Helpful Walnut Meerkat
High
The notifyRewardAmount function is responsible for notifying the contract about an additional amount of rewards sent to it, updating the total rewards available for distribution. However, certain checks within this function are incorrect.
https://github.com/sherlock-audit/2024-11-tally/blob/main/staker/src/GovernanceStaker.sol#L456-L458
if (
(scaledRewardRate * REWARD_DURATION) > (REWARD_TOKEN.balanceOf(address(this)) * SCALE_FACTOR)
) revert GovernanceStaker__InsufficientRewardBalance();The issue lies in the fact that this condition does not consider already allocated but unclaimed rewards. Consequently, if a sufficient number of users have not claimed their rewards, this function could still be called, increasing the reward rate and potentially causing future payment failures.
No response
This scenario could occur due to an incorrect call by isRewardNotifier. Additionally, if multiple isRewardNotifier entities exist, they might not be aware of each other's calls and could invoke the function twice.
No response
Improper increase of the reward rate, leading to potential payment failures in the future.
Adjust the logic to account for unclaimed rewards.