# 50225 sc low user can bypass minstakeamount checking **Submitted on Jul 22nd 2025 at 18:24:34 UTC by @New5paceXyz for** [**Attackathon | Plume Network**](https://immunefi.com/audit-competition/plume-network-attackathon) * **Report ID:** #50225 * **Report Type:** Smart Contract * **Report severity:** Low * **Target:** * **Impacts:** Contract fails to deliver promised returns, but doesn't lose value ## Description Brief/Intro\ User can `unstake` partially which allows the user to end up with a remaining staked balance that is less than `minStakeAmount` because the code does not check that the remaining staked amount stays >= `minStakeAmount`. ## Vulnerability Details * On staking, the protocol validates the stake amount against `minStakeAmount` via: * User -> `stake` -> `_performStakeSetup` -> `_validateStaking` -> `_validateStakeAmount` * Reference: * Users can `unstake` a specific amount. The unstake flow updates `$.stakeInfo[user].staked` by decreasing the requested `amount` in `_updateUnstakeAmounts`: * References: * * * The unstake logic reduces the staked amount but does not validate that the remaining staked amount remains >= `minStakeAmount`. * As a result, a user can have a staked balance that is less than `minStakeAmount`, breaking the intended invariant that all staked balances must be at least `minStakeAmount`. * Mitigation suggestion (high level): When processing an unstake, check the resulting remaining staked amount; if it would be below `minStakeAmount`, require the user to unstake the full remaining amount (or disallow the partial unstake), so no account remains with a staked amount < `minStakeAmount`. ## Impact Details User can end up with a staked balance below `minStakeAmount`, which breaks the design invariant that every active stake be >= `minStakeAmount`. This affects protocol assumptions about minimum effective stakes but does not directly drain funds. ## References

Relevant source lines

* Stake validation:\ * Unstake and update logic:\

## Proof of Concept {% stepper %} {% step %} 1. User stakes an amount greater than `minStakeAmount`, e.g. `minStakeAmount + 1`. {% endstep %} {% step %} 2\. User partially unstakes `minStakeAmount`. {% endstep %} {% step %} Result: The user now has `1` remaining staked (or generally a remainder < `minStakeAmount`), demonstrating the protocol allows a staked balance below `minStakeAmount`. {% endstep %} {% endstepper %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://reports.immunefi.com/plume-or-attackathon/50225-sc-low-user-can-bypass-minstakeamount-checking.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.