c4-judge
commented
10 months ago fatherGoose1 marked the issue as duplicate of #198
Closed c4-judge closed 10 months ago
c4-judge
commented
10 months ago fatherGoose1 marked the issue as duplicate of #198
c4-judge
commented
10 months ago fatherGoose1 marked the issue as satisfactory
Judge has assessed an item in Issue #491 as 2 risk. The relevant finding follows:
[L-03] While StakedUSDeV2.cooldownDuration is changed from non-zero to zero, stakers should be able to call StakedUSDeV2.unstake to withdraw assets regardless of userCooldown.cooldownEnd File: https://github.com/code-423n4/2023-10-ethena/blob/ee67d9b542642c9757a6b826c82d0cae60256509/contracts/StakedUSDeV2.sol#L78-L90 While StakedUSDeV2.cooldownDuration is changed from non-zero to zero, a staker can withdraw his asset by calling StakedUSDeV2.withdraw or StakedUSDeV2.redeem, and those functions transfer stakers’ asset immediate. But for the stakers who withdraw their asset before StakedUSDeV2.cooldownDuration is changed, they have to wait until userCooldown.cooldownEnd is reached. I think it’s unfair for those stakers.
diff --git a/contracts/StakedUSDeV2.sol b/contracts/StakedUSDeV2.sol index df2bb48..84a6c03 100644 --- a/contracts/StakedUSDeV2.sol +++ b/contracts/StakedUSDeV2.sol @@ -79,7 +79,7 @@ contract StakedUSDeV2 is IStakedUSDeCooldown, StakedUSDe { UserCooldown storage userCooldown = cooldowns[msg.sender]; uint256 assets = userCooldown.underlyingAmount;