Not using a more precise YEAR value, like AZERO staking

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0x5238ec058e6b2a9c70afdb68a6102708d941b4b395bfabbb30436794a5edfa33 Severity: low

Description: Description\

looking at following snippet,

File: data.rs
25: pub const DAY: u64 = 86400 * 1000;
26: pub const YEAR: u64 = DAY * 365;

The YEAR is multiplication of DAY with 365. While this is true in most of cases, the exact YEAR better be DAY multiply with 365.25 for a more precise calculation.

Looking at AZERO staking reward docs, they use this 365.25 value (which is the average number of days in the Julian calendar) when precisely calculate the staking reward. Since this Kintsu also related with staking AZERO, it might be best to use this standard.

This YEAR value is being used in update_fees and get_virtual_shares_at_time

Attack Scenario

Attachments

1. Proof of Concept (PoC) File

2. Revised Code File (Optional)

Recommendation

Consider to use a precise 365.25 multiply of DAY for the YEAR

for example, it can be like

pub const YEAR: u64 = DAY * 36525 / 100;

[bmino]

Addressed in kintsu-contracts@3d9e63