Описание
Babylon Incorrect FP inactive accounting in costaking creates “phantom stake” that earns rewards after BTC unbond
Summary
A state consistency bug in x/costaking can leave a BTC delegator with non-zero ActiveSatoshis (Phatom Stake) even after they have fully unbonded their BTC delegation, if their Finality Provider (FP) drops out of the active set in the exact same babylon block height. This creates a “phantom stake”: the delegator’s BTC capital is withdrawn, the FP is inactive, but costaking continues to treat the delegation as active BTC stake allowing ongoing rewards accrual without backing BTC.
Impact
An address can keep earning costaking rewards with zero BTC staked.
Reported by @BottyBott.
Пакеты
github.com/babylonlabs-io/babylon/v4
< 4.2.0
4.2.0
github.com/babylonlabs-io/babylon/v3
<= 3.0.0-snapshot.250805a
Отсутствует
github.com/babylonlabs-io/babylon/v2
<= 2.3.2
Отсутствует
github.com/babylonlabs-io/babylon
<= 1.1.0
Отсутствует
6.9 Medium
CVSS4
Дефекты
6.9 Medium
CVSS4