Beanstalk: The Finale
Beanstalk
DeFiHardhatFoundry
250,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

The init functions of reseed can by initialized more than once by anyone.

0xsandy

Summary

The init functions of reseed can by initialized more than once by anyone.

Vulnerability Details

Let's take an example of ReseedWhitelist.sol#init() function:

function init(address[] calldata tokens, AssetSettings[] calldata asset) external {
for (uint256 i; i < tokens.length; i++) {
LibWhitelist.whitelistToken(
tokens[i],
asset[i].selector,
asset[i].stalkIssuedPerBdv,
asset[i].stalkEarnedPerSeason,
asset[i].encodeType,
asset[i].gaugePointImplementation.selector,
asset[i].liquidityWeightImplementation.selector,
asset[i].gaugePoints,
asset[i].optimalPercentDepositedBdv,
asset[i].oracleImplementation
);
}
}

This function can be called by anyone as many times as possible with any parameters.

Similarly, init function in ReseedSun.sol, ReseedSilo.sol, ReseedInternalBalances.sol, ReseedField.sol, ReseedBean.sol, ReseedBarn.sol also have the same issue.

Impact

This can break the accounting and integrity of the whole protocol.

Tools Used

Manual Analysis

Recommendations

Init functions should only be able to be called once while deploying. Also, enforce only owner to be able to call the init function.

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Too generic

Appeal created

0xsandy Submitter
11 months ago
inallhonesty Lead Judge
10 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.