search

code-423n4 / 2024-01-opus-findings

0 stars 0 forks source link

No way to take out initial_yang_amts after closing shrine #190

Closed c4-bot-3 closed 7 months ago

c4-bot-3 commented 8 months ago

Lines of code

https://github.com/code-423n4/2024-01-opus/blob/main/src/core/sentinel.cairo#L201-L206

Vulnerability details

Impact

When a new yang is added, to avoid deposit front running, an initial token amount of 1000, will be added. But there is no mechanism implementation to takeout those tokens back. This will make the tokens to be stuck inside the shrine.

Tools Used

Manual Review

Recommended Mitigation Steps

Add a mechanism to get the initial token amounts out even after closing shrine.

Assessed type

Token-Transfer

c4-pre-sort commented 7 months ago

bytes032 marked the issue as insufficient quality report

c4-judge commented 7 months ago

alex-ppg marked the issue as duplicate of #215

c4-judge commented 7 months ago

alex-ppg marked the issue as unsatisfactory: Invalid