chase-manning
commented
2 years ago duplicate of #147
Open code423n4 opened 2 years ago
chase-manning
commented
2 years ago duplicate of #147
GalloDaSballo
commented
2 years ago Dup of #147
Users are still able to stake even if the gauge is killed. This appears to be the intention of the smart contract but thought I would flag this. It would be relatively straightforward to implement a require prior to allowing a user to stake into a gauge. Similar to blinded auction from solidity docs https://docs.soliditylang.org/en/v0.8.14/solidity-by-example.html#id2. Except no need for timestamp check.
This logic is repeated in other places (i.e. KeeperGauge). Thanks!
https://github.com/code-423n4/2022-05-backd/blob/2a5664d35cde5b036074edef3c1369b984d10010/protocol/contracts/tokenomics/AmmGauge.sol#L49-L54
https://github.com/code-423n4/2022-05-backd/blob/2a5664d35cde5b036074edef3c1369b984d10010/protocol/contracts/tokenomics/AmmGauge.sol#L140-L143
https://github.com/code-423n4/2022-05-backd/blob/2a5664d35cde5b036074edef3c1369b984d10010/protocol/contracts/tokenomics/AmmGauge.sol#L104-L115