Liquid Staking

Stakelink

DeFiHardhatOracle

50,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Withdrawal from strategy will fail in some cases

takarez

Summary

Vulnerability Details

The withdrawLiquidity function of the StakingPool withdraws tokens from strategies when called by the PriorityPool. The function loops through all the strategies to withdraw the assets.

function _withdrawLiquidity(uint256 _amount, bytes[] calldata _data) private {

uint256 toWithdraw = _amount;

for (uint256 i = strategies.length; i > 0; i--) {

IStrategy strategy = IStrategy(strategies[i - 1]);

uint256 strategyCanWithdrawdraw = strategy.canWithdraw();

if (strategyCanWithdrawdraw >= toWithdraw) {

strategy.withdraw(toWithdraw, _data[i - 1]);

break;

} else if (strategyCanWithdrawdraw > 0) {

strategy.withdraw(strategyCanWithdrawdraw, _data[i - 1]);

toWithdraw -= strategyCanWithdrawdraw;

}

The issue with the current implementation is that a check is made by the strategy to ensure that a sufficient amount of unbonded tokens is available to proceed with the operation.

if (!fundFlowController.claimPeriodActive() || _amount > totalUnbonded)

revert InsufficientTokensUnbonded();

If the amount exceeds the total unbonded tokens, the call will revert. The issue is that this happens within a loop, meaning if the amount for one or more strategies exceeds the totalUnbonded, the entire transaction will revert.

Impact

The withdrawal of assets from the strategies will fail, causing the entire transaction to revert, even when it shouldn't.

Tools Used

Manual review

Recommendations

Implement a try-catch block to ensure that if one withdrawal fails and causes a revert, the remaining iterations in the loop will continue executing, allowing the other strategies to proceed with the withdrawal.

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Appeal created

takarez Submitter

8 months ago

inallhonesty Lead Judge

8 months ago

takarez Submitter

8 months ago

inallhonesty Lead Judge

8 months ago

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

50,000 USDC

nSLOC

2,530

20 USDC / LOC

High Medium

42,000 USDC

Low

4,250 USDC

Judges

3,750 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.