The owner of the core SDL Pool contracts like SDLPoolPrimary.sol and SDLPoolCCIPControllerPrimary.sol has the ability to:
Upgrade contracts using OpenZeppelin's proxy pattern
Modify critical parameters like max lock duration
Recover any tokens from the contracts
This results in a centralized single point of failure.
If the owner address is compromised, the attacker could steal funds, modify parameters to their benefit, or sabotage operations by upgrading the contracts.
Some specific exploits:
Drain all SDL rewards using recoverTokens
Set max lock duration to 0 to disable locking
Upgrade to a malicious contract and steal staked funds
Given the owner is currently a multisig wallet, the likelihood of compromise is low. However, accidents or unintended consequences of upgrades are still possible even without malice.
Manual Review
Adding decentralized governance, limiting privileges, and building robust emergency controls would help mitigate the issues.
Implementing a DAO/timelock for ownership rather than a multisig
Limiting the owner's abilities to only necessary functionality
Adopting a pause function that freezes sensitive functionality in emergencies
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.