Fjord streams coming from no longer authorized sender is still staked on FjordStaking if canceled
Summary
Fjord streams coming from no longer authorizedSablierSender is still staked on FjordStaking if stream is canceled.
Vulnerability Details
authorizedSablierSenders can lose their status in removeAuthorizedSablierSender(address). However, if streams coming from this sender are canceled - they are still going to be staked on the contract.
Scenario:
1. An authorized stream sender creates a stream that is later staked on the contract.
2. Authorized sender loses his status.
3. Stream made from no longer authorized sender is canceled.
4. Stream is still staked on contract if the senderAmount is lower than data.amount - see onStreamCanceled hook.
One could argue that in the case this IS a bug then it should be handled by removing all streams from an unauthorized sender when a sender loses his authority - however there is no reason to remove a stream that is not canceled. Only when it becomes canceled does it make sense for the contract to unstake the stream - because unauthorized senders can't stake cancellable streams.
Impact
Streams coming from no longer authorizedSablierSender is still staked on FjordStaking if canceled.
Breaks the invariant of having only AuthorizedSenders streams on contract.
Contest details:
AuthorizedSender: Address of the owner whose cancellable Sablier streams will be accepted.
Tools Used
Manual review
Recommendations
Check in onStreamCanceled hook if sender is still an authorizedSablierSender. If not - unstake the Sablier stream in its entirety.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.