Avoid Using Block.timestamp in checkClaimable

[code423n4]

Handle

Koustre

Vulnerability details

Impact

checkClaimable function is dependent on using block.timestamp and this can be manipulated to claim funds earlier than it should in functions claim, forceClaim and lock

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.

Tools Used

Recommended Mitigation Steps

use block.number instead

[r2moon]

reason is not correct

[ghoul-sol]

If block timestamp is manipulated by miner then it's manipulated for everyone. I don't see explicit exploit example here so making this invalid.