Liquid Staking

Stakelink

DeFiHardhatOracle

50,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Cancel Withdrawal Functionality Missing In PriorityPool

allengeorge

Summary

Once a user Initiates a Withdrawal Request and the request is queued , there is no mechanism/Functionality to cancel the request.

Vulnerability Details

The PriorityPool.solallows the users to initiate a Withdrawal. If a user later wants to cancel the Withdrawal Request due to change of intent or any other reason , the user can't do that.

Impact

No flexibility to handle mistakes by the user.
The Impact is low but the likelihood is High.

Tools Used

Manual Review

Recommendations

Add a cancelWithdrawal functionality. Make sure it's been called by the initiater of the withdrawal function only.
Ensure there is a time interval between cancelWithdraw and the next withdrawalRequest .

Updates

Lead Judging Commences

inallhonesty Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Design choice

Prize pool breakdown

Total prize

50,000 USDC

nSLOC

2,530

20 USDC / LOC

High Medium

42,000 USDC

Low

4,250 USDC

Judges

3,750 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.