC:
Add the below given test in
StakingRewardsManager.test.ts
File. And use the following command to run the testTEST:
Output:
Tool used
Recommendation
It is recommended to do the following changes:
The text was updated successfully, but these errors were encountered: