search

hats-finance / Kintsu-0x7d70f9442af3a9a0a734fa6a1b4857f25518e9d2

Smart contracts for Kintsu
Other
0 stars 0 forks source link

Minimum Stake Not Checked in `compound` Function Causing DoS in Compound Function #47

Open hats-bug-reporter[bot] opened 4 months ago

hats-bug-reporter[bot] commented 4 months ago

Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0x109b9c70352753d22fcdd5f5ccae2d8b22a9b8be3293ebcf259c396fbed7008e Severity: medium

Description: Description The minimum stake that can go through a nomination pool is 10 AZERO. This minimum stake requirement is enforced in the stake function as shown here. However, there is no such check in the nomination_agent::compound function, which can cause the entire compound function to revert if the amount is below the minimum stake. This can lead to a Denial of Service (DoS) in the compound function.

Impact This issue can cause the compound function to revert, leading to a Denial of Service (DoS) in the compound operation, which affects the normal functioning of the contract.

Proof of Concept (PoC) The following code snippet shows the section of the nomination_agent::compound function where the issue occurs:

let incentive = balance * incentive_percentage as u128 / BIPS;
let compound_amount = balance - incentive;
self.staked += compound_amount;

// Bond AZERO to nomination pool
self.env()
    .call_runtime(&RuntimeCall::NominationPools(
        NominationCall::BondExtra {
            extra: BondExtra::FreeBalance {
                balance: compound_amount,
            }
        }
    ))?;

Revised Code File (Optional) To fix this issue, add a check to ensure that compound_amount meets the minimum stake requirement before proceeding with the bonding operation:

let incentive = balance * incentive_percentage as u128 / BIPS;
let compound_amount = balance - incentive;
+if compound_amount >= minimum_stake {
    self.staked += compound_amount;

    // Bond AZERO to nomination pool
    self.env()
        .call_runtime(&RuntimeCall::NominationPools(
            NominationCall::BondExtra {
                extra: BondExtra::FreeBalance {
                    balance: compound_amount,
                }
            }
        ))?;
+}

By adding this check, you can prevent the compound function from reverting due to insufficient stake amounts, thus avoiding a DoS scenario.

0xmahdirostami commented 4 months ago

Invalid: compound use BondExtra, minimum stake is just for joining.