2 matches found
Incorrect computation in MultiRewardStaking changeRewardSpeed() leads to loss of rewards
Lines of code Vulnerability details Impact The changeRewardSpeed function computes rewardsEndTimestamp incorrectly for the case block.timestamp block.timestamp ? prevEndTime : block.timestamp.safeCastTo32, rewardsPerSecond, remainder If the prevEndTime block.timestamp then it can be reduced to...
RewardTokens can be locked in MultiRewardStaking contract when the rewardsEndTimestamp of the rewardsTokens are different.
Lines of code Vulnerability details Impact To claim reward tokens from the MultiRewardStaking contract deployed, a user must call claimRewardsaddress user, IERC20 memory rewardsTokens. The rewardsTokens array is populated with getAllRewardsTokens which returns all the reward Tokens the...