Description
The contract's emergency resolution path lacks a strict state-transition recovery mechanism if the automated ledger architecture fails to transition the pool from UNRESOLVED to CORRUPTED. Because there is no dedicated, standalone settle() interface, the outcome configuration is heavily coupled within the claimExpired() pathway.
If an operational synchronization error occurs post-expiry, the pool status remains trapped in the UNRESOLVED state indefinitely. As verified via local Forge testing execution logs, whenever the pool fails to transition its outcome status, both claimCorrupted() and claimAttackerBounty() will systematically throw an OutcomeNotSet() revert. This creates an unrecoverable logic deadlock, rendering the emergency claim gateways permanently inaccessible and leaving residual pool capital frozen inside the contract.
Likelihood:
This deadlock triggers automatically on any active pool environment that experiences synchronization failure, data lag, or delayed registry resolution inputs after passing the fixed expiry term deadline.
Impact:
Permanent Freeze of Emergency Funds: The recoveryAddress is entirely blocked from sweeping the residual contract balances, causing capital to be trapped forever.
Bounty Distribution Failure: Honest ethical hackers/attackers cannot claim their good-faith bounties because the system stays locked in the UNRESOLVED state, leading to a complete Denial of Service on the protocol's insurance layers.
Introduce a hardcoded fail-safe grace period window after the expiry deadline. If the automated registry fails to transition the state within this window, allow an authorized actor or the recoveryAddress to manually override the outcome state to prevent permanent capital lockup.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.