Closed code423n4 closed 2 years ago
initialStake and claimedInitialStake cannot be equal due to the require check [1] at the beginning of the function that ensures that initialStake > claimedInitialStake.
Agree with sponsor, there is a check to ensure claimedInitialStake - initialStake > 0
, which means this issue does not exist.
Handle
defsec
Vulnerability details
Impact
On several locations in the code precautions are taken not to divide by 0, because this will revert the code. However on some locations this isn’t done.
Especially in the claim function div(initialStake - claimedInitialStake) which isn’t checked.
That will cause to revert on the claim function.
Proof of Concept
"https://github.com/livepeer/arbitrum-lpt-bridge/blob/ebf68d11879c2798c5ec0735411b08d0bea4f287/contracts/L2/pool/DelegatorPool.sol#L72"
Tools Used
Review
Recommended Mitigation Steps
Recommend making sure division by 0 won’t occur by checking the variables beforehand and handling this edge case.