search

code-423n4 / 2023-09-delegate-findings

2 stars 1 forks source link

To protect the contract in case of hacking or detection of incorrect operation, it is necessary to add pause and blacklist functions #313

Closed c4-submissions closed 11 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-09-delegate/blob/main/src/DelegateToken.sol#L1-L411

Vulnerability details

Impact

Cases of hacking and self-identification of errors in contact often occur. To protect the contract in such a case, the pause and blacklist functions in the contract are usually used. This would provide protection for the DelegateToken.sol contract in case of errors. However, these functions are absent in this contract. This may result in the inability to suspend the contract and loss of assets stored in the contract.

Tools Used

Manual review

Recommended Mitigation Steps

Add pause and blacklist functions from the OpenZeppelin library to the DelegateToken.sol contract

Assessed type

Governance

c4-judge commented 11 months ago

GalloDaSballo marked the issue as unsatisfactory: Invalid