TempleGold

TempleDAO

Foundry

25,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Lack of whenNotPaused Modifier on Critical Functions in TempleGoldStaking

josh4324

Summary

The TempleGoldStaking inherits the pausable contract to enable the contract to be able to pause critical functions during unexpected or malicious activities, but the whenNotPaused Modifier was only used on the TempleGoldStaking::stakeFor function.

Vulnerability Details

The TempleGoldStaking has a number of critical functions that are user-facing such as TempleGoldStaking::withdraw and TempleGoldStaking::withdrawAll, the whenNotPaused Modifier was not added to the listed functions. This modifier is essential for functions that involve critical operations such as transfers, state changes, and sensitive computations. By not applying this modifier, these functions remain executable even when the contract should be paused, exposing the contract to potential risks and exploits.

function withdraw(uint256 amount, uint256 index, bool claim) external override {

console.log("here");

StakeInfo storage _stakeInfo = _stakeInfos[msg.sender][index];

console.log("here2");

_withdrawFor(_stakeInfo, msg.sender, msg.sender, index, amount, claim, msg.sender);

}

/**

* @notice Withdraw all staked tokens

* @param claim Boolean if to claim rewards

function withdrawAll(uint256 stakeIndex, bool claim) external override {

StakeInfo storage _stakeInfo = _stakeInfos[msg.sender][stakeIndex];

_withdrawFor(_stakeInfo, msg.sender, msg.sender, stakeIndex, _stakeInfo.amount, claim, msg.sender);

}

Impact

Critical functions may be executed during periods of uncertainty or attacks, leading to potential exploits, unauthorized transactions, or state changes.

Tools Used

Manual Review

Recommendations

Ensure that all critical functions are protected by the whenNotPaused modifier to prevent their execution when the contract is paused.

function withdraw(uint256 amount, uint256 index, bool claim) external whenNotPaused override {

console.log("here");

StakeInfo storage _stakeInfo = _stakeInfos[msg.sender][index];

console.log("here2");

_withdrawFor(_stakeInfo, msg.sender, msg.sender, index, amount, claim, msg.sender);

}

/**

* @notice Withdraw all staked tokens

* @param claim Boolean if to claim rewards

function withdrawAll(uint256 stakeIndex, bool claim) external whenNotPaused override {

StakeInfo storage _stakeInfo = _stakeInfos[msg.sender][stakeIndex];

_withdrawFor(_stakeInfo, msg.sender, msg.sender, stakeIndex, _stakeInfo.amount, claim, msg.sender);

}

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Only migrator should be able to perform actions when contract is paused.

Prize pool breakdown

Total prize

25,000 USDC

nSLOC

998

25 USDC / LOC

High Medium

20,000 USDC

Low

2,500 USDC

Judges

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.