Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Cega>Low findings>Missing status check in ,openVaultDeposits
GeneralOverview
Findings
High (1)
Medium (4)
Low (2)Missing status check in openVaultDepositsGas griefing using zero-value deposits and withdrawals
Informational (2)
DiscussionCentralization risksUsing non-ERC20 token standardsImpossibility of reentrancy in the queue-processing functions
Threat ModelsWhat are threat models?CegaState.solFCNProduct.solOracle.sol
Category: Coding Mistakes

Missing status check in openVaultDeposits

Low Severity
Medium Impact
Low Likelihood

Description

Before the depositQueue can be processed for a specific vault, that vault's status needs to be set to DepositsOpen. This can be achieved using the openVaultDeposits() function:

function openVaultDeposits(address vaultAddress) public onlyTraderAdmin {
    FCNVaultMetadata storage vaultMetadata = vaults[vaultAddress];
    vaultMetadata.vaultStatus = VaultStatus.DepositsOpen;
}

This function does not check to ensure the vault is in the initial DepositsClosed status. A trader admin may accidentally, or through malicious intent, modify the status of any vault to DepositsOpen at any time from any arbitrary status.

Impact

The vaults are designed to go through specific states in a certain order. If this order is not followed, the vault may end up in an unintended status, which could lead to any number of problems (e.g., the vault not functioning as intended).

Recommendations

Add a preconditional status check to openVaultDeposits() to ensure that the vault is in a DepositsClosed status.

Remediation

The client has acknowledged and fixed this issue by adding a state check to openVaultDeposits(). This was fixed in commit 455ab74c.

Zellic © 2024Back to top ↑