-
-
Save betbether/187a40779c6ccb4c9931a789f78aa278 to your computer and use it in GitHub Desktop.
Callisto Coldstaking Bug: Need to check user active status when call claim method
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Issue 1: Method: claim() | |
| Missing check user inactive. | |
| If user inactive more than two years, this method still return reward when she claims | |
| Need to check: | |
| require(Timestamp <= staker[msg.sender].time.add(max_delay)) | |
| 2. Issue 2: Method function new_block() public | |
| This is public method and is not payable but there is statment: | |
| StakingRewardPool = address(this).balance.sub(TotalStakingAmount + msg.value); //fix rewards pool for this block. | |
| The method is not payable so how this statement work? | |
| And if we ant to call this method from external, we cannot send CLO |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment