Skip to content

Latest commit

 

History

History
48 lines (30 loc) · 1.98 KB

027.md

File metadata and controls

48 lines (30 loc) · 1.98 KB

Powerful Yellow Bear

Medium

Premature epoch increment will restrict users' ability to claim full incentives

Summary

In the DebitaIncentives contract, the currentEpoch() function calculation creates an unintended claim lock due to a premature increment of the epoch by adding +1 to the epoch calculation. This causes users to be unable to claim incentives fully within the current epoch, locking any incentives accrued after the initial claim in each epoch.

Root Cause

https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaIncentives.sol#L437 The addition of + 1 causes the currentEpoch() to increment prematurely. This adjustment results in the contract perceiving the next epoch has started earlier than intended, even though users are still within the correct timeframe for claiming incentives in the current epoch.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

  1. A user attempts to claim incentives within the current epoch.
  2. After claiming, the claimedIncentives flag is set to true, which prevents further claims in that epoch.
  3. Due to the premature epoch increment, any incentives accrued after the initial claim are locked until the next epoch.

Impact

Users are restricted to a single claim per epoch due to the misaligned currentEpoch() calculation. Any incentives earned after the initial claim cannot be accessed until the following epoch, creating a partial lock on accrued funds.

PoC

epochDuration = 14 days After Claim incentives on day 1 of an epoch, the claimedIncentives flag is set to true. Due to this, it is impossible to claim incentives again within the same epoch.

Mitigation

Remove the + 1 adjustment in the currentEpoch() calculation.

function currentEpoch() public view returns (uint) {
-    return ((block.timestamp - blockDeployedContract) / epochDuration) + 1;
+    return (block.timestamp - blockDeployedContract) / epochDuration;
}