M-06 MitigationConfirmed

[c4-bot-8]

Lines of code

Vulnerability details

See:

Finding	Mitigation
M-06: The time available for a canceled withdrawal should not impact future unstaking processes	Pull Request

Navigating to M-05 from the previous contest we can see that there is a vulnerability in the StRSR contract's unstaking mechanism, where canceled withdrawals can still impact future withdrawal requests. This occurs because the availableAt timestamp of canceled withdrawals is still considered when determining the availability of new withdrawals. As a result, if the unstakingDelay is decreased, users who have previously unstaked would have to wait longer than the current unstakingDelay to withdraw their stake. This situation is completely unfair to users and can even lead to unexpected losses in $ value due to the extra delays in withdrawals. The recommended mitigation is to modify the pushDraft function to ignore the availableAt of canceled withdrawals when determining the availability of new withdrawals, or to allow users to use the current delay even if it was previously higher.

which has been sufficiently mitigated in the pull request used to solve this, i.e:

function pushDraft(address account, uint256 rsrAmount)
    internal
    returns (uint256 index, uint64 availableAt)
{
    CumulativeDraft[] storage queue = draftQueues[draftEra][account];
    index = queue.length;

    uint192 oldDrafts = index != 0 ? queue[index - 1].drafts : 0;
-    uint64 lastAvailableAt = index != 0 ? queue[index - 1].availableAt : 0;
+    uint64 lastAvailableAt = index != 0 && firstRemainingDraft[draftEra][account] < index
+             ? queue[index - 1].availableAt
+             :0;
    availableAt = uint64(block.timestamp) + unstakingDelay;

    if (lastAvailableAt > availableAt) {
        availableAt = lastAvailableAt;
    }
    queue.push(CumulativeDraft(uint176(oldDrafts + draftAmount), availableAt));
}

[c4-judge]

thereksfour marked the issue as satisfactory

[c4-judge]

thereksfour marked the issue as confirmed for report