Closed c4-submissions closed 11 months ago
raymondfam marked the issue as insufficient quality report
raymondfam marked the issue as duplicate of #38
fatherGoose1 changed the severity to QA (Quality Assurance)
fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTDepositPool.sol#L202
Vulnerability details
Proof of Concept
LRTadmin can change maxNodeDelegatorCount and can also add new delegators contract(based on maxNodeDelegatorCount ). But if admin want to decrease maxNodeDelegatorCount , this will create problem since there is no way to remove delegator contract(assume maxNodeDelegatorCount is 10 and 10 delegator contracts are added). Admin can't intentionally remove any delegator contract since there is no way to remove it.
If any delegator contract is hacked or compromised , there is no way to remove the delegator contract . This can lead to DOS of function getRSETHPrice( contract LRTOracle) as every delegator contract is needed for calculation of totalETHInPool .
Tools Used
manual review
Recommended Mitigation Steps
Create a function to remove node delegator contract
Assessed type
Invalid Validation