#41823 [SC-Low] Changing the reward settings has a retroactive impact
Was this helpful?
Was this helpful?
Submitted on Mar 18th 2025 at 17:06:18 UTC by @pontifex for
Report ID: #41823
Report Type: Smart Contract
Report severity: Low
Target: https://github.com/immunefi-team/audit-comp-yeet/blob/main/src/Reward.sol
Impacts:
Theft of unclaimed yield
Changing RewardSettings.MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
variable has an retroactive impact and cause users with the same volume in the same epoch can receive different rewards just depending on the date of the claiming.
The RewardSettings.MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
variable caps the max rewards a wallet can get per epoch. This variable is used for all epochs after the user's lastClaimedForEpoch
epoch.
Since the protocol owner can change the MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
the maxClaimable
reward can also be changed for users who have not claimed rewards yet.
Consider tracking the MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
value for each epoch in a separate mapping and using the values for the maxClaimable
reward calculation.
The size of the group of users that can be impacted by the issue depends on the MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
. The default value of the parameter is 30. This means that only 1/30 part of an epoch's emission can be claimed. So all users with userShare
which exceeds 3,33% are capped by the parameter. This way changing the MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
can retroactively increase or decrease the maxClaimable
value for a big group of users for a sufficient value. This can cause unexpected rewards distribution, users losses and breaking tokenomic.
https://github.com/immunefi-team/audit-comp-yeet/blob/da15231cdefd8f385fcdb85c27258b5f0d0cc270/src/Reward.sol#L187 https://github.com/immunefi-team/audit-comp-yeet/blob/da15231cdefd8f385fcdb85c27258b5f0d0cc270/src/RewardSettings.sol#L41-L54
Alice and Bob yeet during several epochs with the same userYeetVolume
:
Since Alice and Bob have the same userYeetVolume
they also have the same userShare
per epoch and claimable
amount respectively:
Suppose the current MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
caps the claimable
amount.
Alice claims rewards every day while Bob decided to claim much rarely.
Then the protocol decides to change the MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR
value and the new maxClaimable
variable does not cap the claimable
amount anymore.
Bob claims rewards for all previous epochs and receives more rewards than Alice.