Lines of code

Vulnerability details

Impact

stakers can frontrun a reward giving transaction by monitoring the mempool for the function transferInRewards, and stake before it, and then unstake after to get rewards, if the cooldown is off.

Proof of Concept

imagine a scenario where the cooldown period is off and the REWARDER_ROLE wants to distribute rewards on USDe stakers.

Bob an attacker , views the transaction on the mempool and frontruns it with a deposit call.

• the REWARDER_ROLE deposits 100Usde as reward
• Bob frontruns it with staking 5% of the already staked amount of USDe
• after the call Bob can withdraw to get what he deposited plus 5% of the 100USDe as a reward without waiting for the veting period.

Tools Used

vscode

Recommended Mitigation Steps

do not transfer the reward USDe to the staking contract, until the vesting period for it is expired.

Assessed type

ERC4626

The text was updated successfully, but these errors were encountered:

All reactions