M-04 MitigationConfirmed

[c4-bot-1]

Lines of code

Vulnerability details

C4 Issue

M-04: DoS of Rental stopping mechanism

Comments

Rentals that had an onStart() hook, were forced to have an onStop() hook as well, but that wasn't enforced. In addition, hooks could be disabled. The problem is that trying to end the rental on those situations, would always revert given how it was implemented.

Mitigation

PR-9: Make onStart and onStop hooks independent of one another

• Hooks can now be configured independently via a bitmap.
  • It is possible to have hooks with just onStart(), onStop(), onTransaction(), or a combination of any of them
• Hooks won't revert if they are disabled. This is now valid for both onStart(), and mainly for onStop(), which prevented ending rentals, leading to the described DOS.
  • onTransaction() is working as expected as well
• Tests were added for both onStart() and onStop() hooks

Conclusions

Successful Mitigation

[c4-judge]

gzeon-c4 marked the issue as satisfactory

[c4-judge]

gzeon-c4 marked the issue as confirmed for report