Beanstalk Part 1
Beanstalk
DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

EnrootFacet::payable Functions but no withdraw way to get fund out from from the contract

touqeershah32

Summary

In this contract there are payable function so user transfer ether to this contract but no withdraw functions.

Vulnerability Details

once user transfer token to this contract their no way to take Ether token out from it , so better to add withdraw functions. in case of emergency.

"description": "Contract locking ether found:\n\tContract EnrootFacet (contracts/beanstalk/silo/EnrootFacet.sol#19-257) has payable functions:\n\t - EnrootFacet.enrootDeposit(address,int96,uint256) (contracts/beanstalk/silo/EnrootFacet.sol#76-118)\n\t - EnrootFacet.enrootDeposits(address,int96[],uint256[]) (contracts/beanstalk/silo/EnrootFacet.sol#133-198)\n\tBut does not have a function to withdraw the ether\n",
"markdown": "Contract locking ether found:\n\tContract [EnrootFacet](contracts/beanstalk/silo/EnrootFacet.sol#L19-L257) has payable functions:\n\t - [EnrootFacet.enrootDeposit(address,int96,uint256)](contracts/beanstalk/silo/EnrootFacet.sol#L76-L118)\n\t - [EnrootFacet.enrootDeposits(address,int96[],uint256[])](contracts/beanstalk/silo/EnrootFacet.sol#L133-L198)\n\tBut does not have a function to withdraw the ether\n",
"first_markdown_element": "contracts/beanstalk/silo/EnrootFacet.sol#L19-L257",
"id": "90672d9b3ca3687be7561add8eacd7c9d3e905b2c2ba9aaa2f15fdedf9629599",
"check": "locked-ether",
"impact": "Medium",
"confidence": "High"

Impact

Fund Locked in contract or attack case no way to take money out from it

Tools Used

Manual Review and slither

Recommendations

Add Withdraw functions.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Design choice
Assigned finding tags:

Stuck funds

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.