kingyetifinance
commented
2 years ago @LilYeti: This is allowed, we can't just make old collateral not work if it is in a trove already.
Open code423n4 opened 2 years ago
kingyetifinance
commented
2 years ago @LilYeti: This is allowed, we can't just make old collateral not work if it is in a trove already.
alcueca
commented
2 years ago Downgraded to code clarity issue, please document what active means.
Handle
csanuragjain
Vulnerability details
Impact
Deprecated collateral can still be used and sent
Proof of Concept
Navigate to contract at https://github.com/code-423n4/2021-12-yetifinance/blob/main/packages/contracts/contracts/ActivePool.sol
Observe that both sendCollaterals and _sendCollateral are missing checks for deprecated collateral (collateralParams[_collateral].active), thus allowing deprecated collateral to be transferred from one pool to another
Recommended Mitigation Steps
Add a check for collateralParams[_collateral].active before transferring collateral via sendCollaterals