This repository has been archived by the owner on Aug 18, 2024. It is now read-only.
rvierdiiev - assetState_.lastRewardGlobal is not cleared during deposit #26
Comments
github-actions
bot
added
High
nevillehuang
added
Medium
sherlock-admin2
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
rvierdiiev
high
assetState_.lastRewardGlobal is not cleared during deposit
Summary
When new deposit is done to the stargate, then all earned rewards are sent to the caller. Because
assetState_.lastRewardGlobalis not reset to 0 as it's done for other functions that work with balance, then rewards distribution becomes incorrect and broken.Vulnerability Detail
User can claim rewards using
burn,decreaseLiquidityandclaimRewardfunctions. All of them then setassetState_.lastRewardGlobalto 0. This variable tracks the increase of earned rewards fro the contract between rewards claiming. Once rewards are claimed, then it should be cleared.AbstractStakingAM contract incorrectly assumes, that only withdrawing from
LP_STAKING_TIMEclaims rewards. This is not true and when deposit occurs, then rewards are claimed as well.When user deposits to
AbstractStakingAMthen rewards are claimed, butassetState_.lastRewardGlobalis not set to 0. As result, rewards distribution will be incorrect. Also for some time_getRewardBalancesfunction will revert because of underflow as_getCurrentRewardwill likely return smaller value thanassetState_.lastRewardGlobal. After some time function will continue working again.Impact
Rewards accounting is corrupted, contract can be dosed for some time.
Code Snippet
Provided above
Tool used
Manual Review
Recommendation
As deposit also claims rewards, then you need to clear
assetState_.lastRewardGlobalvariable.Duplicate of #38
The text was updated successfully, but these errors were encountered: