Interesting Gingerbread Aphid
Medium
If no user stack during distribution period, or if user do not claim their rewards afterwards, funds can be stuck forever in the contract.
No way to retrieve ERC20 after distribution period has ended.
- Incentivizer call
createDistribution()to create a new reward distribution, ERC20 are sent toGammaRewarder.sol
- Hypervizor badly communicates of incentivized plan for the associated Gamma Vault
- No user stack in the Gamma Vault, thus no one to claim the rewards
- Time elapse and
distribution.endBlockNumber > block.number - Users are unable to claim because the distribution range has passed. If user stack now, it's too late. Because no one staked during the distribution range, now no one can claim the distribution with proof that will pass
handleProofResult() - ERC20 are stuck forevere in the contract, as there is no way to retrieved the funds
Not an attack. Funds can be stuck forever if no user stack during the distribution period.
Fund stuck forever in GammaRewarder.sol
See external pre-conditions
Add a way for incentivizer to retrieve rewardAmount left after the distribution period has ended. Add a grace period for user to claim their rewards before incentivizer can retrieve the blocked funds.