Last Man Standing
First Flight #45
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Impact: medium
Likelihood: high
Invalid

Missing Emergency Stop Mechanism .

thesandf

Root + Impact

Description

  • In secure smart contract design, best practices recommend an emergency stop (circuit breaker) to allow privileged users (e.g. the owner or governance) to pause critical functionality during emergencies, such as unexpected exploits or system failures.

  • This contract lacks any pause feature, leaving no mechanism to halt operations like withdrawals, deposits, or state updates once deployed.

// No circuit breaker or pause logic
function withdraw() external {
@> // Missing `whenNotPaused` or similar guarding modifier
...
}

Risk

Likelihood: High

  • Critical functions like withdraw() or deposit() remain active even in emergencies, and the contract has no ability to restrict usage during attacks.

  • In high-risk environments or during logic failures, users may continue to interact without interruption.

Impact: Medium

  • Funds can continue to flow during an attack or bug, potentially exacerbating loss or exposure.

  • Inability to pause functionality significantly hampers damage control options and may damage protocol trust.

Proof of Concept

Here’s a simplified scenario illustrating the risk without needing external data:

contract Vulnerable {
function withdraw() public {
// Without a pause guard, this remains callable even during logic reversions or attacks
payable(msg.sender).transfer(balances[msg.sender]);
}
}
contract Attacker {
function attack(Vulnerable target) external {
target.withdraw();
// Repeated calls will continue unless the contract is modified or disabled
}
}

Explanation:
There is no paused state variable or whenNotPaused modifier. Therefore, critical features cannot be disabled in response to an exploit — attackers or users may continue to trigger them indefinitely.

Recommended Mitigation

Adopt a pause mechanism to secure critical operations during emergencies.

+ bool public paused;
+ modifier whenNotPaused() {
+ require(!paused, "Paused");
+ _;
+ }
+ function pause() external onlyOwner {
+ paused = true;
+ }
+ function unpause() external onlyOwner {
+ paused = false;
+ }
- function withdraw() external {
+ function withdraw() external whenNotPaused {
...
}

Alternatively, use OpenZeppelin’s audited Pausable contract:

import "@openzeppelin/contracts/security/Pausable.sol";
contract Yours is Pausable, Ownable {
function pause() external onlyOwner {
_pause();
}
function unpause() external onlyOwner {
_unpause();
}
function withdraw() external whenNotPaused {
...
}
}
Updates

Appeal created

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
thesandf Submitter
about 2 months ago
inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.