Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Owner Cannot Rescue `rToken` and `rAacToken` in Emergency Situations in `StabilityPool` contract

0xaadi

Summary

The StabilityPool contract currently lacks a mechanism for the owner to rescue rToken and raacToken. This could lead to situations where these tokens become stuck due to unforeseen contract behavior or emergency situations, preventing the owner from recovering them when necessary.

Vulnerability Details

The contract can be paused during emergency situations to prevent further deposits and withdrawals, but the contract does not provide a function that allows the owner to withdraw rToken and raacToken in cases the contract is paused due emergency. This restriction could lead to permanent loss of these tokens.

Impact

Without a token rescue function, the owner has no means of recovering rToken and raacToken from the contract in emergency situations.

Tools Used

Manual Review

Recommendations

Implement a rescueTokens() function to allow the owner to withdraw rToken and raacToken

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Design choice

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.