In the UpliftOnlyExample, which is built on top of Balancer, when the pool enters recovery mode, the essential hooks that should burn user NFTs and update fee data are completely bypassed. It is bcz during recovery mode, balancer bypasses hooks. This flaw allows users to perform emergency withdrawals without their NFTs being destroyed or their fee records being updated. Consequently, users can withdraw their funds multiple times using the same NFT, leading to potential double withdrawals and inaccurate fee tracking within the system.
Users can exploit the emergency withdrawal function to withdraw funds multiple times by bypassing NFT burning and fee updates.
Ensure that all critical hooks, such as NFT burning and fee data updates, are executed even during recovery mode to prevent unauthorized multiple withdrawals.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.