Code4renaCODE423N4:2023-03-MUTE-FINDINGS-ISSUES-47Upgraded Q -> 2 from #17 [1680620718364]
Judge has assessed an item in Issue #17 as 2 risk. The relevant finding follows:
[L-05] Check that staking cannot occur when endTime is reached
The MuteAmplifier.stake function should require that the current timestamp is smaller than endTime even when the call to stake is the first that ever occurred.
Currently the check is only made in the case that the call to stake is not the first.
The check should be made in both cases.
This is because when staking occurs when block.timestamp >= endTime, no rewards will be paid out. Additionally the user needs to pay the management fee on his LP token stake. So there is really no point in allowing users to do it because it only hurts them.
Fix:
diff --git a/contracts/amplifier/MuteAmplifier.sol b/contracts/amplifier/MuteAmplifier.sol
index 9c6fcb5…460c408 100644
-– a/contracts/amplifier/MuteAmplifier.sol
+++ b/contracts/amplifier/MuteAmplifier.sol
@@ -202,13 +202,12 @@ contract MuteAmplifier is Ownable{
*/
function stake(uint256 lpTokenIn) external virtual update nonReentrant {
require(lpTokenIn > 0, “MuteAmplifier::stake: missing stake”);
-
require(block.timestamp < endTime, "MuteAmplifier::stake: staking is over");require(block.timestamp >= startTime && startTime !=0, “MuteAmplifier::stake: not live yet”);
require(IERC20(muteToken).balanceOf(address(this)) > 0, “MuteAmplifier::stake: no reward balance”);if (firstStakeTime == 0) {
firstStakeTime = block.timestamp; -
} else { -
require(block.timestamp < endTime, "MuteAmplifier::stake: staking is over");}
lpToken.safeTransferFrom(msg.sender, address(this), lpTokenIn);
The text was updated successfully, but these errors were encountered:
All reactions