mirror of
https://github.com/vacp2p/staking-reward-streamer.git
synced 2026-01-09 13:08:03 -05:00
0fa101df14
In case the `StakeManager` is malicious and returns `lockUntil` values that don't make sense, we calculate the new `lockUntil` values in the `StakeVault` to compare against those. If the values coming from `StakeManager` are not matching, something's off and we revert. We still do `lockUntil` calculations in `StakeManager` via `StakeMath` to ensure absolute max MP isn't exceeded. We don't have the notion of multiplier points in the `StakeVault`, nor should it know about it. Hence, we're just doing the `lockUntil` calculation. **Note** This introduces another "vulnerability" that I consider "acknowledged", but won't fix: In theory, a malicious stake manager upgrade could remove the upper bound checks on absolute max MP. In such a case, users could pass a very large `lockUntil` to `StakeVault`. `StakeManager` would simply calculate the same `lockUntil` but wouldn't revert on the max cases. So in other words, users can hurt themselves if stake manager removed the check and users willingly lock for very long time. Closes #249