#42538 [SC-Insight] Incorrect value in events emitted in StakeV2
Was this helpful?
Was this helpful?
Submitted on Mar 24th 2025 at 15:07:29 UTC by @dobrevaleri for
Report ID: #42538
Report Type: Smart Contract
Report severity: Insight
Target: https://github.com/immunefi-team/audit-comp-yeet/blob/main/src/StakeV2.sol
Impacts:
Contract fails to deliver promised returns, but doesn't lose value
All StakeV2
claim functions emit misleading events when claiming rewards, as it only accounts for tokens received by the Zapper contract rather than the actual recipient.
The issue occurs in All StakeV2
claim functions where the Claimed
event is emitted with the return value from the Zapper's withdrawal functions:
The problem is that the Zapper's _yeetOut()
function returns 0 as claimed value if the recipient in either KodiakVaultUnstakingParams
or VaultRedeemParams
is different from the Zapper's address, which doesn't correctly represent the actual claimed assets. Also because of this the zapOutToToken1()
will also return 0, which is used for emitting the Claimed
event:
Events emit incorrect reward claim amounts
Off-chain systems tracking rewards through events will have incorrect data
Users may appear to have claimed 0 rewards when they actually received tokens
User has earned rewards in StakeV2
User calls claimRewardsInToken1()
and sets the recipient in either unstakeParams
or redeemParams
to their address
The withdrawal executes successfully and user receives tokens
However, the Claimed
event emits 0 as the claimed amount since the recipient wasn't the Zapper
Off-chain systems tracking rewards see a claim for 0 tokens despite actual tokens being transferred