DeFiHardhatFoundry
250,000 USDC
View results
Submission Details
Severity: low
Invalid

recieveL1Beans has no emergency control

Vulnerability Details

The migration to L2 is a major step for Beanstalk and as this involves critical protocol updates as:

  • Burning Beans on L1

  • Minting Beans on L2 and updating s.sys.migration.migratedL1Beans with the new amount to be minted.

This operation must be ensured to function only when the protocol is behaving as expected. In case any unexpected incident happens and the protocol needs to be paused, the minting of Beans on L2 will still remain and protocol can be at risk when minting beans should be paused.

Impact

  • When the protocol is paused due to an unexpected/major incident that is related to minting/burning beans, the migration process will not be covered, thus not pausing the development of the incident.

Tools Used

Manual Review

Recommendations

Ensure that the L2 migration is protected by the "pause" check.

function recieveL1Beans(address reciever, uint256 amount) external nonReentrant {
+ require(!s.sys.paused, "Season: Paused.");
// verify msg.sender is the cross-chain messenger address, and
// the xDomainMessageSender is the L1 Beanstalk contract.
require(
msg.sender == address(BRIDGE) &&
IL2Messenger(BRIDGE).xDomainMessageSender() == L1BEANSTALK
);
s.sys.migration.migratedL1Beans += amount;
require(
EXTERNAL_L1_BEANS >= s.sys.migration.migratedL1Beans,
"L2Migration: exceeds maximum migrated"
);
C.bean().mint(reciever, amount);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.