c4-pre-sort
commented
1 year ago raymondfam marked the issue as insufficient quality report
Open c4-submissions opened 1 year ago
c4-pre-sort
commented
1 year ago raymondfam marked the issue as insufficient quality report
c4-pre-sort
commented
1 year ago raymondfam marked the issue as duplicate of #38
c4-judge
commented
11 months ago fatherGoose1 changed the severity to QA (Quality Assurance)
c4-judge
commented
11 months ago fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/c5fdc2e62c5e1d78769f44d6e34a6fb9e40c00f0/src/LRTConfig.sol#L80-L89 https://github.com/code-423n4/2023-11-kelp/blob/c5fdc2e62c5e1d78769f44d6e34a6fb9e40c00f0/src/LRTConfig.sol#L73-L75
Vulnerability details
Impact
There is no way for MANAGER to remove an asset from supportedAssets.
Proof of Concept
X).X(for example eigenlayer governance decides to remove an asset), MANAGER is not able to remove that asset (assetX) from supportedAssets.Tools Used
Manual Review
Recommended Mitigation Steps
Consider adding a function that MANAGER is able to remove some asset from supportedAssets.
Assessed type
Context