Missing stakers Counter Decrement in Ownership Transfer Leads to Inaccurate Staker Accounting
_transferOwnership consolidates a new owner's stake into selfStake but never decrements the stakers counter, so the stakers metric overstates the true number of unique stakers.
Description
When ownership of a StakingPool is transferred to an address that already has a stake in the pool, the contract correctly consolidates the new owner's regular stake into the selfStake variable and zeros out their entry in the stakes mapping. However, the contract fails to decrement the stakers counter, which tracks the number of unique addresses with active stakes.
This occurs in the _transferOwnership function:
function _transferOwnership(address newOwner) internal virtual override {address oldOwner = owner();if (oldOwner == newOwner) return;ownershipNFT.transferFrom(oldOwner, newOwner, uint160(address(this)));if (stakes[newOwner] > 0) {selfStake += stakes[newOwner];stakes[newOwner] = 0;// Missing: stakers--;}emit OwnershipTransferred(oldOwner, newOwner);}
While the comment in the contract indicates that the stakers variable is "for information only," maintaining accurate protocol metrics is important for transparency and governance decisions. Additionally, if the protocol ever begins to rely on this counter for any functionality, the inaccuracy could lead to unexpected behavior.
Impact
The stakers counter overstates the true number of stakers after each ownership transfer where the new owner already had a regular stake. Off-chain analytics and any future logic depending on this metric becomes unreliable.
Recommendation
Decrement the stakers counter when consolidating a new owner's stake:
if (stakes[newOwner] > 0) {selfStake += stakes[newOwner];stakes[newOwner] = 0;stakers--; // Add this line}
