0xean
commented
1 year ago I believe the sponsor is aware that there is no perfect solution here and certainly welcome their comments. @c4-sponsor
Open code423n4 opened 1 year ago
0xean
commented
1 year ago I believe the sponsor is aware that there is no perfect solution here and certainly welcome their comments. @c4-sponsor
c4-judge
commented
1 year ago 0xean marked the issue as satisfactory
5z1punch
commented
1 year ago IMO, I think this kind of risk is acceptable. It's by design.
c4-sponsor
commented
1 year ago tbrent marked the issue as sponsor acknowledged
c4-sponsor
commented
1 year ago tbrent marked the issue as disagree with severity
tbrent
commented
1 year ago We are aware there is no perfect solution here and do not see a better way to do it. Appreciation means there is no way to prevent the system from eventually reaching a "too high" state, whether that "too high" is a hard limit or a soft limit. We think this is likely QA.
c4-judge
commented
1 year ago 0xean changed the severity to QA (Quality Assurance)
c4-judge
commented
1 year ago 0xean marked the issue as grade-a
Lines of code
https://github.com/reserve-protocol/protocol/blob/99d9db72e04db29f8e80e50a78b16a0b475d79f3/contracts/p1/StRSR.sol#L490-L500
Vulnerability details
In case the protocol is in a situation where the remaining value is borderline worth resetting, we might enter a state where for a long time users won't stake in fear that a reset might be executed. This will keep going on till either a reset is executed or enough is staked to exit the borderline situation.
Assessed type
Other