> For the complete documentation index, see [llms.txt](https://reports.immunefi.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://reports.immunefi.com/folks-liquid-staking.md).

# Folks: Liquid Staking

## Reports by Severity

<details>

<summary>High</summary>

* \#37660 \[SC-High] incorrect tracking of \`TOTAL\_ACTIVE\_STAKE\` leads to permanent freezing of funds
* \#37775 \[SC-High] Accounting Discrepancy in \`consensus\_v2.py::burn()\`can potentially cause underflow and lead to temporary Denial of Service and a deliberate DOS Attack
* \#37852 \[SC-High] The accumulation of rewards is being decreased from the active stake which could leave out users unable to redeem xAlgo
* \#37863 \[SC-High] Underflow in burn method prevents all xALGO from being burnt
* \#37889 \[SC-High] Underflow in \`burn()\` function will cause user funds to partially frozen
* \#37940 \[SC-High] Freezing of user funds When Reward accumulated or added
* \#37903 \[SC-High] "Potential Underflow Vulnerability in burn Function for total\_active\_stake\_key"
* \#37661 \[SC-High] Incorrect \`total\_active\_stake\` reduction causes loss of funds for the users and excessive fees collection over time

</details>

<details>

<summary>Low</summary>

* \#37867 \[SC-Low] Contract upgrade failing due to SHA256 failing because of AVM byte width limits

</details>

<details>

<summary>Insight</summary>

* \#37768 \[SC-Insight] Missing Event Emission when proposer are added prevents safe retrieval of index for subsequent operations
* \#37807 \[SC-Insight] Truncation of mint\_amount to zero leading to potential stake loss
* \#37854 \[SC-Insight] Missing state validation upon Upgrade
* \#37893 \[SC-Insight] Inflation Attack in xAlgo
* \#37864 \[SC-Insight] Over-charging users on delayed mint
* \#37791 \[SC-Insight] Consensus contract distributes Algo for proposers that are offline that cause losing of reward

</details>

## Reports by Type

<details>

<summary>Smart Contract</summary>

* \#37660 \[SC-High] incorrect tracking of \`TOTAL\_ACTIVE\_STAKE\` leads to permanent freezing of funds
* \#37768 \[SC-Insight] Missing Event Emission when proposer are added prevents safe retrieval of index for subsequent operations
* \#37775 \[SC-High] Accounting Discrepancy in \`consensus\_v2.py::burn()\`can potentially cause underflow and lead to temporary Denial of Service and a deliberate DOS Attack
* \#37807 \[SC-Insight] Truncation of mint\_amount to zero leading to potential stake loss
* \#37852 \[SC-High] The accumulation of rewards is being decreased from the active stake which could leave out users unable to redeem xAlgo
* \#37854 \[SC-Insight] Missing state validation upon Upgrade
* \#37863 \[SC-High] Underflow in burn method prevents all xALGO from being burnt
* \#37889 \[SC-High] Underflow in \`burn()\` function will cause user funds to partially frozen
* \#37893 \[SC-Insight] Inflation Attack in xAlgo
* \#37940 \[SC-High] Freezing of user funds When Reward accumulated or added
* \#37867 \[SC-Low] Contract upgrade failing due to SHA256 failing because of AVM byte width limits
* \#37903 \[SC-High] "Potential Underflow Vulnerability in burn Function for total\_active\_stake\_key"
* \#37864 \[SC-Insight] Over-charging users on delayed mint
* \#37661 \[SC-High] Incorrect \`total\_active\_stake\` reduction causes loss of funds for the users and excessive fees collection over time
* \#37791 \[SC-Insight] Consensus contract distributes Algo for proposers that are offline that cause losing of reward

</details>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://reports.immunefi.com/folks-liquid-staking.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.