search

hats-finance / Accumulated-finance-0x75278bcc0fa7c9e3af98654bce195eaf3bb6a784

0 stars 0 forks source link

validator slashing or penalties are not reflected upon undelegation #18

Open hats-bug-reporter[bot] opened 2 months ago

hats-bug-reporter[bot] commented 2 months ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0x00a8e4663d635168be27a1c81c7b972aad7a2329d4de57c3f65056c0a6c5e358 Severity: high

Description:

Description

Whenever a delegation is made towards a validator, a receipt is created inside delegate

    delegationReceipts[receiptId] = DelegationReceipt({
            exists: true,
            to: to,
            blockNumber: block.number,
            receiptTaken: false,
            receiptTakenBlockNumber: 0,
            shares: 0,
            amount: amount

function takeReceiptDelegate now adds shares to the receipt according to the amount:

   function takeReceiptDelegate(uint64 receiptId) public onlyOwner returns (uint128 shares) {
        DelegationReceipt storage receipt = delegationReceipts[receiptId];
        require(block.number > receipt.blockNumber, "ReceiptNotReady");
        require(receipt.exists, "ReceiptNotExists");
        require(receipt.receiptTaken == false, "ReceiptAlreadyTaken");
        shares = Subcall.consensusTakeReceiptDelegate(receiptId);
        Delegation storage d = delegations[receipt.to];

        // update receipt with the necessary info
        receipt.shares = shares;
        receipt.receiptTaken = true;
        receipt.receiptTakenBlockNumber = block.number;

        // update delegation amount and shares
=>        d.shares += shares;

        _addDelegation(receipt.to);
        emit TakeReceiptDelegate(receiptId);
    }

Now whenever undelegating the receipt is retrieved with the aforementioned added shares:

       undelegationReceipts[receiptId] = UndelegationReceipt({
            exists: true,
            from: from,
            blockNumber: block.number,
            receiptTaken: false,
            receiptTakenBlockNumber: 0,
=>            shares: shares,
            epoch: 0,
            endReceiptId: 0

The problem however, as per the Oasis Docs:

Keep in mind that the validator's misbehavior will result in slashing or even losing a portion of the staked tokens!

This means that a part of the shares or even worse the validator could be slashed while being delegated, but even so, when undelegating it will still try to retrieve the same amount of shares that were calculated upon delegating with the previous non-slashed amount

Ultimately this will lead to issues whenever undelegating.

Recommendation

slashing/penalties should be checked upon undelegating

whoismxuse commented 2 months ago

invalid, shares remain unchanged