Closed code423n4 closed 1 year ago
0xSorryNotSorry marked the issue as primary issue
This was already reported in the Consensys Diligence audit that is linked in the contest's README: https://consensys.net/diligence/audits/2023/03/eigenlabs-eigenlayer/#strategybase--inheritance-related-issues
Sidu28 marked the issue as sponsor disputed
GalloDaSballo marked the issue as unsatisfactory: Out of scope
Closing as known
Lines of code
https://github.com/code-423n4/2023-04-eigenlayer/blob/5e4872358cd2bda1936c29f460ece2308af4def6/src/contracts/strategies/StrategyBase.sol#L180-L188
Vulnerability details
Impact
An implementation of
sharesToUnderlying()
, as inherited fromStrategyBase.sol
, cannot (contrary to intentions) make state modifications. This implies thatStrategyBase.sol
may become useless as a base contract to inherit from.Proof of Concept
StrategyBase.sol
"is designed to be inherited by more complex strategies, which can then override its functions as necessary". Its functionsharesToUnderlying()
is explicitly intended to allow for an implementation that "may make state modifications":However, it is declared as
view
. Overriding functions can only restrict state mutability, never expand it. This means that any overriding function can only beview
orpure
, and therefore cannot make state changes. Note thatIStrategy
correctly declaressharesToUnderlying()
as nonpayable.There is a similar issue with
underlyingToShares()
, and probably also withexplanation()
, both reported separately.Recommended Mitigation Steps
Declare
sharesToUnderlying()
as the default nonpayable.Assessed type
Context