Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ravikiran.web3 - VaultCore::depositLv and previewLvDeposit functions will not work as expected due to incorrect implementation of Modifier #1

Closed
sherlock-admin2 opened this issue Sep 10, 2024 · 0 comments
Closed

ravikiran.web3 - VaultCore::depositLv and previewLvDeposit functions will not work as expected due to incorrect implementation of Modifier #1

sherlock-admin2 opened this issue Sep 10, 2024 · 0 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. Reward A payout will be made for this issue

Comments

@sherlock-admin2
Copy link
Contributor

sherlock-admin2 commented Sep 10, 2024
edited by sherlock-admin3
Loading

ravikiran.web3

Medium

VaultCore::depositLv and previewLvDeposit functions will not work as expected due to incorrect implementation of Modifier

Summary

The logic of LVDepositNotPaused modifier condition is incorrectly implemented. In the vault configuration, the pausing of deposits and withdrawals is independently tracked.

   struct VaultConfig {
    // 1 % = 1e18
    uint256 fee;
    uint256 lpBalance;
 ==>    bool isDepositPaused;
 ==>    bool isWithdrawalPaused;
}

The LVDepositNotPaused modifier incorrectly refers to isWithdrawalPaused bool instead of isDepositPaused bool in the below modifier. Due to this, while withdrawals are paused, the depositing functionality is also paused while it is not intended to be paused.

    modifier LVDepositNotPaused(Id id) {
        if (states[id].vault.config.isWithdrawalPaused) {
            revert LVDepositPaused();
        }
        _;
    }

Root Cause

In ModuleState.sol, the logic implementation is incorrect. When the withdrawals are paused, the functions that have the LVDepositNotPaused modifier will also be paused.

https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/ModuleState.sol#L108-L113

As the above modifier is attached to depositLv(...) function and previewLvDeposit(...) function, on pausing the withdrawals, both of these functions related to deposit will stop functioning.

https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/Vault.sol#L33-L37

https://github.com/sherlock-audit/2024-08-cork-protocol/blob/main/Depeg-swap/contracts/core/Vault.sol#L53-L61

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

  1. Pause withdrawals by calling the below function with isLVWithdrawalPaused set to true.
     function updatePoolsStatus(
        State storage self,
        bool isPSMDepositPaused,
        bool isPSMWithdrawalPaused,
        bool isLVDepositPaused,
  ===>      bool isLVWithdrawalPaused
    ) internal {
        self.psm.isDepositPaused = isPSMDepositPaused;
        self.psm.isWithdrawalPaused = isPSMWithdrawalPaused;
        self.vault.config.isDepositPaused = isLVDepositPaused;
 ===>       self.vault.config.isWithdrawalPaused = isLVWithdrawalPaused;
    }
  1. call depositLv() or previewLvDeposit() and it should revert.

Impact

No response

PoC

No response

Mitigation

Revise the LVDepositNotPaused modifier as below to resolve the issue. The pause should be applicable only if isDepositPaused is set to true for the id.

   modifier LVDepositNotPaused(Id id) {
   -    if (states[id].vault.config.isWithdrawalPaused) {
   +    if (states[id].vault.config.isDepositPaused) {
            revert LVDepositPaused();
        }
        _;
    }

Duplicate of #182
@github-actions github-actions bot added Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. labels Sep 14, 2024
@sherlock-admin3 sherlock-admin3 changed the title Ambitious Neon Otter - VaultCore::depositLv and previewLvDeposit functions will not work as expected due to incorrect implementation of Modifier ravikiran.web3 - VaultCore::depositLv and previewLvDeposit functions will not work as expected due to incorrect implementation of Modifier Sep 25, 2024
@sherlock-admin3 sherlock-admin3 added the Reward A payout will be made for this issue label Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sherlock-admin2 @sherlock-admin3