Content pfp
Content
@
https://warpcast.com/~/channel/vyper
0 reply
0 recast
0 reaction
Vitalik Buterin pfp
Vitalik Buterin
@vitalik.eth
The contract here is a sublinear staking contract: if you are in the whitelist (specified as an ERC1155 collection), then you can stake N coins, and get a return of N ** 0.75 coins per slot, for as long as the contract has coins to pay for it. There is a fundedUntil mechanism that ensures that if the contract runs out of money, every staker gets rewarded for every slot up to the fundedUntil timestamp, and the mechanism doesn't turn into a fractional reserve. https://github.com/ethereum/research/blob/master/sublinear_staking/code.vy Bounty of total 2 ETH for identifying any bugs / vulnerabilities in the contract and proposing specific fixes, if multiple issues are found the bounty will be split based on severity. Amount: 2 ETH @bountybot
22 replies
96 recasts
459 reactions
borodutch pfp
borodutch
@farcasteradmin.eth
i wonder if line 88 should go before line 83 ๐Ÿค” still exploring and trying to make sense of liabilities, just a hunch
1 reply
0 recast
3 reactions
androolloyd.hl pfp
androolloyd.hl
@androolloyd
something worth noting the isEligible check only happens on staking, so a user can acquire inline a token to flag true without having to actually hold the token for the duration of the staking. You'd likely want to do something where the eligible tokenID is locked into the staking contract for the duration.
1 reply
0 recast
0 reaction
โœณ๏ธ dcposch pfp
โœณ๏ธ dcposch
@dcposch.eth
not a vulnerability, but you probably want a configurable multiplier on getReturnPerSlot, otherwise results depend on token decimals. for example, stake 1 USDC = 1e6 ^ (3/4) = $0.03 reward per slot stake 1 DAI = 1e18 ^ (3/4) = $0.00003 reward per slot
0 reply
0 recast
9 reactions
Francesco Piccoli pfp
Francesco Piccoli
@francescop
Not a critical vulnerability but considered a minor issue that can lead to inefficiencies and potential edge case behaviors: - The `stake` function does not verify that the `amount` to stake is greater than zero. Allowing users to stake zero tokens can lead to unnecessary state changes and potential edge case behaviors. - Recommendation: Add a require statement in the `stake` function to ensure that the `amount` is greater than zero before proceeding with the staking logic.
1 reply
0 recast
4 reactions
Varun Srinivasan pfp
Varun Srinivasan
@v
Cc @linda
0 reply
0 recast
2 reactions
horsefacts pfp
horsefacts
@horsefacts.eth
hey @z80.eth
0 reply
0 recast
2 reactions
Francesco Piccoli pfp
Francesco Piccoli
@francescop
Nice, weโ€™ll run some scans with @almanax
0 reply
0 recast
1 reaction
Dennison Bertram pfp
Dennison Bertram
@dennison
This is pretty incredible to see! Have you seen our Governance Staking Contracts? To use staking to drive participation in governance? https://github.com/withtally/govstaking
0 reply
0 recast
0 reaction
๐Ÿฆ’ pfp
๐Ÿฆ’
@srijan.eth
cc @vhawk19
0 reply
0 recast
0 reaction
borodutch pfp
borodutch
@farcasteradmin.eth
here's one issue: technically if someone stakes enough, they can bring `_fundedUntil` down so much that no one will get any rewards, but the entity that stakes enough token will get all the rewards moreover, the `isEligible` check just checks the balance of the token, which means if the token supports flash loans, one can flash loan large amount of token to stake, `stake`, bring down `_fundedUntil` to (maybe?) the same block, `unstake`, sell the rewarded token, cover cost of the flash loan and get profit can probably be mitigated by having a time-lock mechanism for staking (this should eliminate the threat of flash loans); maybe also limiting amount of rewards per address (but then one can spawn many addresses); or maybe limit the rewards by the proportion of total supply of the token staked? not sure
1 reply
1 recast
8 reactions
Catch0x22 pfp
Catch0x22
@catch0x22.eth
@askgina.eth can you explain what this contract is for in simple terms
0 reply
0 recast
1 reaction
vincemanguy pfp
vincemanguy
@vincemanguy
This is the way๐Ÿค
0 reply
0 recast
0 reaction
alenils๐ŸŽฉ pfp
alenils๐ŸŽฉ
@alenils
Love reading the comments hereโค๏ธ
0 reply
0 recast
0 reaction
MIMANG pfp
MIMANG
@mimang0x
awesome
0 reply
0 recast
0 reaction
John Doe pfp
John Doe
@umoby
I donโ€™t understand this? What are you trying to say?
0 reply
0 recast
0 reaction
ะ•ะฒะณะตะฝะธะน pfp
ะ•ะฒะณะตะฝะธะน
@ratnik
Eliminating Possible Overflows: Add overflow checks during calculations: python @view def getReturnPerSlot(x: uint256) -> uint256: return isqrt(x * isqrt(x)) // REWARD_DENOMINATOR Zero Address Checks: python @external def transfer(_to: address, _value: uint256) -> bool: assert _to != address(0), "Transfer to the zero address" assert self.balances[msg.sender] >= _value, "Insufficient balance" self.balances[msg.sender] -= _value self.balances[_to] += _value return True These changes will help improve the reliability and security of your smart contract.
0 reply
0 recast
0 reaction
ะ•ะฒะณะตะฝะธะน pfp
ะ•ะฒะณะตะฝะธะน
@ratnik
External Contract Calls Check: Ensure that all external contract calls are checked for successful execution: python success: bool = extcall STAKED_TOKEN_ADDRESS.transfer(msg.sender, totalOut, default_return_value=True) assert success Suggested Fixes: Using Safe Mathematical Operations: It is recommended to use safe functions for arithmetic operations to avoid overflows, such as safeMath. Adding Checks for Minting: python @external def mint(_to: address, _value: uint256): assert _value > 0, "Mint value should be greater than zero" self.balances[_to] += _value self.total_supply += _value Improving Whitelist Check: python @view def isEligible(user: address) -> bool: balance: uint256 = staticcall UNIQUEID_TOKEN_ADDRESS.balanceOf(user, UNIQUEID_TOKEN_COLLECTION) return balance > 0
0 reply
0 recast
0 reaction
ะ•ะฒะณะตะฝะธะน pfp
ะ•ะฒะณะตะฝะธะน
@ratnik
Hello Vitaliy! Possible vulnerabilities and errors: Whitelist Check: Make sure that the isEligible function correctly checks the user's presence in the whitelist. It may be necessary to add a check for the existence of tokens of a specific ERC1155 identifier. Minting Security: In the mint function of the ERC-20 contract, ensure that everything is checked for overflow: python self.balances[_to] += _value self.total_supply += _value If _value is too large, it could cause an overflow. Overflow in Rewards: Check the correctness of calculations in the _unstake function to exclude possible overflows: python totalOut: uint256 = self.stakedAmount[msg.sender] + timeElapsed * returnPerSlot Zero Address Check: In the transfer function of the ERC-20 contract, add a check for zero addresses: python assert _to != address(0), "Transfer to the zero address" Time and Blocks Management: In the tests, use the correct methods for managing time and blocks to avoid possible errors when moving timestamps.
0 reply
0 recast
0 reaction
zkfriendly pfp
zkfriendly
@zkfriendly.eth
a1 stakes 1 eth at time 0. fast forward 1000 blocks. a2 stakes 0.1 eth. fundedUntil breaks
0 reply
0 recast
0 reaction