Sablier

DeFiFoundry

53,440 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

SablierV2Lockup.sol#_statusOf() - If _calculateStreamedAmount = withdrawAmount the function will incorrectly return status STREAMING, while the stream is technically frozen.

EgisSecurity

Summary

SablierV2LockupLinear has a special case in _calculateStreamedAmount:

// Although the streamed amount should never exceed the deposited amount, this condition is checked

// without asserting to avoid locking funds in case of a bug. If this situation occurs, the withdrawn

// amount is considered to be the streamed amount, and the stream is effectively frozen.

if (streamedAmount.gt(depositedAmount)) {

return _streams[streamId].amounts.withdrawn;

}

Vulnerability Details

This happens when streamedAmount > depositedAmount. The comment above states that the stream will technically be frozen, as no one can withdraw.

The issue is how _statusOf handles this case.

function _statusOf(uint256 streamId) internal view returns (Lockup.Status) {

if (_streams[streamId].isDepleted) {

return Lockup.Status.DEPLETED;

} else if (_streams[streamId].wasCanceled) {

return Lockup.Status.CANCELED;

}

if (block.timestamp < _streams[streamId].startTime) {

return Lockup.Status.PENDING;

}

if (_calculateStreamedAmount(streamId) < _streams[streamId].amounts.deposited) {

return Lockup.Status.STREAMING;

} else {

return Lockup.Status.SETTLED;

}

You can see that there is no special case for this situation and most likely the code will enter:

if (_calculateStreamedAmount(streamId) < _streams[streamId].amounts.deposited) {

return Lockup.Status.STREAMING;

}

And think that the stream is still streaming and is warm, but it's technically not as it's frozen.

This will affect any function that uses _statusOf

Impact

Incorrect data

Tools Used

Manual Review

Recommendations

Have a special case for when _calculateStreamedAmount == withdrawn and handle it in _statusOf, so it returns a correct status.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

Info/Gas/Invalid as per Docs

https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity

Prize pool breakdown

Total prize

53,440 USDC

nSLOC

2,655

20 USDC / LOC

High Medium

45,000 USDC

Low

3,100 USDC

Judges

5,340 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.