Open c4-submissions opened 11 months ago
raymondfam marked the issue as insufficient quality report
raymondfam marked the issue as duplicate of #69
fatherGoose1 changed the severity to QA (Quality Assurance)
fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTConfig.sol#L109-L122
Vulnerability details
Proof of Concept
assetStrategy
sets where an asset will be deposited in terms of strategy. InupdateAssetStrategy
, the value ofassetStrategy
can be set, but it cannot be updated if it has already been set for an asset.Currently,
Eigenlayer
uses a passive hold strategy, and in the future, a strategy with higher interest rates may be introduced.In such cases, all assets deposited in Kelp will be defaulted to the basic hold strategy, which can diminish the protocol's attractiveness.
Tools Used
VS Code
Recommended Mitigation Steps
Modify
updateAssetStrategy
to allow updates even for assets that have already been set.Assessed type
Other