TempleGold

TempleDAO
Foundry
25,000 USDC
View results
Submission Details
Severity: low
Invalid

Treasury Cannot Be Updated From The Protocol

Summary

If a vulnerable DaiGoldAuction.sol#treasury is being exploited by an attacker, there is no way to update the vulnerable Treasury from the protocol.

Vulnerability Details

The protocol is missing the feature to remove an treasury. Once an treasury has been set in the constructor() , it is not possible to upgrade the treasury from the contract.

constructor(
address _templeGold,
address _bidToken,
address _treasury,
address _rescuer,
address _executor
) TempleElevatedAccess(_rescuer, _executor) {
templeGold = ITempleGold(_templeGold);
bidToken = IERC20(_bidToken);
treasury = _treasury;
}

In the event that the treasury is found to be vulnerable and has been actively exploited by an attacker in the wild, the protocol needs to mitigate the issue swiftly by removing the vulnerable Treasury from the protocol. However, the mitigation effort will be hindered by the fact there is no way to remove an Treasury within the contract once it has been deployed.

Impact

It might not be possible to stop the attacker from exploiting the vulnerable Treasury. The protocol team would need to find a workaround to block the attack, which will introduce an unnecessary delay to the recovery process where every second counts.

Tools Used

Manual Review

Recommendations

Consider implementing an additional function to allow the removal of an Treasury from the protocol, so that vulnerable Treasury can be removed swiftly if needed.

function setTreasury(address _treasury) external override onlyElevatedAccess {
if (_treasury == address(0)) { revert CommonEventsAndErrors.InvalidAddress();
treasury = _treasury;
emit TreasurySet(_treasury);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.