Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Function can throw a confusing error for frontend application and cause reporting of invalid pool state

helium

Summary

The function modifySupportedPool() incorrectly throws a PoolNotSupported() error even if the pool is supported.

Vulnerability Details

The function modifySupportedPool() incorrectly throws a PoolNotSupported() error even if the pool is supported. This can cause a situation where a frontend app monitoring the error will report an already supported pool as not supported for users interacting with the app.
As seen in the code:

function modifySupportedPool(address pool, bool isSupported) external onlyRole(MANAGER_ROLE) {
if (pool == address(0)) revert InvalidPool();
if (supportedPools[pool] == isSupported) revert PoolNotSupported();
supportedPools[pool] = isSupported;
if (isSupported) {
emit PoolAdded(pool);
} else {
emit PoolRemoved(pool);
}
}

If isSupported == true and the pool is already supported (i.e supportedPools[pool] == true ) the function logic will throw a PoolNotSupported() error although the pool is supported.

Impact

Incoherence between the pool real state and error thrown .In case a frontend app is monitoring the pool state to take automated actions this can be misleading

Tools Used

Manual review

Recommendations

Correct the logic and throw a correct error ( for example: poolIsAlreadySupported for already supported pools ).

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!