Closed c4-submissions closed 11 months ago
raymondfam marked the issue as low quality report
raymondfam marked the issue as duplicate of #110
fatherGoose1 marked the issue as unsatisfactory: Invalid
fatherGoose1 marked the issue as not a duplicate
fatherGoose1 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-ethena/blob/ee67d9b542642c9757a6b826c82d0cae60256509/contracts/StakedUSDeV2.sol#L95-L106
Vulnerability details
Impact
A fully blacklisted user should not have access to any function of the protocol, but it is possible for a user to withdraw their funds right before being blacklisted. A fully blocked user is capable of frontrunning the addToBlacklist call by calling the cooldownAssets function. That way their funds would be transfered to the silo contract, allowing them to withdraw their funds after the cooldown has finished.
Tools Used
Manual review
Recommended Mitigation Steps
Include a check in the unstake function to check if the user is fully blocked.
Assessed type
Access Control