Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Emergency withdraw sends funds to the old treasury during the TREASURY_UPDATE_DELAY

ChainProof

Summary

Emergency withdraw funds should go to the new treasury address instead of old treasury during Emergency situations. .

Vulnerability Details

The emergencyWithdraw allows the EMERGENCY_ROLE owner to call the function during emergency situations to withdraw funds to the `tresury.

function emergencyWithdraw(address token) external override whenPaused {
if (!hasRole(EMERGENCY_ROLE, msg.sender)) revert UnauthorizedCaller();
if (token == address(0)) revert InvalidAddress();
uint256 balance;
if (token == address(raacToken)) {
balance = raacToken.balanceOf(address(this));
raacToken.safeTransfer(treasury, balance);
} else {
balance = IERC20(token).balanceOf(address(this));
SafeERC20.safeTransfer(IERC20(token), treasury, balance);
}
emit EmergencyWithdrawal(token, balance);
}

Consider the emergency situation. Admin call setTreasury to update treasury . In that period(TREASURY_UPDATE_DELAY) emergencyWithdraw is invoked due to emergency situation. Then funds is transferred to old treasury instead of new treasury.

Impact

Funds will go to the old treasury instead of the pending/new on emergency situations.

Tools Used

Manual review

Recommendations

  1. Since the EMERGENCY_ROLE is trusted, allow the role to specify a param for where to send the funds

  2. Or when in pending treasury is added, then send the funds to the pending tresury.

Updates

Lead Judging Commences

inallhonesty Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.