Harvester: Unnecessary rotation and timeout mechanism

[code423n4]

Handle

hickuphh3

Vulnerability details

Impact

If the timeout and strategy rotation mechanism can be bypassed through the harvest() function, one has to wonder the point of its implementation in the first place.

Recommended Mitigation Steps

It makes more sense to have each strategy have its own timeout, so that sufficient time has elapsed (and therefore accumulated rewards) between harvests for each strategy.

struct Strategy {
  uint256 timeout;
  uint256 lastCalled;
}

mapping(address => Strategy[]) public strategies;

[GalloDaSballo]

No argument has been made here, disputed