Alchemix Transmuter

Summary

The strategy lacks implementation of _emergencyWithdraw, defaulting to the no-op implementation from BaseStrategy. In case of emergencies where Transmuter is compromised, this forces each user to withdraw individually rather than allowing management to quickly withdraw all funds back to the strategy contract, potentially putting user funds at unnecessary risk.

Vulnerability Details

In BaseStrategy, _emergencyWithdraw is provided as an empty virtual function:

The strategy inherits this without override, meaning TX doing emergency withdrawal will succeed but do nothing. In case Transmuter is compromised:

1. Emergency admin can call shutdownStrategy()

2. But calling emergencyWithdraw() has no effect

3. Each user must individually call withdraw() to get their funds out

4. This process is time-consuming and leaves user funds exposed to the compromised Transmuter for longer period of time

Impact

Medium. While funds can still be withdrawn, the lack of emergency withdrawal mechanism means:

• In case of Transmuter compromise, response time is significantly increased

• Users who are not actively monitoring the situation might have their funds at risk longer

• Gas costs and operational overhead are increased by requiring individual withdrawals

Tools Used

Manual Review

Recommendations

Implement _emergencyWithdraw to allow management to quickly withdraw all funds from Transmuter in emergency situations:

This allows emergency admin to:

1. Call shutdownStrategy()

2. Call emergencyWithdraw to pull all funds back to strategy

3. Users can then withdraw directly from strategy without interacting with potentially compromised Transmuter