Closed c4-submissions closed 11 months ago
raymondfam marked the issue as insufficient quality report
raymondfam marked the issue as duplicate of #36
fatherGoose1 changed the severity to QA (Quality Assurance)
fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L162 https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L71-L89
Vulnerability details
Impact
When
addNodeDelegatorContractToQueue
, the duplicate node can be added, the asset value can be double-counted.Proof of Concept
The node delegator is stored in
nodeDelegatorQueue
and there is no validation to prevent duplicated node delegator.As a result, the invalid sum of deposit may exist when query
getAssetDistributionData
:Tools Used
Manual
Recommended Mitigation Steps
Adding validation to prevent duplicate node delegator or using other data structure, for example, EnumerableSet: https://docs.openzeppelin.com/contracts/4.x/api/utils#EnumerableSet
Assessed type
Other