Missing whenNotPaused Modifiers in TokenManager Contract
Summary
TokenManager contract has been reviewed, and it was found that several critical functions lack the whenNotPaused modifier. This omission could lead to various issues, including state inconsistencies, security risks, and management confusion during periods when the contract is paused. It is crucial to ensure that all functions related to state changes, fund management, and key business logic are appropriately protected to prevent operations when the contract is paused.
Vulnerability Details
Several functions in TokenManager contract do not include the whenNotPaused modifier. This means that these functions can still be called even when the contract is paused, leading to potential issues such as:
State Inconsistencies: Users can continue to call the tillIn function to deposit tokens while the withdraw function is paused, leading to an imbalance and user frustration.
Fund Security Risks: Allowing the tillIn function to operate during a contract pause could exacerbate security vulnerabilities, enabling attackers to exploit the contract.
Management Confusion: Functions like updateTokenWhiteListed could still be called by the owner during a pause, leading to unnecessary or erroneous changes and complicating the resolution of the issues that caused the pause.
Impact
The lack of the whenNotPaused modifier on critical functions can result in:
State Inconsistencies: Users can deposit tokens without being able to withdraw them, causing a mismatch in user balances and potential user dissatisfaction.
Increased Security Risks: Attackers could exploit vulnerabilities even during a contract pause, potentially leading to further financial loss or compromise of the contract's integrity.
Operational Confusion: The contract owner might make changes to the token whitelist or other configurations during a pause, complicating the management and resolution of the issues that necessitated the pause.
Tools Used
Manual Review
Recommendations
Ensure that all functions involved in state changes, fund management, and key business logic include the whenNotPaused modifier. This will prevent these functions from being called when the contract is paused, maintaining consistency and security.
Lead Judging Commences
[invalid] finding-Rescuable-pause-no-effect
I believe this is informational and non-acceptable severity because: - A single pause on withdraw to be sufficient to pause the markets during times of emergencies, given that is the only function where collateral/point tokens/native ETH can be pulled from market transactions. - Every tadle market place can be switched offline by the admin via [`updateMarketPlaceStatus`](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/SystemConfig.sol#L160-L171) and is checked in market actions via [`checkMarketPlaceStatus`](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/libraries/MarketPlaceLibraries.sol#L54-L67) to be online. This prevents many major market actions including the creation, listing and settlement of offers.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.