Partial Claim Prevents User from Withdrawing Full Reward Amount
Summary
A user eligible to claim rewards for the entire reward period may be unable to withdraw their full amount if they claim in a way that leaves unclaimed blocks at the beginning or end of the period.
Root Cause
The handleProofResult() function allows claims that cover only part of the reward period if they align with the block constraints. For simplicity, we will use simpler numbers. For example, if the total reward period is 100 blocks with blocksPerEpoch is 20 (resulting in 5 epochs), a user could claim rewards from block 10 to block 90, which is valid since 80 % 20 = 0. However, after this claim, the user would not be able to claim rewards for blocks 0 to 10 or 90 to 100, leaving those rewards stuck in the contract GammaRewarder.sol. Github Link
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
Users suffer a loss of potential rewards, as they are unable to claim for blocks outside the initial claim range. This results in funds that are permanently stuck in the contract GammaRewarder.sol.
Artur
Medium
Partial Claim Prevents User from Withdrawing Full Reward Amount
Summary
A user eligible to claim rewards for the entire reward period may be unable to withdraw their full amount if they claim in a way that leaves unclaimed blocks at the beginning or end of the period.
Root Cause
The handleProofResult() function allows claims that cover only part of the reward period if they align with the block constraints. For simplicity, we will use simpler numbers. For example, if the total reward period is 100 blocks with blocksPerEpoch is 20 (resulting in 5 epochs), a user could claim rewards from block 10 to block 90, which is valid since 80 % 20 = 0. However, after this claim, the user would not be able to claim rewards for blocks 0 to 10 or 90 to 100, leaving those rewards stuck in the contract GammaRewarder.sol. Github Link
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
Users suffer a loss of potential rewards, as they are unable to claim for blocks outside the initial claim range. This results in funds that are permanently stuck in the contract GammaRewarder.sol.
PoC
No response
Mitigation
No response