search

code-423n4 / 2023-05-asymmetry-mitigation-findings

2 stars 2 forks source link

Mitigation of H-07: Issue mitigated, with possibility for improvement #56

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

Mitigation of H-07: Issue mitigated, with possibility for improvement

Mitigated issue

H-07: Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol.

The issue was that attempting to withdraw more rETH than Rocket Pool's excess balance reverts Reth.withdraw(), DoS-ing unstake().

Mitigation review

Reth.withdraw() only calls RocketTokenRETHInterface(rethAddress()).burn(amount); if canWithdrawFromRocketPool(_amount) passes. canWithdrawFromRocketPool() correctly checks whether there is enough excess balance to withdraw. This prevents a revert. If _amount cannot be withdrawn from Rocket Pool, then RocketSwapRouter.swapFrom() is used with a 100% Balancer weight, which should always be available.

Possible improvement

RocketSwapRouter.swapFrom() already burns as much as possible from Rocket Pool so it is enough to direct all calls there.

romeroadrian commented 1 year ago

Needs label MR-H-07

c4-judge commented 1 year ago

Picodes marked the issue as satisfactory