Dria

Swan

NFTHardhat

21,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Missing Emergency Token Recovery Mechanism In Oracle Registry

cheatc0d33

Summary

The LLMOracleRegistry contract lacks any mechanism for emergency token withdrawal, leaving funds permanently locked if critical issues occur (token blacklisting, upgrades, contract bugs). Without this safety mechanism, both users and administrators have no recourse to recover stuck tokens in emergency situations, potentially leading to permanent loss of staked funds.

Current Implementation

https://github.com/Cyfrin/2024-10-swan-dria/blob/main/contracts/llm/LLMOracleRegistry.sol#L117

function unregister(LLMOracleKind kind) public returns (uint256 amount) {

amount = registrations[msg.sender][kind];

delete registrations[msg.sender][kind];

token.approve(msg.sender, token.allowance(address(this), msg.sender) + amount);

}

The contract lacks any emergency withdrawal functionality. This means if tokens get stuck due to any reason (token blacklisting, contract bugs, token upgrades), there's no way to rescue them. The owner/admin has no mechanism to handle critical situations.

Impact

No way to rescue stuck tokens in emergencies
Contract funds could be permanently lost in critical situations
No admin override for system-wide issues
Affects all users if token contract is upgraded/changed

Recommended Fix

contract LLMOracleRegistry {

error NotEnoughBalance();

event EmergencyWithdrawal(address token, uint256 amount, address recipient);

function emergencyWithdraw(

address tokenAddress,

address recipient

) external onlyOwner {

uint256 balance = IERC20(tokenAddress).balanceOf(address(this));

if (balance == 0) revert NotEnoughBalance();

IERC20(tokenAddress).safeTransfer(recipient, balance);

emit EmergencyWithdrawal(tokenAddress, balance, recipient);

}

This addition provides:

Emergency access for owner
Ability to rescue any tokens stuck in contract
Transparent logging of emergency actions
Safety mechanism for system-wide issues

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago

Submission Judgement Published

Invalidated

Reason: Out of scope

Prize pool breakdown

Total prize

21,000 USDC

nSLOC

1,034

20 USDC / LOC

High Medium

20,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.