Content
@
https://warpcast.com/~/channel/vyper
0 reply
0 recast
0 reaction
Vitalik Buterin
@vitalik.eth
The contract here is a sublinear staking contract: if you are in the whitelist (specified as an ERC1155 collection), then you can stake N coins, and get a return of N ** 0.75 coins per slot, for as long as the contract has coins to pay for it. There is a fundedUntil mechanism that ensures that if the contract runs out of money, every staker gets rewarded for every slot up to the fundedUntil timestamp, and the mechanism doesn't turn into a fractional reserve. https://github.com/ethereum/research/blob/master/sublinear_staking/code.vy Bounty of total 2 ETH for identifying any bugs / vulnerabilities in the contract and proposing specific fixes, if multiple issues are found the bounty will be split based on severity. Amount: 2 ETH @bountybot
24 replies
121 recasts
586 reactions
CryptoProfeta
@cryptoprofeta
Potential Bugs and Vulnerabilities in the Sublinear Staking Contract Reentrancy in _unstake: The _unstake function includes a transfer of tokens (extcall STAKED_TOKEN_ADDRESS.transfer). If the ERC20 token's transfer method is reentrant (e.g., custom implementation or callback mechanism), this could cause issues. Mitigation: Use a reentrancy guard or adjust state variables before the transfer. Rounding Errors in Rewards Calculation: The getReturnPerSlot function relies on integer square roots. Rounding could lead to incorrect reward calculations for small or large stakes. Test cases for edge conditions should verify correct behavior. Incorrect Liabilities Adjustment: In _unstake, liabilities are adjusted as self.liabilities -= totalOut. If there are multiple simultaneous unstake operations, there's a risk of inconsistent state updates due to race conditions. Mitigation: Implement locks or atomic operations to manage state updates. Division by Zero in _fundedUntil:
0 reply
0 recast
0 reaction
