Closed c4-submissions closed 11 months ago
raymondfam marked the issue as sufficient quality report
raymondfam marked the issue as duplicate of #197
fatherGoose1 marked the issue as unsatisfactory: Invalid
fatherGoose1 marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L202 https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/NodeDelegator.sol#L121 https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/NodeDelegator.sol#L94
Vulnerability details
Impact
Previous strategy is overwritten and can cause tokens to be lost forever.
Proof of Concept
When the asset strategy is updated, it doesn't transfer the current strategy asset balance to the new one.
This futher translates to the
getAssetBalance
andgetAssetBalances
functions which inturn affects the returned value of thegetTotalAssetDeposits
and affects thersETH
pricing. See my other issues for more info.Tools Used
Manual code review
Recommended Mitigation Steps
Use safeTransferFrom to send the asset balance to the new strategy.
Assessed type
Other