Open code423n4 opened 2 years ago
defsec
On the deposit and other functions, some of the functions are checked when the contract is paused. However, other functions like unlock or transferinsturance does not have any pause protection.
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L260
None
Review all the function behaviours and put extra pause check.
Handle
defsec
Vulnerability details
Impact
On the deposit and other functions, some of the functions are checked when the contract is paused. However, other functions like unlock or transferinsturance does not have any pause protection.
Proof of Concept
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L260
Tools Used
None
Recommended Mitigation Steps
Review all the function behaviours and put extra pause check.