search

sherlock-audit / 2024-06-magicsea-judging

8 stars 5 forks source link

Pedro - Function calculates rewards incorrectly #651

Closed sherlock-admin2 closed 3 months ago

sherlock-admin2 commented 3 months ago

Pedro

Medium

Function calculates rewards incorrectly

Summary

The MlumStaking::pendingRewards function calculates rewards incorrectly. First user creating a position is getting 99,99 % of the pool reward

Vulnerability Detail

Place the following into MlumStaking.t.sol test file:

function testMultiplePositionsWithDifferentLockDurations() public { _stakingToken.mint(ALICE, 3 ether); _stakingToken.mint(BOB, 2 ether); _rewardToken.mint(address(_pool), 1000000 ether);

vm.startPrank(ALICE);
_stakingToken.approve(address(_pool), 3 ether);
_pool.createPosition(1 ether, 60 days);
vm.stopPrank();

vm.startPrank(BOB);
_stakingToken.approve(address(_pool), 2 ether);
_pool.createPosition(2 ether, 45 days);
vm.stopPrank();

skip(30 days);

// Verify pending rewards
uint256 aliceRewards1 = _pool.pendingRewards(1);
console.log("Alice rewards: ", aliceRewards1);

uint256 bobRewards = _pool.pendingRewards(2);
console.log("Bob rewards: ", bobRewards);

// Compare rewards between Bob (2 ETH for 45 days) and Alice (1 ETH for 60 days).
assertGt(bobRewards, aliceRewards1);
}

[Revert] assertion failed: 0 <= 999999999999999999999999

Impact

Medium. A user depositing funds may not receive the correct amount of rewards.

Code Snippet

https://github.com/sherlock-audit/2024-06-magicsea/blob/main/magicsea-staking/src/MlumStaking.sol#L239

Tool used

Foundry IDE

Manual Review

Recommendation

Duplicate of #116