Code4renaCODE423N4:2023-12-AUTONOLAS-FINDINGS-ISSUES-373Bonds created in year cross epoch's can lead to lost payouts
AI Score
Confidence
Low
Lines of code
<https://github.com/code-423n4/2023-12-autonolas/blob/2a095eb1f8359be349d23af67089795fb0be4ed1/governance/contracts/OLAS.sol#L75-L84>
Vulnerability details
Impact
Bond depositors and agent/component owner’s may never receive the payout Olas
Incorrect inflation control
Proof of Concept
effectiveBond is used to account how much of Olas is available for bonding. This includes Olas that are to be minted in the current epoch ie. effectiveBond will include the Olas partitioned for bonding in epoch 5 at the beginning of epoch 5 itself. In case of epoch’s crossing YEAR intervals, a portion of the Olas would actually only be mintable in the next year due to the yearwise inflation control enforced at the mint (after 9 years due to fixed supply till 10 years). Due to silent reverts, this can lead to lost Olas payouts
The inflation for bonds are accounted using the effectiveBond variable.
<https://github.com/code-423n4/2023-12-autonolas/blob/2a095eb1f8359be349d23af67089795fb0be4ed1/tokenomics/contracts/Tokenomics.sol#L609-L617>
function reserveAmountForBondProgram(uint256 amount) external returns (bool success) {
.....
// Effective bond must be bigger than the requested amount
uint256 eBond = effectiveBond;
if (eBond >= amount) {
eBond -= amount;
effectiveBond = uint96(eBond);
success = true;
emit EffectiveBondUpdated(eBond);
}
}
This variable is updated with the estimated bond Olas at the beginning of an epoch itself.
function checkpoint() external returns (bool) {
.....
// Update effectiveBond with the current or updated maxBond value
curMaxBond += effectiveBond;
effectiveBond = uint96(curMaxBond);
In case of epochs crossing YEAR intervals after 9 years, the new Olas amount will not be fully mintable in the same year due to the inflation control check enforced in the Olas contract.
function mint(address account, uint256 amount) external {
....
// Check the inflation schedule and mint
if (inflationControl(amount)) {
_mint(account, amount);
}
Whenever a deposit is made on a bond, the required Olas is minted by the treasury and transferred to the Depository contract, from where the depositor claims the payout after the vesting time. Olas.sol doesn’t revert for inflation check failure but fails silently. This can cause a deposit to succeed but corresponding redeem to fail since payout Olas has not been actually minted.
It can also happen that agent/component owner’s who have not claimed the topup Olas amount will loose their reward due to silent return when minting their reward.
Example
- Year 10, 1 month left for Year 11
- All Olas associated with previous epochs have been minted
- New epoch of 2 months is started, 1 month in Year 10 and 1 month in Year 11
- Total Olas for the epoch, t = year 10 1 month inflation + year 11 1 month inflation
year 10 1 month inflaiton (y10m1) = (1_000_000_000e18 * 2 / 100 / 12)
year 11 1 month inflation (y11m1) = (1_020_000_000e18 * 2 / 100 / 12)
t = y10m1 + y11m1 - Olas bond percentage = 50%
- Hence effectiveBond = t/2
- But actual mintable remaining in year 0, m = y10m1 < effectiveBond
- A bond is created with supply == effectiveBond
- User’s deposit for the entire bond supply but only y10m1 Olas can be minted. Depending on the nature of deposits, the actual amount minted can vary from 0 to y10m1. In case of unminted amounts(as rewards of agent/component owner’s etc.) at Year 10, this amount can be minted for bond deposits following which if agent/component owners claim within the year, no Olas will be received by them.
- Users loose their Olas payout
##POC Test
Tools Used
Manual review
Recommended Mitigation Steps
In case of multi-year epochs, separate bond amounts of next year
Assessed type
Timing
The text was updated successfully, but these errors were encountered:
All reactions
AI Score
Confidence
Low