Part 2
Zaros
PerpetualsDEXFoundrySolidity
70,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Legitimate users` funds may be locked indefinitely

4eyes

Summary

In the vault redemption mechanism of VaultRouterBranch.sol, a critical flaw prevents legitimate users from withdrawing their assets when the vault's isLive status is set to false. Based on the natspec it seems like intended, but this restriction indefinitely locks legitimate user funds.

Vulnerability Details

The function Vault.loadLive(uint128 vaultId) enforces a strict condition that prevents interaction with a vault that is not in a live state:

function loadLive(uint128 vaultId) internal view returns (Data storage vault) {
vault = loadExisting(vaultId);
if (!vault.isLive) {
revert Errors.VaultIsDisabled(vaultId);
}
}

This implementation ensures that any operation requiring the vault to be live will immediately revert if isLive is set to false. However, this restriction also applies to the intitiateWithdrawal() and redeem() functions, which prevents users from withdrawing their assets once the vault is disabled.

Impact

Temporary or Permanent Asset Locking: Users are unable to withdraw their assets if the vault is disabled, leading to indefinite loss of funds.

Tools Used

Manual review

Recommendations

To mitigate this issue, it is recommended to introduce an emergency withdrawal function that allows legitimate users to withdraw their assets even when isLive == false.

Updates

Lead Judging Commences

inallhonesty Lead Judge
7 months ago
inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.