Closed sherlock-admin4 closed 1 month ago
"In such a case, the idea is to pay in full for the maximum predetermined period and to apply a discount for any excess over this maximum."
Sorry for the docs not being clear enough, but this is a design choice. It's intended that earned rewards will still increase, and a higher distance with refTime
results in a lower claimable percentage.
For reference, check the following chart where 0.5 is refTime
rilwan99
Medium
Stakers will receive excessive rewards for durations beyond the reference staking period
Summary
For users staking longer than the reference period, the contract incorrectly calculates rewards using the current global index instead of the index when the user's staking duration reaches the reference staking period. This leads to overpayment of rewards for the excess duration.
Root Cause
The
earned
function uses the currentglobalIndex(reward)
value regardless of staking durationhttps://github.com/sherlock-audit/2024-07-exactly-stacking-contracts/blob/main/protocol/contracts/StakedEXA.sol#L308
This approach doesn't align with the intended behavior described in the documentation: "In such a case, the idea is to pay in full for the maximum predetermined period and to apply a discount for any excess over this maximum."
Internal pre-conditions
refTime
globalIndex(reward)
continues to increase afterrefTime
External pre-conditions
Attack Path
refTime
, and new rewards are added to the contract.Impact
PoC
No response
Mitigation
refTime
:userRefTimeIndex
in relevant functions (e.g.,_update
,claim_
).These changes ensure that rewards are calculated correctly for staking durations beyond the reference period, aligning with the intended behavior described in the documentation.