t4sk
commented
1 year ago Yes, large numbers in total staked or reward rate can break this contract
Closed Drblessing closed 1 year ago
t4sk
commented
1 year ago Yes, large numbers in total staked or reward rate can break this contract
Not that these contracts are audited or have real money behind them, but there is an interesting exploit in StakingRewards, I think.
Because of the way the reward rate is calculated, and the fact there is no separation between total supply and balanceOf if the rewards and staking tokens are the same, a malicious owner/user could manipulate the contract into setting a too high reward rate.
This is only possible if the stakingToken and rewardsToken are the same, and the owner sets a ridiculously high rewardAmount in
notifyRewardAmount,after depositing a large amount of the tokens. This would mostly be an issue in rugpulls or memetokens, where the owner and minter of the token could create an artificially high rewardRate, then withdraw their tokens, then users couldn't earn rewards. Furthermore, if two users stake where the rewardRate is too high, someone who stakes a tiny amount could steal the staking balance of another user. The full exploit is written as a foundry test case and I published it in a gist here:https://gist.github.com/Drblessing/a6ebdfcf91a4b7a0e1c02f860ce5160e
I'm new to solidity so I could be totally wrong here. Thanks! I would love to hear any feedback you may have on it.