c4-pre-sort
commented
11 months ago raymondfam marked the issue as low quality report
Closed c4-submissions closed 11 months ago
c4-pre-sort
commented
11 months ago raymondfam marked the issue as low quality report
c4-pre-sort
commented
11 months ago raymondfam marked the issue as duplicate of #110
c4-judge
commented
11 months ago fatherGoose1 marked the issue as unsatisfactory: Invalid
c4-judge
commented
10 months ago fatherGoose1 marked the issue as not a duplicate
c4-judge
commented
10 months ago fatherGoose1 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-ethena/blob/ee67d9b542642c9757a6b826c82d0cae60256509/contracts/StakedUSDeV2.sol#L95-L106
Vulnerability details
Impact
A fully blacklisted user should not have access to any function of the protocol, but it is possible for a user to withdraw their funds right before being blacklisted. A fully blocked user is capable of frontrunning the addToBlacklist call by calling the cooldownAssets function. That way their funds would be transfered to the silo contract, allowing them to withdraw their funds after the cooldown has finished.
Tools Used
Manual review
Recommended Mitigation Steps
Include a check in the unstake function to check if the user is fully blocked.
Assessed type
Access Control