Lines of code
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L26>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L70-L73>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L22>
[Vulnerability details
Medium](https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderStakePoolsManager.sol#L57)
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L26>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L70-L73>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L22>
Title: The utilization of a hardcoded time value is incorrect when deployed to blockchains other than Ethereum
The hardcoded value of the MIN_AUCTION_DURATION constant in the Auction contract becomes problematic
when deploying the contracts on faster blockchains like Polygon and Binance Smart Chain.
Due to the shorter block times on these blockchains, the intended 24-hour auction duration is reduced significantly.
For instance, Binance Smart Chainโs 3-second block time is a quarter of Ethereumโs block time.
Consequently, the MIN_AUCTION_DURATION value of 7200, meant to represent 24 hours on Ethereum,
translates to only around 6.5 hours on Binance Smart Chain.
This discrepancy in auction durations across blockchains opens up arbitrage opportunities,
as different auction lengths affect the outcomes.
The same hardcoded value is used inside Auction, StaderOrcale and StaderStakePoolsManager.
Inside StaderStakePoolsManager, the presence of a shorter deposit cooldown period introduces a vulnerability
that allows users to deposit significantly more funds into a pool than originally intended.
Stader should be deployed on different chains.
(ref. <https://blog.staderlabs.com/ethx-deposits-bda0f62d8ed8>)
Auction uses hardcoded time for MIN_AUCTION_DURATION, and calculates the auction duration with this value.
uint256 public constant MIN_AUCTION_DURATION = 7200; // 24 hours
duration = 2 * MIN_AUCTION_DURATION;
The intended min duration of 24h will not apply on other chains then ethereum.
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L38>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L22>
StaderStakePoolsManager initializes the contract with excessETHDepositCoolDown = 3 * 7200.
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderStakePoolsManager.sol#L57>
StaderOracle set the max er update frequency to 7 days. This will only work for ethereum.
uint256 public constant MAX_ER_UPDATE_FREQUENCY = 7200 * 7; // 7 days
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L26>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L70-L73>
<https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L22>
Add a variable โblocksInDayโ, which can be set inside the constructor.
uint256 blocksInDay = 7200; //use 7200 for ethereum mainnet
constructor(_blocksInDay){
blocksInDay = _blocksInDay;
}
Timing
The text was updated successfully, but these errors were encountered:
All reactions