Epoch length updating is underconstrained
Description
The StakedPDT contract allows the admin to change the epoch length via the updateEpochLength
function. The function adjusts the end time for the current epoch accordingly. However, the function only constrains the epoch length to be nonzero. As such, the admin can adjust the epoch length such that epoch[currentEpochId].endTime
is in the past. This can lead to a scenario where epoch[currentEpochId].endTime < contractLastInteraction
.
Impact
If epoch length is set incorrectly, making epoch[currentEpochId].endTime < contractLastInteraction
, the contractWeight
function would trigger an underflow and calls to distribute
will crash, halting the protocol. This can, however, be fixed by the admin at runtime by simply calling updateEpochLength
again.
Recommendations
Add the following check to updateEpochLength
.
require(epoch[currentEpochId].startTime + newEpochLength > contractLastInteraction, "Invalid new epoch length");
Remediation
This issue has been acknowledged by Paragons DAO, and a fix was implemented in commit f12d8412↗.