Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

apegurus/stateful-parameter-update-drift

Name: stateful-parameter-update-drift
Author: apegurus

skills/vulnerability-patterns/stateful-parameter-update-drift/SKILL.md

Changing live protocol parameters without synchronizing accrued state creates hindsight effects, unfair allocations, or broken invariants.

data-ai

Updated May 13, 2026

$ install --global

skillsauth

npx skillsauth add apegurus/solidity-argus stateful-parameter-update-drift

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 13, 2026, 3:31 AM177.7s1 file scanned

SKILL.md

name:: stateful-parameter-update-drift
description:: Potential hindsight impact when mutable parameters affect accrued accounting
category:: vulnerability-pattern
pattern_category:: logic-error
source_url:: https://github.com/bailsec/BailSec
source_license:: CC0
imported_at:: 2025-02-20T00:00:00Z
- regex:: (lastUpdate|pending|accrued|epoch|index|reward|supply).*(set|change|update)
severity:: High

Stateful Parameter Update Drift Vulnerabilities

Overview

Protocols with time-based accrual (fees, rebases, emissions, yield drips) often expose governance or admin setters that modify core parameters while accrual windows are still open. If the contract does not settle or checkpoint state before applying the new value, the update retroactively changes historical accounting. This creates hindsight effects: users can gain or lose value for periods that should already be fixed.

The vulnerability is not just governance centralization. Even trusted governance can unintentionally trigger unfair redistribution or lockups when parameter updates are applied to stale state.

Common Patterns

Mutable fee collector or tax parameter changed without first syncing pending accrual.
Unstake tax, reward rate, or epoch frequency updates affecting already elapsed time.
Toggle-style parameters (address(0) sentinel, pause/unpause) that alter future and past calculations simultaneously.
Setter functions that bypass the same accounting hooks used by normal user actions.

Detection Heuristics

For each admin setter, identify all variables that depend on elapsed time since last update.
Verify setters call the same _update*, _accrue*, or checkpoint routines as user-facing flows.
Test state transitions with long inactivity windows and then a single governance change.
Check whether parameter changes can reorder who receives already-accrued rewards.

Examples from Audits

Fee-collector changes that prevented expected debasing in hindsight or triggered abrupt catch-up effects.
Tax parameter updates that applied to previously elapsed yield windows, redistributing value unexpectedly.
Configuration changes that could move protocol behavior into disruptive states immediately after activation.

Remediation

Require a deterministic pre-update checkpoint in every setter that influences accrual math. Apply parameter changes only after accrued state is finalized to the current timestamp or epoch boundary. Where governance changes are sensitive, add delay and staged execution with explicit before/after snapshots. Include invariant tests asserting that total distributable value is conserved across parameter changes and that historical periods are not recomputed with new settings.

Related Skills

apegurus/vector-scan

testing

VerifiedTrustedCommunity

Specialist profile for mechanically applying the attack-vector deck and classifying vectors as skip, drop, or investigate.

SKILL.mdUpdated May 30, 2026

apegurus/periphery

tools

VerifiedTrustedCommunity

Specialist profile for libraries, helpers, base contracts, adapters, encoders, wrappers, and integration glue.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

testing

VerifiedTrustedCommunity

Specialist profile for rounding, scale, decimal, downcast, and arithmetic accounting edge cases.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

apegurus/invariant

testing

VerifiedTrustedCommunity

Specialist profile for extracting conservation laws and state couplings, then searching for violating paths.

SKILL.mdUpdated May 30, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/apegurus/solidity-argus.git

# Copy into Claude Code skills folder (global)
cp -r solidity-argus/skills/vulnerability-patterns/stateful-parameter-update-drift ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

apegurus/solidity-argus

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT

apegurus/stateful-parameter-update-drift

skills/vulnerability-patterns/stateful-parameter-update-drift/SKILL.md

Changing live protocol parameters without synchronizing accrued state creates hindsight effects, unfair allocations, or broken invariants.

data-ai

Updated May 13, 2026

$ install --global

skillsauth

npx skillsauth add apegurus/solidity-argus stateful-parameter-update-drift

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 13, 2026, 3:31 AM177.7s1 file scanned

SKILL.md

name:: stateful-parameter-update-drift
description:: Potential hindsight impact when mutable parameters affect accrued accounting
category:: vulnerability-pattern
pattern_category:: logic-error
source_url:: https://github.com/bailsec/BailSec
source_license:: CC0
imported_at:: 2025-02-20T00:00:00Z
- regex:: (lastUpdate|pending|accrued|epoch|index|reward|supply).*(set|change|update)
severity:: High

Stateful Parameter Update Drift Vulnerabilities

Overview

The vulnerability is not just governance centralization. Even trusted governance can unintentionally trigger unfair redistribution or lockups when parameter updates are applied to stale state.

Common Patterns

Mutable fee collector or tax parameter changed without first syncing pending accrual.
Unstake tax, reward rate, or epoch frequency updates affecting already elapsed time.
Toggle-style parameters (address(0) sentinel, pause/unpause) that alter future and past calculations simultaneously.
Setter functions that bypass the same accounting hooks used by normal user actions.

Detection Heuristics

For each admin setter, identify all variables that depend on elapsed time since last update.
Verify setters call the same _update*, _accrue*, or checkpoint routines as user-facing flows.
Test state transitions with long inactivity windows and then a single governance change.
Check whether parameter changes can reorder who receives already-accrued rewards.

Examples from Audits

Fee-collector changes that prevented expected debasing in hindsight or triggered abrupt catch-up effects.
Tax parameter updates that applied to previously elapsed yield windows, redistributing value unexpectedly.
Configuration changes that could move protocol behavior into disruptive states immediately after activation.

Remediation

Related Skills

apegurus/vector-scan

testing

VerifiedTrustedCommunity

Specialist profile for mechanically applying the attack-vector deck and classifying vectors as skip, drop, or investigate.

SKILL.mdUpdated May 30, 2026

apegurus/periphery

tools

VerifiedTrustedCommunity

Specialist profile for libraries, helpers, base contracts, adapters, encoders, wrappers, and integration glue.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

testing

VerifiedTrustedCommunity

Specialist profile for rounding, scale, decimal, downcast, and arithmetic accounting edge cases.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

apegurus/invariant

testing

VerifiedTrustedCommunity

Specialist profile for extracting conservation laws and state couplings, then searching for violating paths.

SKILL.mdUpdated May 30, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/apegurus/solidity-argus.git

# Copy into Claude Code skills folder (global)
cp -r solidity-argus/skills/vulnerability-patterns/stateful-parameter-update-drift ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

apegurus/solidity-argus

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT