Closed code423n4 closed 2 years ago
pauliax
(initialStake - claimedInitialStake) is re-calculated twice:
// Calculate stake owed to delegator uint256 currTotalStake = pendingStake(); uint256 owedStake = (currTotalStake * _stake) / (initialStake - claimedInitialStake); // Calculate fees owed to delegator uint256 currTotalFees = pendingFees(); uint256 owedFees = (currTotalFees * _stake) / (initialStake - claimedInitialStake);
Duplicate of https://github.com/code-423n4/2022-01-livepeer-findings/issues/154
Handle
pauliax
Vulnerability details
Impact
(initialStake - claimedInitialStake) is re-calculated twice: