Assessment reportsPublic findings
Back to Zellic site
Assessment reports>EtherFi>High findings>Wrong rewards calculation due to ,numAssociatedValidators
GeneralOverview
Findings
Critical (5)
High (1)Wrong rewards calculation
Medium (3)
Low (1)
Informational (1)
DiscussionUnused variables could be removed
Threat ModelWhat are threat models?EtherFiNode.solEtherFiNodesManager.solLiquidityPool.solStakingManager.sol
Audit ResultsSummary
Category: Coding Mistakes

Wrong rewards calculation due to numAssociatedValidators

High Severity
High Impact
Medium Likelihood

Description

When a user deposits stakes via either StakingManager or LiquidityPool, the value of _numAssociatedValidators will increase. After the user deposits the phase would be IEtherFiNode.VALIDATOR_PHASE.STAKE_DEPOSITED, after register is called on the validator the next phase of the validator id could be WAITING_FOR_APPROVAL if deposit is made via the LiquidityPool. If the approval is rejected the phase goes back to NOT_INITIALIZED.

Even if the validator ID could be rejected after the deposit is made, the rewards are divided by numAssociatedValidators in the getRewardsPayouts function. Therefore, the rewards payouts could be incorrectly calculated. The same issue could also affect the return value of calculateTVL as it calculates stakingRewardsInEL using numAssociatedValidators.

Impact

The reward calculation might be incorrectly calculated.

Recommendations

We recommend increasing the value of numAssociatedValidators only when the phase of the validator is LIVE.

Remediation

This issue has been acknowledged by EtherFi, and a fix was implemented in commit 43a0f8e9.

Zellic © 2025Back to top ↑