Omniscia Euler Audit
EulDistributor Manual Review Findings
EulDistributor Manual Review Findings
EDR-01M: Insufficient Prevention of Immediate Proof Change
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | EulDistributor.sol:L40-L43, L54 |
Description:
The code of the EulDistributor contract contains a logic block that permits a previous root to be utilized in the claim function if a transaction was pending execution and the proof changed. This does not protect the users from failed claims, however, as there is no cooldown between root updates.
Example:
contracts/mining/EulDistributor.sol
40function updateRoot(bytes32 newRoot) external onlyOwner {41 prevRoot = currRoot;42 currRoot = newRoot;43}44
45// Claiming46
47/// @notice Claim distributed tokens48/// @param account Address that should receive tokens49/// @param token Address of token being claimed (ie EUL)50/// @param proof Merkle proof that validates this claim51/// @param stake If non-zero, then the address of a token to auto-stake to, instead of claiming52function claim(address account, address token, uint claimable, bytes32[] calldata proof, address stake) external {53 bytes32 candidateRoot = MerkleProof.processProof(proof, keccak256(abi.encodePacked(account, token, claimable))); // 72 byte leaf54 require(candidateRoot == currRoot || candidateRoot == prevRoot, "proof invalid/expired");Recommendation:
We advise a cooldown to be introduced between root updates to prevent the owner from invalidating claims immediately.
Alleviation:
The Euler team acknowledged this issue and stated that while the behaviour of immediate root replacement is desirable to be able to react to bad roots, a cooldown interval between root changes will be considered in the future.