Anyone can Claim reward On Behalf of depositor or claimer via `claimRewardOnBehalf`

Summary

The claimRewardOnBehalf function in the contract allows anyone to claim rewards on behalf of a deposit owner or claimer if they possess a valid _signature. However, there are no restrictions requiring the caller of the function to match the deposit.owner or deposit.claimer. This creates a significant vulnerability, as anyone with access to a valid _signature can claim rewards without being deposit.owner or deposit.claimer.

Vulnerability Detail

Impact

Anyone with access to a valid _signature can claim rewards without being the deposit owner or claimer.

Code Snippet

https://github.com/sherlock-audit/2024-11-tally/blob/main/staker/src/extensions/GovernanceStakerOnBehalf.sol#L250-L274

Tool used

Manual Review, Foundry

Recommendation

Only deposit.owner or deposit.claimer should be able to call claimRewardOnBehalf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

092.md

092.md

Anyone can Claim reward On Behalf of depositor or claimer via `claimRewardOnBehalf`

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

092.md

Latest commit

History

092.md

File metadata and controls

Anyone can Claim reward On Behalf of depositor or claimer via claimRewardOnBehalf

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Anyone can Claim reward On Behalf of depositor or claimer via `claimRewardOnBehalf`