`OperatorVault.sol` implement a non-existing function
Summary
the OperatorVault.isRemoved() is calling stakeController.isRemoved() as follows.
https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/OperatorVault.sol#L213C5-L215C6
the issue is that originale IStaking.sol of chainlink implementation doesn't contains any function called isRemoved(), see Staking.sol and IStaking.sol:
https://etherscan.io/address/0x3feB1e09b4bb0E7f0387CeE092a52e85797ab889#code
propably the developer confuse between isRemoved() and isOperator()
Vulnerability Details
the following functions calls isRemoved() leading to a DOS of the Operators Vaults
https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/OperatorVault.sol#L226
https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/OperatorVCS.sol#L240
https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/OperatorVCS.sol#L279
Impact
all the following function will be dossed :
queueVaultRemoval(), getMaxDeposits() and exitVault().
Tools Used
manual review
Recommendations
i recomend to use Staking.isOperator()wich is implemented as we can see:
in Staking.sol line 612, and isOperator() calls s_pool._isOperator() internal function, see StakingPoolLib.sol line 197.
https://etherscan.io/address/0x3feB1e09b4bb0E7f0387CeE092a52e85797ab889#code
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.