Omniscia KlimaDAO Audit

StakingHelper Manual Review Findings

SHR-01M: Improper Validation of Execution

Type	Severity	Location
Logical Fault	Minor	StakingHelper.sol:L95-L100

Description:

The stake utility function of the StakingHelper contract should validate that the claim instruction performed at the end did not result in a no-op (i.e. that the warmup duration is zero).

Example:

contracts/staking/regular/StakingHelper.sol

95function stake( uint _amount ) external {
96    IERC20( KLIMA ).transferFrom( msg.sender, address(this), _amount );
97    IERC20( KLIMA ).approve( staking, _amount );
98    IStaking( staking ).stake( _amount, msg.sender );
99    IStaking( staking ).claim( msg.sender );
100}

Recommendation:

We advise such validation to be performed at the contract level to prevent misuse.

Alleviation:

The KlimaDAO team stated that no-ops are permitted by design and as such we consider this exhibit null.

Omniscia KlimaDAO Audit

StakingHelper Manual Review Findings

StakingHelper Manual Review Findings

SHR-01M: Improper Validation of Execution

Description:

Example:

Recommendation:

Alleviation:

KlimaTreasury.sol (KTY-M)

sKlimaToken_v2.sol (KT2-M)

On this page