The methods below do not sufficiently check the validity of the input parameters, which can lead to DoS of the system for some time:
- get_staking_currency_soft_cap == 0 will stop the ability to call the do_mint method
- A large estimated_reward_rate_per_era rate may lead to incorrect profit calculation.
- bump_era_frequency may block the service (there will be no call to on_initialize)
- force_bump_current_era allows you to jump to ANY era.
All these methods are admin methods, so there is no direct threat to the protocol, since usually all calls from the administrator are performed with multiple parameter checks, however, we still recommend adding checks to increase system security.