csanuragjain
Owner will not be able to take out reward
Navigate to <https://github.com/code-423n4/2021-10-covalent/blob/main/contracts/DelegatedStaking.sol>
Check the takeOutRewardTokens function
function takeOutRewardTokens(uint128 amount) public onlyOwner {
require(amount > 0, “Amount is 0”);
uint128 currentEpoch = uint128(block.number);
uint128 epochs = amount / allocatedTokensPerEpoch;
if (endEpoch != 0){
require(endEpoch - epochs > currentEpoch, “Cannot takeout rewards from past”);
endEpoch = endEpoch - epochs;
}
else{
require(rewardsLocked >= amount, “Amount is greater than available”);
rewardsLocked -= amount;
}
transferFromContract(owner(), amount);
emit AllocatedTokensTaken(amount);
}
Let us say:
currentEpoch is 3
endEpoch is 5
epochs is 2
Now this means we would like to take out reward from last 2 blocks which should ideally pass
But this will fail since below statement fails
require(endEpoch - epochs > currentEpoch, "Cannot takeout rewards from past");
// which means 5-2>3 which is false
Change the require statement
require(endEpoch - epochs >= currentEpoch, "Cannot takeout rewards from past");
The text was updated successfully, but these errors were encountered:
All reactions