c4-judge
commented
1 year ago GalloDaSballo marked the issue as duplicate of #723
Closed c4-judge closed 1 year ago
c4-judge
commented
1 year ago GalloDaSballo marked the issue as duplicate of #723
GalloDaSballo
commented
1 year ago [L2] Withdrawable minipool can be finished before funds are withdrawn Given its name and docstings, the finishFailedMinipoolByMultisig function of the MinipoolManager is only intended to be executed by a trusted multisig to finish a minipool that is in the Error state. However, the function does not validate the current state of the minipool, but rather that it can be moved to the Finished state. This means that any healthy minipool in the Withdrawable state can be finished by the multisig using this function. In that scenario, the owner of the minipool would not be able to collect their funds or awards, which would be lost.
It's known that multisigs are already fully trusted actors in the system. Yet this appears to be an unintentional oversight in the finishFailedMinipoolByMultisig function that is granting unnecessary, untested and undocumented powers to the multisig.
c4-judge
commented
1 year ago GalloDaSballo marked the issue as satisfactory
Judge has assessed an item in Issue #260 as 2 risk. The relevant finding follows:
[L2] Withdrawable minipool can be finished before funds are withdrawn