Lack of comprehensive pausability on important functions in pausable contracts.
Summary
Lack of comprehensive pausability on important functions in pausable contracts.
Vulnerability Details
Several contracts in /core are pausable as they inherit the Rescuable contract but the "whenNotPaused" modifier is not used on several core functions across these contracts. This makes the pausable functionality in the contracts useless. List of these contracts below
-
the src/core/TokenManager.sol contract inherits
Rescuableand has the pausability function but it doesnt use the pause modifiers in all important functions. Only uses it in the withdraw() function. This means withdraw from the contract can be paused but deposit related functions like tillIn() and addTokenBalance() cant be paused. So when contract is in a paused state users wont be able to withdraw but users can still deposit. In a high risk security event/scenario, it is better to pause deposits and withdrawals instead of pausing only withdrawals as unsuspecting users can still be compromised if they deposit. -
the src/core/SystemConfig.sol contract inherits
Rescuableand has the pausability function but it doesnt use the pause modifiers in all important functions/ user facing functions. Almost every function here uses theonlyOwnermodifier which ensures access restriction to only admin. But the updateReferrerInfo() doesnt have the onlyOwner() modifier and can be called by a user/protocol participant other than the owner/protocol admin. -
the src/core/PreMarkets.sol contract inherits
Rescuableand has the pausability function but it doesnt use the pause modifiers (whenNotPaused/whenPaused) in all important functions/ user facing functions. Pausing this contract does nothing, as users can still create offers, create takers, settle offers, list offers etc -
the src/core/DeliveryPlace.sol contract inherits
Rescuableand has the pausability function but it doesnt use the pause modifiers (whenNotPaused/whenPaused) in all important functions/ user facing functions. Pausing this contract does nothing, as users can still close bid offers,close bid takers, settle asks etc -
the src/core/CapitalPool.sol contract inherits
Rescuableand has the pausability function but it doesnt use the pause modifiers (whenNotPaused/whenPaused) in all important functions/ user facing functions. Pausing this contract does nothing to the CapitalPool.approve() function.
Impact
Lack of comprehensive pausability on important functions in pausable contracts.
Tools Used
manual review
Recommended Mitigation Steps
implement the whenNotPaused modifier in all user facing/external functions in these contracts
Lead Judging Commences
[invalid] finding-Rescuable-pause-no-effect
I believe this is informational and non-acceptable severity because: - A single pause on withdraw to be sufficient to pause the markets during times of emergencies, given that is the only function where collateral/point tokens/native ETH can be pulled from market transactions. - Every tadle market place can be switched offline by the admin via [`updateMarketPlaceStatus`](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/SystemConfig.sol#L160-L171) and is checked in market actions via [`checkMarketPlaceStatus`](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/libraries/MarketPlaceLibraries.sol#L54-L67) to be online. This prevents many major market actions including the creation, listing and settlement of offers.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.