Foundry DeFi Stablecoin CodeHawks Audit Contest

Cyfrin

DeFiFoundry

15,000 USDC

View results

Previous Next

Submission Details

Severity: medium

WBTC Risks as its a Pausable Token

aballok

Summary

WBTC token can be paused

Vulnerability Details

WBTC token is pausable and if paused the Decentralized StableCoin protocol can not function normally

Impact

Medium: If WBTC is paused then transfers of WBTC are not possible, which impacts ability to deposit, ability to pay back collateral to user, which impacts working of protocol hence the inability for peg to be maintained for the stablecoin
The functions relying on .transfer() and .transferFrom() of WBTC in the contract e.g _redeemCollateral() DSCEngine.sol lines 282-287 will not work. This stops deposits of WBTC, redemptions of WBTC crippling the protocol

Tools Used

Manual Analysis

Recommendations

It is recommended to have safeguards e.g pausable protocol so that in the rare case WBTC is paused, the protocol can also be paused. alternatively replace WBTC with more decentralized collateral asset that is not Pausable

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

236

64 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.