Skip to content

Latest commit

 

History

History
28 lines (20 loc) · 1.6 KB

037.md

File metadata and controls

28 lines (20 loc) · 1.6 KB

Brilliant Flint Sardine

High

Uninitialized MAX_CLAIM_FEE in GovernanceStaker leads to Denial-of-Service in _setClaimFeeParameters

Summary

The GovernanceStaker contract includes an immutable variable MAX_CLAIM_FEE, but it is not initialized in the base contract. While the README does not explicitly confirm or deny whether GovernanceStaker is a production contract, the scope requires that we consider it as such.

Vulnerability Detail

The _setClaimFeeParameters function in GovernanceStaker relies on MAX_CLAIM_FEE to validate fee parameters. However, because MAX_CLAIM_FEE is not initialized in GovernanceStaker, the comparison _params.feeAmount > MAX_CLAIM_FEE will always be true, and the function will always revert.

Impact

  • Denial of Service (DoS): The admin cannot configure claim fees.
  • Revenue Loss: Without claim fees, the protocol may be unable to cover operational costs.

Code Snippet

Tool used

Manual Review

Recommendation

Add this line in the constructor:

+ MAX_CLAIM_FEE = 1e18;