[SLK-01M] Inexistent Retroactive Application of Multipliers #5
Description
SLK-01M: Inexistent Retroactive Application of Multipliers
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  |
SamLock.sol:L112-L115, L138 |
Description:
The SamLock::updateMultipliers function will set the new multipliers in effect solely for new locks, causing old locks to use a stale multiplier.
Impact:
Users who created locks with multipliers that were lower than the newly updated ones would consider the system unfair as they would be using a lower multiplier and could theoretically have less points than a smaller stake or a smaller duration lock with the updated multipliers.
Example:
function updateMultipliers(uint256 multiplier3x, uint256 multiplier6x, uint256 multiplier9x, uint256 multiplier12x)
external
onlyOwner
{
if (multiplier3x == 0 || multiplier6x == 0 || multiplier9x == 0 || multiplier12x == 0) {
revert ISamLock.SamLock__InvalidMultiplier();
}
multipliers[THREE_MONTHS] = multiplier3x;
multipliers[SIX_MONTHS] = multiplier6x;
multipliers[NINE_MONTHS] = multiplier9x;
multipliers[TWELVE_MONTHS] = multiplier12x;
emit ISamLock.MultipliersUpdated(multiplier3x, multiplier6x, multiplier9x, multiplier12x);
}
/// @notice Retrieve all lock information entries for a specific user (address)
/// @param wallet Address of the user
/// @return lockInfos Array containing the user's lock information entries
/// @dev Reverts with ISamLock.SamLock__NotFound if there are no lock entries for the user
function getLockInfos(address wallet) public view returns (ISamLock.LockInfo[] memory) {
return lockings[wallet];
}
/// @notice Calculate the total points earned for a specific lock entry
/// @param wallet Address of the user
/// @param lockIndex Index of the lock information entry for the user
/// @return points Total points earned for the specific lock entry (uint256)
/// @dev Reverts with ISamLock.SamLock__InvalidLockIndex if the lock index is out of bounds
function pointsByLock(address wallet, uint256 lockIndex) public view returns (uint256 points) {
if (lockIndex >= lockings[wallet].length) revert ISamLock.SamLock__InvalidLockIndex();
ISamLock.LockInfo memory lockInfo = lockings[wallet][lockIndex];
UD60x18 multiplier = ud(lockInfo.multiplier);Recommendation:
We advise the code to permit old locks to catch up to the new multiplier if it is greater than the one they were created at, as users who created their locks before the multiplier increased would be unfairly "punished" for being early adopters.
Metadata
Metadata
Assignees
Labels
No labels