Steadefi
Steadefi
DeFiHardhatFoundryOracle
35,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

emergencyPause does not cache the previous status; leading to permanent loss of requested but not processed deposit/withdraw.

Citris

Summary

emergencyPause does not cache the previous status; leading to permanent loss of requested but not processed deposit/withdraw.

The protocol make uses of status to clearly define what state the system is in, and what are the pre-requisite for executing a step-wise function to transition the system. For example, to handle the 2-step deposit/withdrawal inherent to GMX, upon deposit, the system would transition to self.status = GMXTypes.Status.Deposit;. And then a status of Deposit would be the requirement for the system to call execute processDeposit, through the afterDepositExecution callback from the GMX contract entry point executeDeposit

https://github.com/gmx-io/gmx-synthetics/blob/613c72003eafe21f8f80ea951efd14e366fe3a31/contracts/deposit/ExecuteDepositUtils.sol#L265

However, during when the system enters paused through emergencyPause. The system does not cache whatever the status is before transiting to Paused. And when the system resumes through emergencyResume and then processEmergencyResume, the status becomes Open` again.

So if the system was in Deposit or Withdraw, it cannot call processDeposit or processWithdraw, leading to a permanent tx stuck.

function processDeposit(
GMXTypes.Store storage self
) external {
GMXChecks.beforeProcessDepositChecks(self);
function beforeProcessDepositChecks(
GMXTypes.Store storage self
) external view {
if (self.status != GMXTypes.Status.Deposit)
revert Errors.NotAllowedInCurrentVaultStatus();
}

emergency:

function processEmergencyResume(
GMXTypes.Store storage self
) external {
GMXChecks.beforeProcessEmergencyResumeChecks(self);
self.status = GMXTypes.Status.Open;
emit EmergencyResume();
}
function beforeProcessEmergencyResumeChecks (
GMXTypes.Store storage self
) external view {
if (self.status != GMXTypes.Status.Resume)
revert Errors.NotAllowedInCurrentVaultStatus();
}

Vulnerability Details

Impact

inconsistency in system status leading to a loss of deposit/withdraw prior to emergency pause.

Tools Used

Recommendations

consider a cache of system status and resume after emergency pause.

Updates

Lead Judging Commences

hans Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Not caching the previous state on emergencyPause

Impact: High Likelihood: Low/Medium Deposit or withdraw that were in progress will be ignored and cause fund loss. Because emergencyPause is only callable by keepers, Medium is the proper severity.

arnie Auditor
over 1 year ago
Steadefi Lead Judge
over 1 year ago
hans Auditor
over 1 year ago
hans Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Not caching the previous state on emergencyPause

Impact: High Likelihood: Low/Medium Deposit or withdraw that were in progress will be ignored and cause fund loss. Because emergencyPause is only callable by keepers, Medium is the proper severity.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.