The Standard
The Standard
DeFiHardhat
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

LiquidationPoolManager may approve many times to LiquidationPool

0x6a70

Summary

LiquidationPoolManager approves tokens to be sent to LiquidationPool when runLiquidation function is called

Vulnerability Details

When calling runLiquidation in LiquidationPoolManager , all the tokens that are in possession of the Manager are approved to be sent to the pool.
If there are NO stakers that are staking TST the function will pass and all of the funds will be send to the protocol with forwardRemainingRewards :

function forwardRemainingRewards(ITokenManager.Token[] memory _tokens) private {
for (uint256 i = 0; i < _tokens.length; i++) {
ITokenManager.Token memory _token = _tokens[i];
if (_token.addr == address(0)) {
uint256 balance = address(this).balance;
if (balance > 0) {
(bool _sent,) = protocol.call{value: balance}("");
require(_sent);
}
} else {
uint256 balance = IERC20(_token.addr).balanceOf(address(this));
if (balance > 0) IERC20(_token.addr).transfer(protocol, balance);
}
}
}

So the allowance will pile up with time.

Impact

Low as there is not much that can be done with the approved tokens for transferring.

Tools Used

Manual review

Recommendations

Revoke approval if no tokens are distributed in LiquidationPool , distributeAssets function.

Updates

Lead Judging Commences

hrishibhat Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Out of scope
Assigned finding tags:

pool-approval

informational/invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.