dmvt
commented
1 year ago Lack of two step process for address changes is considered QA.
Closed code423n4 closed 1 year ago
dmvt
commented
1 year ago Lack of two step process for address changes is considered QA.
c4-judge
commented
1 year ago dmvt marked the issue as unsatisfactory: Overinflated severity
Lines of code
https://github.com/code-423n4/2022-11-stakehouse/blob/main/contracts/liquid-staking/LiquidStakingManager.sol#L356-L377
Vulnerability details
Impact
rotateNodeRunnerOfSmartWallet()is used to change the current node runner. However, if the_newaddress is a non-zero non-existent account due to typo or other reasons, the nodeRunner will be tranfserred to an inaccessible non-existent account. Although it can be rotated to a right one by thedao, it will create unfriendly customer experience.Proof of Concept
rotateNodeRunnerOfSmartWallet()is called with a non-zero non-existent_newaccount, the call will succeed as_newwill pass all tests. However, the nodeRunner is transferred to a non-accessible account.Tools Used
Manual audit.
Recommended Mitigation Steps
Take a two-step role change pattern. Step 1:
nodeRunnerordaoregister the potential nodeRunner in the contract; Step2: implement a function, which can be called only by the potential nodeRunner, for the potential nodeRunner to replace the current nodeRunner with itself.