DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Submission Details
Severity: low
Invalid

Locked Ether Vulnerability in MigrationFacet.sol

Summary

The MigrationFacet.sol contract has been identified with a potential vulnerability related to locked Ether. The contract contains a payable function (mowAndMigrate) without a corresponding withdrawal mechanism, leading to a risk of permanently locking any Ether sent to the contract.

Vulnerability Details

The vulnerable contract's mowAndMigrate function is designed to handle migrations of deposits but lacks a proper withdrawal mechanism for any Ether sent to it. This violates best practices for secure contract design.

Impact

The impact of this vulnerability is the permanent loss of Ether sent to the contract through the mowAndMigrate function. Users sending Ether to this function risk having their funds irreversibly locked within the contract.

Tools Used

Manual review and slither.

Recommendations

To address this issue, it is recommended to implement a withdrawal mechanism within the MigrationFacet.sol contract, allowing users to retrieve any Ether sent to the contract.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

Stuck funds

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.