search

code-423n4 / 2022-11-stakehouse-findings

1 stars 1 forks source link

`updateNodeRunnerWhitelistStatus` will alway revert #186

Closed code423n4 closed 1 year ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-11-stakehouse/blob/main/contracts/liquid-staking/LiquidStakingManager.sol#L280

Vulnerability details

Impact

In the function updateNodeRunnerWhitelistStatus its require statement will always fail

Proof of Concept

LiquidStakingManager.sol#L278-L284

278:    function updateNodeRunnerWhitelistStatus(address _nodeRunner, bool isWhitelisted) external onlyDAO {
279:        require(_nodeRunner != address(0), "Zero address");
280:        require(isNodeRunnerWhitelisted[_nodeRunner] != isNodeRunnerWhitelisted[_nodeRunner], "Unnecessary update to same status");
281:
282:        isNodeRunnerWhitelisted[_nodeRunner] = isWhitelisted;
283:        emit NodeRunnerWhitelistingStatusChanged(_nodeRunner, isWhitelisted);
284:    }

When updateNodeRunnerWhitelistStatus reaches line 280 the require statement check will always revert because the inequality (!=) operator checks whether its two operands are not equal to one another, returning a boolean result and since the left/right operand are both the same the inequality operator will always return false.

c4-judge commented 1 year ago

dmvt marked the issue as duplicate of #74

c4-judge commented 1 year ago

dmvt marked the issue as not a duplicate

c4-judge commented 1 year ago

dmvt marked the issue as duplicate of #67

c4-judge commented 1 year ago

dmvt marked the issue as satisfactory

C4-Staff commented 1 year ago

JeeberC4 marked the issue as duplicate of #378