Summary

The SDLPoolPrimary.sol contract's initialize function fails to set the delegatorPool address, leaving it at the default zero address. This prevents the migrate function from being used, as it checks for the SDLPoolPrimary::delegatorPool address to authorize migrations, resulting in a "SenderNotAuthorized()" error. The bug effectively renders stake migrations impossible, impacting the contract's intended functionality.

Vulnerability Details

Upon deployment, the delegatorPool variable is uninitialized and thus defaults to the zero address (0x000...000).

Initialization Check: The initialize function is designed to be called to set up the contract. It includes a check to see if delegatorPool is the zero address.

If delegatorPool is the zero address, the function is supposed to initialize the base contract. However, the function also contains an else block that implies delegatorPool should be set to ccipController if it is not the zero address. Since there is no code to change delegatorPool from the zero address before this check, the else block is never executed, and delegatorPool remains at the zero address.

The migrate function, which is meant to allow the delegatorPool to migrate stakes, checks if the caller (msg.sender) is the delegatorPool. Since delegatorPool is never updated from the zero address, this check will always fail for any legitimate delegatorPool address, causing the function to revert with "SenderNotAuthorized()".

As a result of this flaw, the migrate function cannot be used, and the intended functionality of stake migration is broken.

Impact

The SDLPoolPrimary::migrate function is rendered unusable, preventing user stakes migration. This directly impacts the core functionality for which the contract was designed.This vulnerability prevents the contract from operating as intended and could lead to operational disruptions and loss of trust in the system.

Tools Used

Manual Review

Recommendations

revise the initialize function to ensure delegatorPool can be set to a valid address!