Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Misconfigured Access Control on Emergency Shutdown Function

johny7173

Summary

The emergency shutdown function in the RAACMinter contract is intended to be restricted to accounts possessing a dedicated emergency shutdown role. However, the function currently uses the DEFAULT_ADMIN_ROLE for access control, bypassing the designated EMERGENCY_SHUTDOWN_ROLE.

Vulnerability Details

The contract declares a constant for the emergency shutdown role as follows:

bytes32 public constant EMERGENCY_SHUTDOWN_ROLE = keccak256("EMERGENCY_SHUTDOWN_ROLE");

Despite this, the emergencyShutdown function is implemented with the following access control modifier:

function emergencyShutdown(bool updateLastBlock, uint256 newLastUpdateBlock) external onlyRole(DEFAULT_ADMIN_ROLE) {

...

}

This misconfiguration means that only accounts with the DEFAULT_ADMIN_ROLE can trigger an emergency shutdown, instead of accounts specifically designated with the EMERGENCY_SHUTDOWN_ROLE. The intended separation of roles is therefore not enforced, potentially leading to scenarios where accounts with broader administrative privileges can exercise emergency control functions that were meant to be more restricted.

Impact

Over-Permissioned Access: The emergency shutdown functionality becomes accessible to all default admin accounts, which might not be desirable. This could allow an administrator with wide-ranging control to trigger an emergency shutdown without the additional checks intended for the emergency shutdown role.
Reduced Granularity of Control: The misconfigured access control undermines the intended separation of responsibilities, potentially increasing the risk of misuse or human error in crisis management scenarios.

Tools Used

Manual code review

Recommended Mitigation

Enforce Correct Role: Modify the emergencyShutdown function to use onlyRole(EMERGENCY_SHUTDOWN_ROLE) instead of onlyRole(DEFAULT_ADMIN_ROLE). This ensures that only those specifically designated with the emergency shutdown privileges can execute the function.

For example:

function emergencyShutdown(bool updateLastBlock, uint256 newLastUpdateBlock) external onlyRole(EMERGENCY_SHUTDOWN_ROLE) {
emissionRate = 0;
_pause();
if (updateLastBlock) {
_setLastUpdateBlock(newLastUpdateBlock);
}
emit EmergencyShutdown(msg.sender, lastUpdateBlock);
}

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Validated

Assigned finding tags:

RAACMinter defines EMERGENCY_SHUTDOWN_ROLE but emergencyShutdown uses DEFAULT_ADMIN_ROLE, and EMERGENCY_SHUTDOWN_ROLE is never granted to any account

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Validated

Assigned finding tags:

RAACMinter defines EMERGENCY_SHUTDOWN_ROLE but emergencyShutdown uses DEFAULT_ADMIN_ROLE, and EMERGENCY_SHUTDOWN_ROLE is never granted to any account

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.