Slow Misty Iguana
Medium
The excessive DelegationCreationBaseGasFee charged in CreateBTCDelegation() has not been refunded to the user.
In the Expression of Interest Delegation mode, users first create a BTCDelegation and then submit a DelegationInclusionProof. However, the excessively charged DelegationCreationBaseGasFee has not been refunded to the users.
https://github.com/sherlock-audit/2024-12-babylon/blob/main/babylon/x/btcstaking/keeper/msg_server.go#L260 https://github.com/sherlock-audit/2024-12-babylon/blob/main/babylon/x/btcstaking/keeper/msg_server.go#L303
// CreateBTCDelegation creates a BTC delegation
func (ms msgServer) CreateBTCDelegation(goCtx context.Context, req *types.MsgCreateBTCDelegation) (*types.MsgCreateBTCDelegationResponse, error) {
defer telemetry.ModuleMeasureSince(types.ModuleName, time.Now(), types.MetricsKeyCreateBTCDelegation)
// everything is good, if the staking tx is not included on BTC consume additinal
// gas
if !parsedMsg.IsIncludedOnBTC() {
ctx.GasMeter().ConsumeGas(params.DelegationCreationBaseGasFee, "delegation creation fee")
}
}It can be seen that in the CreateBTCDelegation function, if the user does not submit the DelegationInclusionProof in MsgCreateBTCDelegation, they will be overcharged with the DelegationCreationBaseGasFee. However, in fact, the user subsequently submits the DelegationInclusionProof through AddBTCDelegationInclusionProof(). But there is no refund of the DelegationCreationBaseGasFee in AddBTCDelegationInclusionProof().
Using the Expression of Interest Delegation mode to create a BTCDelegation will require additional expenditure of DelegationCreationBaseGasFee, resulting in financial losses for users.
Refund the DelegationCreationBaseGasFee to the user in AddBTCDelegationInclusionProof().