@olivebranch.base.eth
๐ Update - Pushing StakingPools v9.0 Instead of v8.9.0 (11/11/2025 11:00PM CST)
I built OBN StakingPools v8.9.0 with several improvements. During security review before mainnet deployment, I discovered a critical honeypot risk in the `forceExitUser()` function. Instead of deploying the vulnerable v8.9.0, I fixed the issue and created v9.0โwhich keeps all the good v8.9.0 features, fixes the security flaw, and adds even more improvements.
โ ๏ธ The Problem: v8.9.0 forceExitUser() Honeypot Risk
v8.9.0 included a `forceExitUser()` function with a `recipient` parameter:
```solidity
function forceExitUser(uint256 pid, address user, address recipient) external {
// User's tokens go to recipient address
// Admin could call: forceExitUser(pid, user, attacker_address)
// Result: User loses all tokens to attacker
}
```
This created a **honeypot pattern** - a malicious admin could steal user tokens. Even though the intent was good (emergency exits), the implementation was dangerous.
โ๏ธ The Solution: v9.0 with forceExitUserToSelf()
I completely redesigned the emergency exit to eliminate the theft vector:
```solidity
function forceExitUserToSelf(uint256 pid, address user, bool claimRewards) external {
// User's tokens returned to THEMSELVES ONLY
// No recipient parameter = impossible to redirect funds
// Admin can trigger it but can't steal tokens
}
```
โ What v9.0 Includes
Carried Forward from v8.9.0 (solid features):
- `removePool()` - Safely remove pools with charity wallet fallback
- `shutdownPool()` - Block new deposits while allowing exits
- Pool lifecycle management architecture
Fixed in v9.0 (security improvement):
- `forceExitUser()` โ `forceExitUserToSelf()` - Emergency exit without theft vector
Brand New in v9.0 (enhancements we added):
- `migrateBootstrap()` - Nonprofit bootstrap address migration (atomic, safe, preserves rewards)
- Reward preservation validation (prevents silent reward loss down to 1 wei)
- Lock overflow prevention (prevents lock corruption)
- Atomic charity wallet updates (all-or-nothing operations)
- Extra hardening validations for edge cases
1 reply
5 recasts
12 reactions