sdt fees of a cycle may be distributed to the next cycle cvgSdt stakers
Summary
sdt fees of a cycle may be distributed to the next cycle cvgSdt stakers depending on the timing of processSdtRewards calls.
Vulnerability Detail
A percentage of earned sdt from sdStakers is given to the cvgSdt stakers. It gets collected when the processSdtRewards function is called on the respective staking contracts which can happen anytime after the cycle is updated.
The cvgSdt stakers calim this reward by calling the processSdtRewards function in the cvgSdt contract. In the scenario where processSdtRewards of cvgSdt staking contract is called first, the cvgSdt stakers loose the sdt rewards of this cycle which is passed on to the next cycle.
A user who has a large stake in the next cycle would be motivated to do this as the rewards would be distributed in the next cycle
Impact
Stakers of a cycle may loose their deserved share of sdt fees
To account this the reward distribution mechanism of cvgSdt staking will have to be changed. Consider a mechanism which allows the buffer to pull sdt till the end of cycle
hash
medium
sdt
fees of a cycle may be distributed to the next cyclecvgSdt
stakersSummary
sdt
fees of a cycle may be distributed to the next cyclecvgSdt
stakers depending on the timing ofprocessSdtRewards
calls.Vulnerability Detail
A percentage of earned sdt from sdStakers is given to the cvgSdt stakers. It gets collected when the
processSdtRewards
function is called on the respective staking contracts which can happen anytime after the cycle is updated. The cvgSdt stakers calim this reward by calling theprocessSdtRewards
function in the cvgSdt contract. In the scenario whereprocessSdtRewards
of cvgSdt staking contract is called first, the cvgSdt stakers loose the sdt rewards of this cycle which is passed on to the next cycle. A user who has a large stake in the next cycle would be motivated to do this as the rewards would be distributed in the next cycleImpact
Stakers of a cycle may loose their deserved share of sdt fees
Code Snippet
processSdtRewards
of cvgSdt can be called as soon as the cycle is updated and this callspullRewards
ofcvgSdt
buffer https://github.com/sherlock-audit/2023-11-convergence/blob/main/sherlock-cvg/contracts/Staking/StakeDAO/SdtStakingPositionService.sol#L550-L559The
sdt
reward is computed using the currently availablesdt
amount in thesdtFeeCollector
https://github.com/sherlock-audit/2023-11-convergence/blob/main/sherlock-cvg/contracts/Rewards/StakeDAO/CvgSdtBuffer.sol#L76-L89Tool used
Manual Review
Recommendation
To account this the reward distribution mechanism of cvgSdt staking will have to be changed. Consider a mechanism which allows the buffer to pull sdt till the end of cycle
Duplicate of #56