A new pull request (#274) to the Movement Aptos Core repository introduces critical failsafe logic designed to protect network stability during staking reward distribution. The feature prevents epoch transitions from failing entirely when the Governed Gas Pool (GGP) has insufficient balance to cover calculated staking rewards.
The implementation modifies the `distribute_rewards` function in stake.move to check available GGP balance before attempting withdrawal. Rather than aborting the epoch when funds are depleted, the system now caps reward withdrawals at the actual available balance using `min(rewards_amount, available_balance)`. This ensures validators receive partial rewards or zero rewards during treasury depletion, rather than causing a network halt.
Comprehensive testing confirms the failsafe's effectiveness. A new smoke test (`test_staking_reward_failsafe_zero_ggp_balance`) validated the mechanism on a 4-validator swarm by enabling the treasury feature without pre-funding the GGP. The test confirmed that three consecutive epoch changes succeeded with a zero GGP balance, and all validators retained their stake without loss. This change represents a significant improvement to network resilience, ensuring continued operation during treasury constraints while maintaining validator security.